CSRF token checking was enabled for API controllers in #6223,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
CSRF token checking was enabled for API controllers in #6223,
producing "Can't verify CSRF token authenticity" log spam. This
disables logging of failed CSRF checks.
This also changes the protection strategy for
PushSubscriptionsController to use exceptions, making it consistent
with other controllers that use sessions.
* Add aria-autocomplete='list' in Textaria
ref: https://www.w3.org/TR/wai-aria-1.1/#aria-autocomplete
* Make detect empty string brefore assign upload description
* Change code elements in keyboard-shortcuts component to kbd
* Add validation for onMuteNotifications
* Make columns-area unscrollable when modal opend
* Make columns-area unscrollable when modal opened
* Add aria-autocomplete='list' in Textaria
ref: https://www.w3.org/TR/wai-aria-1.1/#aria-autocomplete
* Make detect empty string brefore assign upload description
* Change code elements in keyboard-shortcuts component to kbd
* Add validation for onMuteNotifications
* Make columns-area unscrollable when modal opend
* Make columns-area unscrollable when modal opened
* Fix accessibility of column headers
As a screen reader user new to Mastodon, I encountered the following issues with the column headers as designed:
* Jumping between them was difficult. FOr instance, passing my home timeline to reach notification settings was difficult to impossible, especially considering infinite scrolling.
* There doesn't appear to be any means for triggering the control via the keyboard. the `titleClick` handler only responds to mouse clicks.
* I didn't even realize there was a Settings toggle until I made this change.
Thanks for using ARIA in your designs. It's a huge help. But adding a `button` role doesn't add keyboard handling and other button behavior. Also, because the role was on the heading container, it obscured the controls within the container itself. This fix resolve that. It also exposes the headings as headings rather than buttons, enabling skipping columns by using screen readers' heading navigation commands.
Since I myself am blind, if this fix requires additional visual styling, I'd like help applying that so it can be merged. I'd consider it an essential accessibility fix for my and other blind users' existence on the platform. Thanks!
* Styling fixes
* Fixed overflow issue
* Fix accessibility of column headers
As a screen reader user new to Mastodon, I encountered the following issues with the column headers as designed:
* Jumping between them was difficult. FOr instance, passing my home timeline to reach notification settings was difficult to impossible, especially considering infinite scrolling.
* There doesn't appear to be any means for triggering the control via the keyboard. the `titleClick` handler only responds to mouse clicks.
* I didn't even realize there was a Settings toggle until I made this change.
Thanks for using ARIA in your designs. It's a huge help. But adding a `button` role doesn't add keyboard handling and other button behavior. Also, because the role was on the heading container, it obscured the controls within the container itself. This fix resolve that. It also exposes the headings as headings rather than buttons, enabling skipping columns by using screen readers' heading navigation commands.
Since I myself am blind, if this fix requires additional visual styling, I'd like help applying that so it can be merged. I'd consider it an essential accessibility fix for my and other blind users' existence on the platform. Thanks!
* Styling fixes
* Fixed overflow issue
This makes the clickable element an interactive element, but doesn't add
alt text and makes it not-obvious that you can click the elefriend. On
one hand, this goes against good practice; on the other hand, it's not
*supposed* to be obvious that you can click the elefriend.
This makes the clickable element an interactive element, but doesn't add
alt text and makes it not-obvious that you can click the elefriend. On
one hand, this goes against good practice; on the other hand, it's not
*supposed* to be obvious that you can click the elefriend.
Also lay some groundwork needed to interactively change the
glitchfriend.
The codebase uses "elefriend" because it's shorter and didn't require me
to realign the actions in actions/compose.js. Same idea, though.
Also lay some groundwork needed to interactively change the
glitchfriend.
The codebase uses "elefriend" because it's shorter and didn't require me
to realign the actions in actions/compose.js. Same idea, though.
