Commit Graph

3030 Commits (f99850b5d3fc8d3c884f97c529881097342c8802)

Author SHA1 Message Date
Simon McVittie 2afb0dd663 Do not directly enable emailauth by default, only indirectly via openid
This avoids nasty surprises on upgrade if a site is using httpauth,
or passwordauth with an account_creation_password, and relying on
only a select group of users being able to edit the site. We can revisit
this for ikiwiki 4.
2015-05-27 08:52:01 +01:00
https://id.koumbit.net/anarcat 599e16aef2 openid spam happens, as it turns out 2015-05-25 13:26:03 -04:00
Antoine Beaupré 66c21af8ba Revert "WU trf, train tickets, ship shop, cvv, complete fullz, dumps"
This reverts commit 1d05cf33fb.
2015-05-25 13:17:56 -04:00
https://me.yahoo.com/a/NyYLSvhuu9XQ3TQ79dx8Peg5GY1VfiNezVI-#df77b 1d05cf33fb WU trf, train tickets, ship shop, cvv, complete fullz, dumps 2015-05-25 09:06:26 -04:00
spalax 4268a63be5 typo 2015-05-21 12:29:21 -04:00
spalax 9ee5f1626e Question about python path for external plugins. 2015-05-21 12:28:33 -04:00
Amitai Schlair da0baca91b Idea: embedded podcast A/V player. 2015-05-17 18:44:30 -04:00
Joey Hess ab1bba9dab cloak user PII when making commits etc, and let cloaked PII be used in banned_users
This was needed due to emailauth, but I've also wrapped all IP address
exposure in cloak(), although the function doesn't yet cloak IP addresses.

(One IP address I didn't cloak is the one that appears on the password
reset email template. That is expected to be the user's own IP address,
so ok to show it to them.)

Thanks to smcv for the pointer to
http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2015-05-14 11:58:21 -04:00
Joey Hess 2a64eea0f5 comments 2015-05-14 11:02:57 -04:00
Joey Hess 85a529db3d passwordauth: Don't allow registering accounts that look like openids.
Also prohibit @ in account names, in case the file regexp was relaxed to
allow it.
2015-05-14 10:57:56 -04:00
Joey Hess 804144402b Merge branch 'master' of ssh://git.ikiwiki.info 2015-05-14 10:46:59 -04:00
Joey Hess f1f3d4c6e7 update re passwordauth @ 2015-05-14 10:41:07 -04:00
https://id.koumbit.net/anarcat 7ef44d84d6 acls and expectations 2015-05-14 08:22:29 -04:00
kjs dd1dceef47 Critical of automatic merging of stylesheets 2015-05-14 08:14:37 -04:00
kjs 71ddaa5adb 2015-05-14 07:06:43 -04:00
smcv 20d8557c7b please do cloak email addresses, the principle of least astonishment applies 2015-05-14 06:05:58 -04:00
smcv 42b3b1f63a proposal for making emailauth not force username == email address 2015-05-14 05:49:45 -04:00
Joey Hess 369bfd45cc close 2015-05-13 23:42:34 -04:00
Joey Hess ee2905ae0a comments 2015-05-13 16:49:12 -04:00
https://id.koumbit.net/anarcat 5d49b5c115 link to indieauth and mention existing problems with this approach 2015-05-13 15:49:18 -04:00
Joey Hess 370261e715 thoughts 2015-05-13 14:31:08 -04:00
Joey Hess b9a2c3bfde tyo 2015-05-13 14:23:10 -04:00
Joey Hess 3575f939d8 update 2015-05-13 14:22:08 -04:00
Joey Hess ccd285b986 update 2015-05-13 14:19:38 -04:00
Joey Hess c455d51556 proposal 2015-05-13 14:16:16 -04:00
Joey Hess 6f627420b5 close 2015-05-13 13:41:16 -04:00
https://id.koumbit.net/anarcat 9446d3faee underlay plugin needs to be enabled of course 2015-05-02 19:32:34 -04:00
https://www.google.com/accounts/o8/id?id=AItOawkickHAzX_uVJMd_vFJjae6SLs2G38URPU 651eba5478 Yes to leaflet.js 2015-04-19 04:54:00 -04:00
Amitai Schlair e9afe7eb6c Looking again at fancying up podcasts for iTunes. 2015-04-18 21:17:29 -04:00
https://id.koumbit.net/anarcat 1dae5fafe0 split it 2015-04-18 15:04:58 -04:00
cbaines a4f69f126e Start discussion regarding OpenLayers 2 2015-04-18 14:21:49 -04:00
https://id.koumbit.net/anarcat 948646f7b9 2015-04-18 13:44:45 -04:00
https://id.koumbit.net/anarcat 6deeb32ed6 2015-04-18 13:42:44 -04:00
https://id.koumbit.net/anarcat 121e9132f3 security review seems to say this is an okay change 2015-03-30 19:24:45 -04:00
https://id.koumbit.net/anarcat 9f003b651d ouf, works! 2015-03-28 12:47:50 -04:00
https://id.koumbit.net/anarcat 969881fd19 fail 2015-03-28 12:42:02 -04:00
https://id.koumbit.net/anarcat 6b777f58cf figure it out at last: would need review from smcv for symlink security 2015-03-28 12:29:42 -04:00
https://id.koumbit.net/anarcat 011b2af8c5 another attempt 2015-03-28 03:45:09 -04:00
https://id.koumbit.net/anarcat bff9a88376 2015-03-28 01:55:56 -04:00
https://openid.stackexchange.com/user/bd7676f7-83b5-4a71-82a6-d4df0fab61ca 86e63254ff 2015-03-03 10:29:18 -04:00
Joey Hess ef0b4a1181 request 2015-03-02 13:26:57 -04:00
Christopher Baines 30540c0fc1 Add comment to the osm plugin icon patch page 2015-02-28 15:24:47 +00:00
smcv 92f03c3400 remove content-free entry
This reverts commit b32969f9a0
2015-02-15 11:49:18 -04:00
https://www.google.com/accounts/o8/id?id=AItOawm7gmXyIO61h2jaI2Q7aQwpRs54R5gO8j4 b32969f9a0 2015-02-14 16:30:14 -04:00
https://id.koumbit.net/anarcat 4663c0df5c indyauth support? 2015-02-09 12:09:46 -04:00
http://smcv.pseudorandom.co.uk/ 342ac6c3be move the tl;dr summary to the top (plugins/highlight is recommended) 2015-01-27 10:05:57 -04:00
https://www.google.com/accounts/o8/id?id=AItOawmrJfqoulIxVcbv4FI52d0N1lBfWOMeNXc 6d8fd9bf0d providing the .po file so that it can be included 2015-01-15 13:30:39 -04:00
Amitai Schlair 04596b5a37 closing this 2014-12-28 17:22:28 -05:00
https://www.google.com/accounts/o8/id?id=AItOawlHLiVkr16cy4E11FqrDFre19QM_5u3hBo 924862b627 Suggest to drop the first patch, probably incorrect. 2014-12-28 17:16:36 -04:00
Amitai Schlair eacb0c3196 Applied one patch, need more info for the other. 2014-12-27 17:28:28 -05:00