Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
branch: master

Jul 30, 2012

  1. Neil Williams

    Apply domain shame-bans to toolbar framing.

    Some evil people are using the toolbar URLs to spam their links and then
    framebusting to ditch the toolbar. This patch makes it so that if the
    framed URL is on a shame-banned domain, the framing will abort and
    return a 404.
    authored July 28, 2012

Jul 28, 2012

  1. Max Goodman

    Fire a pixel for UI flow tracking of sub/unsubscribe.

    This will allow us to collect information about how users found
    subreddits that they subscribe to. We can use this information to test
    the effectiveness of new ways of discovering and subscribing to
    subreddits.
    
    Specifically, when the subscribe button is clicked, for the current page
    and previous page: the URL, referrer URL, and the type of UI element
    clicked are sent. We'll use this to answer questions like:
    
     * "did clicking on gizmo A lead to users subscribing to subreddit B?"
     * "why did we see a spike in subscriptions to subreddit X today?"
    authored July 25, 2012
  2. Max Goodman

    Include underscore.js.

    authored July 25, 2012
  3. Max Goodman

    Make organic box sponsored link help translatable.

    authored July 27, 2012
  4. Max Goodman

    Fix indentation.

    authored July 27, 2012
  5. Max Goodman

    » > ›.

    authored July 27, 2012
  6. Max Goodman

    Fix spelling and grammar in help box.

    authored July 27, 2012
  7. Max Goodman

    Style help box so "close help" has the same font size as "what's this".

    authored July 27, 2012
  8. Max Goodman

    Move "close help" link to bottom right corner to match "what's this".

    authored July 27, 2012
  9. Max Goodman

    Remove unused jury duty organic box help.

    authored July 27, 2012
  10. Max Goodman

    s/reddits/rules in the footer.

    authored July 26, 2012

Jul 26, 2012

  1. Neil Williams

    Hide OTP prompt on /adminon when irrelevant.

    If the user doesn't have an OTP secret and an OTP isn't required for
    turning on admin mode, we'll just hide the prompt to avoid confusion.
    authored July 24, 2012 kemitche committed July 26, 2012
  2. shlurbee

    Make sr discovery links respect gold user preferences

    Subreddit discovery links are basically sponsored links, so they shouldn't
    appear if gold users have sponsored links turned off
    authored July 16, 2012 kemitche committed July 26, 2012
  3. Keith Mitchell

    Mis-merged to opensource

    authored July 26, 2012
  4. Max Goodman

    Remove unused organic_links JS index.

    authored July 23, 2012 kemitche committed July 26, 2012
  5. Max Goodman

    Remove production pixel URL from example.ini.

    authored July 25, 2012 kemitche committed July 26, 2012
  6. Brian Simpson

    Reorganize delete and ban.

    authored July 17, 2012 kemitche committed July 26, 2012
  7. Brian Simpson

    Small cleanup in admintools.spam.

    authored July 17, 2012 kemitche committed July 26, 2012
  8. Keith Mitchell

    Filter out non-existent subreddits from facets

    authored July 26, 2012

Jul 25, 2012

  1. Brian Simpson

    Add before/after support for Details.

    authored July 25, 2012
  2. Brian Simpson

    Non-wrapped things deserve to be counted too.

    authored July 25, 2012
  3. Brian Simpson

    SimpleBuilder operates on a list of names, no lookups of Things.

    authored July 24, 2012
  4. Brian Simpson

    fix typo in promote.campaign_is_live

    authored July 24, 2012
  5. Brian Simpson

    is_live_on_sr is more strict

    authored July 24, 2012
  6. shlurbee

    Fix traffic display for SR discovery promos

    The "Read from PromoCampaign things" change broke the code that causes the
    traffic display to show the past month by default if a promoted link has
    no campaigns.
    
    This change fixes a bug where clicking on "traffic" on one of the subreddit
    discovery spotlight links caused a 500 error.
    
    See: 273c548
    authored July 24, 2012 bsimpson63 committed July 25, 2012
  7. shlurbee

    Error handling in promote.get_scheduled

    Aggressively catches and logs exceptions inside the campaign loop in
    get_scheduled. This change will allow make_daily_promotions to skip over
    campaigns with corrupt data and still launch the others.
    
    Note: We might want to consider passing the list of errored campaigns
    back up to the calling function so they can be handled more noisily there.
    authored July 24, 2012 bsimpson63 committed July 25, 2012

Jul 24, 2012

  1. Neil Williams

    Move verification email and password reset tokens into Cassandra.

    In memcached there is a chance of the keys being evicted before their
    time runs out. We can mitigate this by adding more memcaches, but that
    has other downsides (such as increased risk of failure).
    authored July 14, 2012
  2. Neil Williams

    Clean up minor formatting nitpicks in token.py.

    authored July 14, 2012
  3. Neil Williams

    Refactor/rename OAuth2 token model so we can reuse it.

    The OAuth2 Cassandra models are a perfect fit for other places in the
    app that need randomly generated tokens.
    authored July 14, 2012
  4. Neil Williams

    tdb_cassandra: Let pycassa serialize timestamp when validated.

    Pycassa will do its own marshalling when columns have validators
    specified in the C* metadata.  We need to disable our own marshalling
    when we know Pycassa will take care of it. This is already taken care of
    in the general case, but timestamps are handled somewhat uniquely.
    authored July 13, 2012

Jul 23, 2012

  1. Neil Williams

    Require two-factor authentication to enable admin mode.

    This feature can be disabled with the new ini setting
    `disable_admin_otp`.
    authored July 22, 2012
  2. Neil Williams

    Add framework for RFC-6238: Time-Based One Time Password Algorithm.

    This provides a system for two-factor authentication, using a compliant
    OTP-generator such as Google Authenticator. The framework includes a
    validator for use on API calls needing authentication as well as a UI
    for provisioning/resetting your secret key. A secure cookie may be
    generated to effectively turn the user's browser into a temporary
    authentication factor.
    
    This feature is currently limited to admins only until full-site SSL is
    available.
    authored July 22, 2012
  3. Neil Williams

    reddit_base: Add support for Secure and HTTP-Only cookies.

    authored July 18, 2012
  4. Neil Williams

    Make profiling transparent and aggregatable.

    If the config variable profile_directory is set, ProfilingMiddleware
    will be added to the WSGI stack. The middleware will generate a file in
    the specified directory on each request containing the contents of that
    request's profile.
    authored July 22, 2012 bsimpson63 committed July 23, 2012
  5. Brian Simpson

    Messages: Set after parameter to oldest visible message.

    authored July 23, 2012
Something went wrong with that request. Please try again.