- Remove data/_theme.scss from git history, to prevent accidental overwrites/commits
- Add a step to the configuration wizard to create a blank file if one doesn't exist
- Move the file existence check in compile-scss to before favicon building (as it errors if the file is missing)
Fixes https://todo.sr.ht/~tsileo/microblog.pub/67
Otherwise, emojis containing forbidden symbols (for example, `-`)
appear in "emoji selector" on admin/new page, but are not replaced
with emoji image on submit.
Also add a note to documentation mentioning allowed characters.
If a remote actor has no icon, we show our local default icon.
If we have no icon, we should allow remote instances to show their
default icon, instead of sending ours.
In Chrome, I get the following when trying to use the remote follow form:
Refused to send form data to 'https://example.com/remote_follow'
because it violates the following Content Security Policy directive:
"form-action 'self'".
It seems some browsers (but notably not Firefox) apply the form-action
policy to the redirect target in addition to the initial form
submission endpoint. See:
https://github.com/w3c/webappsec-csp/issues/8
In that thread, this workaround is suggested.
While this option is not used anywhere in microblog.pub itself, some
other servers do occasionally use it when showing remote profiles.
Also, this image _can_ be used in microblog.pub - just add this:
<img src="{{ local_actor.image_url }}">
in the appropriate place of your template!
