servers/ttrss
1
0
Fork 0
mirror of https://tt-rss.org/git/tt-rss.git synced 2024-06-30 12:30:52 +02:00
Code Issues Releases Wiki Activity
10,275 Commits 34 Branches 0 Tags 149 MiB
d466284fab
Commit Graph

725 Commits

Author SHA1 Message Date
Andrew Dolgov
d466284fab * customizeCSS: client dialog 
* remove hardcoded width from most dialogs (move to css)
* add helper to easily get dialog from its widget
* rework some dialog buttons to use current object instead of calling dialog by name
 2021-02-12 09:02:44 +03:00
Andrew Dolgov
7af8744c85 authentication: make logins case-insensitive (force lowercase) 2021-02-11 09:57:57 +03:00
Andrew Dolgov
72edab5f1c close_button: fix warning 2021-02-10 21:40:31 +03:00
Andrew Dolgov
7874f6ac58 remove PHPMD.UnusedFormalParameter 2021-02-08 19:42:10 +03:00
Andrew Dolgov
51d2deeea9 fix hierarchy of authentication modules, make everything extend Auth_Base and implement hook_auth_user() for pluginhost 2021-02-08 19:11:31 +03:00
Andrew Dolgov
363b3629a4 rewrite a few more hooks 2021-02-08 16:52:47 +03:00
Andrew Dolgov
9de26d44da af_psql_trgm: fix warning 2021-02-08 11:47:41 +03:00
Andrew Dolgov
d293cbd5a9 fix several warnings related to feed editor 2021-02-08 11:46:43 +03:00
Andrew Dolgov
c1ad7acfb9 bookmarklet: encode URL properly so special characters won't get lost 2021-02-07 21:09:27 +03:00
Andrew Dolgov
5849a39820 af_redditimgur: don't try to load empty html; fix a warning in update debugger 2021-02-06 10:31:06 +03:00
Andrew Dolgov
ce489a724b fix a few more warnings 2021-02-06 10:23:45 +03:00
Andrew Dolgov
9fdeb58fd3 check a few more php8 warnings 2021-02-06 09:51:28 +03:00
Andrew Dolgov
6e774a58fe more php8 fixes mostly related to login 2021-02-06 00:12:15 +03:00
Andrew Dolgov
403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov
6c546f37ba af_redditimgur: handle youtube /embed/ URLs 2021-01-23 08:57:36 +03:00
Andrew Dolgov
b30b354b53 af_redditimgur: add some last minute handling for generic preview media URLs provided in JSON 2021-01-22 15:44:44 +03:00
Andrew Dolgov
0d1336bd29 af_redditimgur: 
* draw a basic form for testurl() if no url is given
 * only process specific JSON media files/child elements until something is found
 * handle generic preview images for self posts (not link posts because
link is handled afterwards)
 2021-01-21 08:28:55 +03:00
Andrew Dolgov
1ded706f8f af_redditimgur: cleanup, rework to embed stuff from reddit-provided JSON first 2021-01-19 22:21:57 +03:00
Andrew Dolgov
41bde84a92 af_redditimgur: add basic support for reddit galleries 2021-01-18 15:34:05 +03:00
Andrew Dolgov
4e95591087 af_redditimgur: shorten href stuff 2021-01-18 14:46:08 +03:00
Andrew Dolgov
7a2ad08a7d scored_oldest_first: update sort caption 2021-01-17 10:50:40 +03:00
Andrew Dolgov
c82457e534 add plugins/scored_oldest_first 2021-01-17 10:47:37 +03:00
Andrew Dolgov
6d4005f984 af_psql_trgm: 
1. better debugging output
2. fix incorrect default values being used sometimes
3. remove special workaround for equal titles because trgm extension
seems to be working properly for those now (tested on postgres 11)
4. code cleanup
 2021-01-11 12:23:46 +03:00
Andrew Dolgov
0868ff9d64 auth_remote: use empty() instead of isset() while checking headers 2021-01-07 11:18:02 +03:00
Andrew Dolgov
