summaryrefslogtreecommitdiff
AgeCommit message (Expand)Author
2020-09-16subscribe: allow pre-filling feed URL if passed via query stringAndrew Dolgov
2020-09-16cached_url: block SVG images because of potential javascript insideAndrew Dolgov
2020-09-16pass CSRF token to opml import and feed icon replace dialogsAndrew Dolgov
2020-09-16fix default password nag dialog, load via xhrAndrew Dolgov
2020-09-15editFeed: only try to reload feed tree in preferences if its actually thereAndrew Dolgov
2020-09-15comments link: load in new tabAndrew Dolgov
2020-09-15editarticletags: load dialog via XHRAndrew Dolgov
2020-09-15handler: default base csrf_ignore() to falseAndrew Dolgov
2020-09-15backend handler: require CSRF, remove obsolete codeAndrew Dolgov
2020-09-15public/logout: require valid CSRF tokenAndrew Dolgov
2020-09-15Feeds: load quickaddfeed and search dialogs via XHR w/ CSRF protectionAndrew Dolgov
2020-09-15- backend: require CSRF token to be passed via POSTAndrew Dolgov
2020-09-15don't pass csrf token as a GET parameter to ArticleAndrew Dolgov
2020-09-15require CSRF token for Article/redirectAndrew Dolgov
2020-09-15- enable CSRF support earlierAndrew Dolgov
2020-09-15af_proxy_http: require separate token to access imgproxyAndrew Dolgov
2020-09-15rewrite_relative_url: validate resulting absolutized URLsAndrew Dolgov
2020-09-15validate_url: only allow safe ports (80, 443), disallow access to loopbackAndrew Dolgov
2020-09-15validate_url: add clean()Andrew Dolgov
2020-09-15rename base64_img() to image_to_base64()Andrew Dolgov
2020-09-15af_proxy_http: never print received data directly, always redirect to cached_urlAndrew Dolgov
2020-09-15cached_url: perform mimetype validation before possible HOOK_SEND_LOCAL_FILE ...Andrew Dolgov
2020-09-15af_redditimgur: don't add embedded blank gif image for rewritten videosAndrew Dolgov
2020-09-14user preferences: forbid < and > characters when changing passwords (were sil...Andrew Dolgov
2020-09-14public/subscribe: require valid CSRF token when validating the formAndrew Dolgov
2020-09-14remove csrf token from rpc method sanityCheckAndrew Dolgov
2020-09-14- fix multiple vulnerabilities in af_proxy_httpAndrew Dolgov
2020-09-11Merge branch 'weblate-integration'Andrew Dolgov
2020-09-11order_to_override_query: allow HOOK_HEADLINES_CUSTOM_SORT_OVERRIDE plugins to...Andrew Dolgov
2020-08-29properly return counters for labels with zero assigned articlesAndrew Dolgov
2020-08-14Merge branch 'master' of rodneys_mission/tt-rss into masterfox
2020-08-14Silence php 7.2 error message generated in `session_set_cookie_params`.Rodney Stromlund
2020-08-13pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SOR...Andrew Dolgov
2020-08-13move order_by to SQL override logic into a separate functionAndrew Dolgov
2020-08-11instead of taking batch timestamp and score (?) into account, make oldest fir...Andrew Dolgov
2020-08-10OPML: export/import per-feed purge intervalAndrew Dolgov
2020-08-01Merge branch 'master' of e1e0/tt-rss into masterfox
2020-08-01more int/string type mismatches on getCategoriesPaco Esteban
2020-08-01Merge branch 'master' of e1e0/tt-rss into masterfox
2020-07-31Translated using Weblate (Czech)Marek Pavelka
2020-07-31make sure all ints are casted (to int) on getCategoriesPaco Esteban
2020-07-19Translated using Weblate (Norwegian Bokmål)Jan Espen Pedersen
2020-07-13Merge branch 'master' of rodneys_mission/tt-rss-fix-sanity-urls into masterfox
2020-07-13Update wiki and forums links in error message.Rodney Stromlund
2020-07-09Merge branch 'feed-tree-localstorage' of nanaya/tt-rss into masterfox
2020-07-09Store FeedTree data in localStoragenanaya
2020-07-03Translated using Weblate (Norwegian Bokmål)Jan Espen Pedersen
2020-07-03Translated using Weblate (Norwegian Bokmål)Anonymous
2020-07-02Translated using Weblate (Norwegian Bokmål)Jan Espen Pedersen
2020-07-01Merge branch 'bugfix/invalid-opml' of wn/tt-rss into masterfox
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 13:53:07 +0000