Brion Vibber [Sun, 21 Feb 2010 22:46:26 +0000 (14:46 -0800)]
OStatus PuSH fixes:
- hub now defers subscription state updates until after verification, per spec
- hub now supports synchronous verification when requested (if async is not requested after)
- client now requests synchronous verification (it's a bit safer)
- cleanup on subscription logging/error responses
Brion Vibber [Sun, 21 Feb 2010 23:21:18 +0000 (15:21 -0800)]
Performance fix for FriendFeed sup interface: MySQL query optimizer was doing a table scan on notice; explicit subquery makes it run much more efficiently, only scanning items within the period under consideration. Standard subquery should be PostgreSQL-compatible.
Brion Vibber [Sun, 21 Feb 2010 22:28:06 +0000 (14:28 -0800)]
OStatus PuSH fixlets:
- set minimal error page output on PuSH callback
- allow hub to retry ($config['ostatus']['hub_retries']), simplify internal iface a bit. Retries are pushed to end of queue but otherwise not delayed yet; makes delivery more robust to one-off transitory errors but not yet against downtime.
Brion Vibber [Sun, 21 Feb 2010 21:40:59 +0000 (13:40 -0800)]
OStatus feedsub fixlets:
- actually udpate feedsub.last_update when we get a new PuSH update in
- move incoming PuSH processing to a queue handler to minimize time spent before POST return, as recommended by PuSH spec. When queues are disabled this'll still be handled immediately.
Brion Vibber [Sat, 20 Feb 2010 20:46:48 +0000 (12:46 -0800)]
OStatus subscription page fixups; works but needs lots of UI loving!
- ostatussub via subscribe button now works again (changed to take profile instead of feed, patched up to the new discovery)
- added a quickie hack to allow putting your remote profile URI in place of webfinger acct through the remote-sub button (needs to be patched up to do proper discovery via XRDS or a link or something)
Evan Prodromou [Sat, 20 Feb 2010 18:31:20 +0000 (13:31 -0500)]
Change to use TagURI::base() instead of common_config()
I changed the way that tag: URIs are minted, so we now use the right
base. Ideally most of these would use HTTP URIs instead, but for
now at least they use the right base.
Evan Prodromou [Sat, 20 Feb 2010 18:23:08 +0000 (13:23 -0500)]
Add a library to mint tag URIs
We've been making pretty crummy tag: URIs for a while. We should
continue to favor HTTP URIs, since it's nice to be able to discover
things about an object you've shared the ID of. Where that's not
possible, this makes nicer tag URIs.
Evan Prodromou [Sat, 20 Feb 2010 16:35:01 +0000 (11:35 -0500)]
Add HTMLPurifier to extlib
HTMLPurifier defangs arbitrary submitted HTML. We're using it in the
OStatus plugin, but it may be valuable for other parts of the codebase
(I think OEmbed might benefit, for example).
Evan Prodromou [Fri, 19 Feb 2010 13:16:45 +0000 (08:16 -0500)]
Refactor subs_* functions for remote use
The subs_* functions in subs.php have made a lot of assumptions
about users versus profiles. I've refactored the functions to
be methods of the Subscription class instead, and to use Profile
objects throughout.
Some of the checks for blocks or existing subscriptions depended
on users or profiles, so I've moved those methods around a bit.
I've left stubs for the subs_* functions until we get time to replace
them.
Brion Vibber [Thu, 18 Feb 2010 21:22:21 +0000 (21:22 +0000)]
OStatus refactoring to clean up profile vs feed and fix up subscription issues.
PuSH subscription maintenance broken back out to FeedSub, letting Ostatus_profile deal with the profile level (user or group, with unique id URI)
Brion Vibber [Thu, 18 Feb 2010 00:49:00 +0000 (16:49 -0800)]
Queues: redid the breakout control model so we can start up and subscribe to queues without running through the complete site list, which is ok at 1k sites but too slow at 10k.
All breakout queues that we're going to need to listen to now need to be explicitly listed in $config['queue']['breakout'].
Until XMPP is moved to component model, this setting will let the individual processes work with their own queues:
$config['queue']['breakout'][] = 'xmpp/xmppout/' . $config['site']['nickname'];
Zach Copley [Tue, 16 Feb 2010 06:12:08 +0000 (06:12 +0000)]
Upgrade Twitter bridge to use OAuth 1.0a. It's more secure, and allows
us to automatically send in a callback url instead of having to manually
configure one for each StatusNet instance.
Brion Vibber [Wed, 17 Feb 2010 17:58:34 +0000 (09:58 -0800)]
PostDebug plugin - saves POST data to debug log or directory to help debug form submission and server-to-server communications.
Some sensitive items are sanitized but not all - don't just shove out the log results publicly!