servers
/
alltube
mirror of https://github.com/Rudloff/alltube.git
1
0
Fork 0
Code Issues Releases Wiki Activity
1,592 Commits 2 Branches 60 Tags 4.4 MiB
Commit Graph

1592 Commits

Author SHA1 Message Date
Pierre Rudloff 148a171b24 Merge branch 'hotfix/3.0.2' 2022-02-27 12:32:36 +01:00
Pierre Rudloff 1b099bb983 Patch youtube-dl to disable redirects 
In order to prevent SSRF attacks using redirects
 2022-02-27 12:30:15 +01:00
Pierre Rudloff 3a4f09dda0 Prevent SSRF requests 
By validating the provided URL before passing it to youtube-dl
 2022-02-27 11:00:33 +01:00
Pierre Rudloff bf4a761d3a Make UglyRouter compatible with routes with parameters (#399) 2022-02-23 21:30:58 +01:00
Pierre Rudloff 6ad0486468 Use Python 3.8.12 on Heroku 2022-02-22 23:10:54 +01:00
Pierre Rudloff e246ab03e9 Partial PHP 8 compatibility 
But we still need to update rinvex/countries
 2022-02-22 22:58:57 +01:00
Pierre Rudloff e567f9c9fa Update annotated-command 
To fix PHP 8 compatibility issues: https://github.com/consolidation/annotated-command/pull/210
 2022-02-20 14:19:41 +01:00
Pierre Rudloff 64ac180a53 Merge branch 'master' into develop 2022-02-20 14:07:21 +01:00
Pierre Rudloff 2afbfb4bf2 fixup! Don't redirect to REQUEST_URI when browsing to index.php Instead, we can make sure everything works correctly on index.php 2022-02-20 14:06:59 +01:00
Pierre Rudloff 9410d4b49b LinkHeaderMiddleware should use the same URL as ViewFactory 
This way the X-Forwarded-Path header is used to generate the Link header
 2022-02-20 13:55:44 +01:00
Pierre Rudloff bfaea0e381 Merge tag '3.0.1' into develop 
Fixed an open redirect vulnerability that could be used to construct an URL redirecting to an arbitraty domain
 2022-02-20 13:34:53 +01:00
Pierre Rudloff 3ab22c654a Merge branch 'hotfix/3.0.1' 2022-02-20 13:31:40 +01:00
Pierre Rudloff bc14b6e45c Don't redirect to REQUEST_URI when browsing to index.php 
Instead, we can make sure everything works correctly on index.php
 2022-02-20 13:28:57 +01:00
Pierre Rudloff acbd2008ca Merge branch 'master' into develop 2022-02-19 20:48:02 +01:00
Pierre Rudloff cf82f1cc8f
Add security policy 2022-02-19 20:47:53 +01:00
Pierre Rudloff 5677ce719a Update youtube-dl to 2021.12.17 (#395) 2022-02-17 22:13:56 +01:00
Pierre Rudloff 655490eeb3 Use HTTPS URLs in composer.json 2022-02-17 22:00:08 +01:00
Pierre Rudloff 18847e4d75 More robust way to detect CI in tests 2022-02-07 22:30:47 +01:00
Pierre Rudloff fe771886d9 Replace Travis with GitHub actions 
travis-ci.org does not run tests anymore
 2022-02-07 22:26:33 +01:00
Pierre Rudloff 27439c7e14 Simplify overly complicated format selection template 2022-02-06 20:46:38 +01:00
Pierre Rudloff d9ba01f017 Generate <img> tags with Smarty 2022-02-06 19:17:05 +01:00
Pierre Rudloff ce9b4d9a48 Update Smarty to 4.0 2022-02-06 18:43:08 +01:00
Pierre Rudloff 7cd42e6c6b Fix MP3 option size 2022-02-03 21:57:00 +01:00
Pierre Rudloff ac8c53375a Easier to maintain template structure 
This the head and footer don't have to be included everytime and the hierarchy is easier to read
 2022-02-03 21:41:07 +01:00
Pierre Rudloff de74808459 More readable way to include HTML in translated strings 2022-02-03 21:07:13 +01:00
Pierre Rudloff bdf5554430 Use HTTPS links 2022-02-03 20:55:09 +01:00
Pierre Rudloff b8c88aecf5 Improve typing 2022-02-03 20:52:18 +01:00
Pierre Rudloff d46563f994 Simplify code 2022-02-03 20:21:04 +01:00
Pierre Rudloff 781b5c8bc2 phpcs does not like full namespaces 2022-02-03 20:03:55 +01:00
Pierre Rudloff ffd9275500 Correct way to use interface constant 2022-02-03 20:01:56 +01:00
Pierre Rudloff 6fef87f58b Use HTML dumper for Smarty collector 2022-01-27 00:15:05 +01:00
Pierre Rudloff 835170f4b5 Use phpmnd to detect magic numbers 2022-01-27 00:03:37 +01:00
Pierre Rudloff 5ed15afe1f Use constant for HTTP response code 2022-01-26 23:58:25 +01:00
Pierre Rudloff 359c358df1 Symfony 5.0 is not maintained anymore 2022-01-26 23:53:14 +01:00
Pierre Rudloff c44979bbae
Merge pull request #385 from LoganTann/master 
fix: manifest causes 404 when making pwa shortcut
 2022-01-17 20:24:57 +01:00
Pierre Rudloff 8f3f1cdaf8 Merge branch 'master' into develop 2022-01-17 20:14:06 +01:00
ShinProg (Logan Tann) 1464b2c319
fix: manifest causes 404 when making pwa shortcut 
fixes #384
 2022-01-17 11:38:38 +01:00
dependabot[bot] fb78ecb410 Bump smarty/smarty from 3.1.39 to 3.1.43 (#383) 
Bumps smarty/smarty from 3.1.39 to 3.1.43.