dc40f69511 fix auth_remote broken by previous commit 2021-01-05 18:55:05 +03:00
Andrew Dolgov
8a34084df1 auth_remote: rewrite header checking to be more readable 2021-01-05 10:37:30 +03:00
Andrew Dolgov
8764662138 af_redditimgur: also blacklist in-content links 2021-01-03 10:55:57 +03:00
Tony
564a24fd78 Add support for HTTP_REMOTE_USER variable for user authentication 2020-12-21 16:56:39 +00:00
Andrew Dolgov
9e62513095 af_redditimgur: also rewrite in the API handler 2020-12-20 13:12:50 +03:00
Andrew Dolgov
f25ea5355c af_redditimgur: add option to rewrite reddit URLs to teddit.net 2020-12-20 11:28:48 +03:00
Andrew Dolgov
50d089ae59 redditimgur: blacklist github because it usually resolves to a huge profile photo of someone 2020-12-18 08:12:31 +03:00
wn
6f31372b37 Address param order deprecation warning for 'af_redditimgur'. 2020-12-12 10:28:45 -06:00
Andrew Dolgov
65254f5db4 - move sphinx plugin to a separate repo 
- regenerate config checks without sphinx-related variables
 2020-12-11 09:48:34 +03:00
Andrew Dolgov
43bd3394c3 shorten_expanded: remove loading=lazy from images if enabled 2020-12-11 09:22:30 +03:00
Andrew Dolgov
8479421da4 af_readability: allow appending to original summary instead of always 
replacing it, some minor code cleanup
 2020-11-26 13:39:47 +03:00
JustAMacUser
65b3926ae5 Ensure proxy_all setting is saved in database. 2020-10-11 01:31:30 -04:00
Andrew Dolgov
38a7a1da88 hide uninteresting errors in several DOMDocument->loadHTML() invocations 2020-10-01 13:20:07 +03:00
Andrew Dolgov
215f388992 move timestamp-related stuff to a separate class 2020-09-23 13:04:26 +03:00
Andrew Dolgov
74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00
Andrew Dolgov
a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 2020-09-17 19:02:27 +03:00
Andrew Dolgov
d8619b9a84 auth_internal: cast OTP code to integer before trying to check it 2020-09-17 16:50:34 +03:00
Andrew Dolgov
a817d3794d * use get_random_bytes() for CSRF token 
* get_random_bytes: use PHP7 random_bytes() if it is available
* validate CSRF token using hash_equals
 2020-09-17 08:59:18 +03:00
Andrew Dolgov
0757ad0406 auth_internal: use type-strict comparison when checking OTP code 2020-09-17 08:46:57 +03:00
Andrew Dolgov
91e1542a82 af_proxy_http: require separate token to access imgproxy 2020-09-15 10:59:57 +03:00
Andrew Dolgov
79f102c25d af_proxy_http: never print received data directly, always redirect to cached_url 
cache/getUrl: basename() passed filename just in case
 2020-09-15 08:02:28 +03:00
Andrew Dolgov
0758397dd8 af_redditimgur: don't add embedded blank gif image for rewritten videos 2020-09-15 06:55:22 +03:00
Andrew Dolgov
c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http 
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
 2020-09-14 19:46:52 +03:00
Andrew Dolgov
c352e872e9 core: pass found enclosures to HOOK_ARTICLE_FILTER 
af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
 2020-06-24 22:54:14 +03:00
Nathan Warner
f8d96543de Created hotkeys_force_top plugin 
Renamed swap_jk to match new naming scheme.
 2020-05-30 22:45:41 -06:00
Andrew Dolgov
9ae9302b6b implement keyboard-related changes discussed in https://community.tt-rss.org/t/changing-the-amount-of-scroll-by-arrow-key/3452/7 2020-05-17 08:25:51 +03:00