---
updated-dependencies:
- dependency-name: smarty/smarty
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-01-13 00:05:49 +01:00
Pierre Rudloff d744ee557e Build Link header from an array 2021-10-19 23:14:38 +02:00
Pierre Rudloff 5d40523cf4 Don't hardcode class name 2021-10-18 13:16:28 +02:00
Pierre Rudloff 55db198d39 Upgrade phpunit to 9.5 
So we stop depending on the unmaintained php-token-stream
 2021-10-17 21:14:39 +02:00
M*C*O 60f924f4bf
Document X-Forwarded-Proto in README (#368) 2021-07-25 15:02:03 +02:00
Pierre Rudloff 607efaa292 fixup! Fix small typos (#333) 2021-06-06 19:15:44 +02:00
Pierre Rudloff f3ffa90a2e Update alltube-library to 0.1.3 2021-05-13 13:03:10 +02:00
Pierre Rudloff a95d1de67e Update alltube-library to 0.1.2 2021-05-05 21:48:10 +02:00
Pierre Rudloff 1753adf478 Merge tag '3.0.0' into develop 
This release contains several breaking changes:

The Video class is now available as a separate Composer package (rudloff/alltube-library)
The release package and Docker image now contain only production dependencies
youtube-dl is now a production dependency
Composer does not install ffmpeg or phantomjs anymore
The "avconv" and "avconvVerbosity" options are now respectively "ffmpeg" and "ffmpegVerbosity"

Other changes:

Setting the "stream" option to "ask" now works correctly
New locales are automatically detected
New Italian translation (thanks to @holoitsme)
If the "best" format does not exist, it will fall back to "bestvideo"
Composer 2 compatibility
youtube-dl and ffmpeg commands are now logged when debug mode is enabled
404 and 405 error pages now have the same style as the other pages
The new "defaultAudio" option allows converting to audio by default (thanks to @bellington3)
The Heroku build now uses Python 3 (thanks to @telegrambotdev)
The app now supports the container Heroku stack (thanks to @telegrambotdev)
The new "convertSeek" option allows disabling seeking when converting to audio (thanks to @bellington3)
Exceptions are now logged
AllTube can now run correctly behind a reverse proxy with a custom path or port (thanks to @bellington3)
 2021-04-20 23:19:29 +02:00
Pierre Rudloff eeda434b2f Merge branch 'release-3.0.0' 2021-04-20 23:16:45 +02:00
Pierre Rudloff b902c9027b Upgrade youtube-dl to 2021.04.01 (fixes #349) 2021-04-02 21:05:50 +02:00
Advizormcpe1 be3f7d9a82 Updated japanese translation 2021-02-28 18:34:07 +01:00
Pierre Rudloff 97d6532388 Merge branch 'master' into develop 2021-02-26 22:53:09 +01:00