Age | Commit message (Collapse) | Author | |
---|---|---|---|
2017-02-14 | Update german translation | Heiko Adams | |
2017-02-14 | rebase translations | Andrew Dolgov | |
2017-02-14 | set error report url to https | Andrew Dolgov | |
2017-02-13 | bind headlines menu to a selector to avoid remaking it unnecessarily | Andrew Dolgov | |
2017-02-13 | fix vertical position of cdm collapse button in floating title | Andrew Dolgov | |
2017-02-13 | cdmcollapse/expand: use less convoluted selector queries | Andrew Dolgov | |
2017-02-13 | add af_zz_vidmute | Andrew Dolgov | |
2017-02-13 | af_zz_imgproxy: truncate url in error png | Andrew Dolgov | |
2017-02-13 | af_zz_imgproxy: show GD-based (if possible) error message on proxy failure | Andrew Dolgov | |
2017-02-13 | rewrite_relative_url: cleanup resulting url path while rewriting | Andrew Dolgov | |
2017-02-13 | af_zz_imgproxy: disable api render hook: pointless, because api clients ↵ | Andrew Dolgov | |
won't have an authenticated cookie-based session | |||
2017-02-13 | af_zz_imgproxy: fix typo | Andrew Dolgov | |
2017-02-12 | format_article_enclosures: allow embedding .jpeg files | Andrew Dolgov | |
2017-02-12 | fix previous, again | Andrew Dolgov | |
2017-02-12 | af_zz_imgproxy: limit enclosure rewriting to images | Andrew Dolgov | |
2017-02-12 | add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy (2) | Andrew Dolgov | |
2017-02-12 | add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy | Andrew Dolgov | |
2017-02-12 | Merge branch 'fix-target-blank-vulnerability' into 'master' | Andrew Dolgov | |
Prevent target='_blank' vulnerability on dynamic link This merge request refere to https://tt-rss.org/forum/viewtopic.php?f=8&t=4048 It fix the issue I enconter on some feeds I follow. Just need to add "noopener" and "noreferrer" on "_blank" link to avoid the vulnerability. See merge request !46 | |||
2017-02-12 | Prevent target='_blank' vulnerability on dynamic link | Jérémy DECOOL | |
2017-02-10 | af_zz_imgproxy: redirect to caller url unless called in user context | Andrew Dolgov | |
2017-02-10 | allow user plugins to expose public methods out in a limited fashion | Andrew Dolgov | |
2017-02-10 | use get_self_url_prefix() when rewriting cached images | Andrew Dolgov | |
2017-02-10 | add some print_checkbox/print_button calls; rename some plugin preference ↵ | Andrew Dolgov | |
pane titles | |||
2017-02-10 | af_zz_imgproxy: urlencode() url parameter, DUH | Andrew Dolgov | |
2017-02-10 | use print_hidden() for hidden dojo form fields | Andrew Dolgov | |
2017-02-10 | af_zz_imgproxy: add optional setting to proxy all remote images | Andrew Dolgov | |
functions: add some form helper methods | |||
2017-02-10 | af_zz_imgproxy: use inline disposition, misc updates | Andrew Dolgov | |
2017-02-10 | update af_zz_imgproxy to plug into built-in image caching | Andrew Dolgov | |
2017-02-10 | sanitize: properly handle cached content in archived articles | Andrew Dolgov | |
2017-02-10 | add af_zz_imgproxy (initial) | Andrew Dolgov | |
2017-02-09 | pass several image files used in notify messages to frontend as base64 to ↵ | Andrew Dolgov | |
prevent broken error messages in case network connection is down. also, update some close buttons to show correct cursor. | |||
2017-02-09 | handle_rpc_json: fix netalert button never appearing on JSON parse error | Andrew Dolgov | |
2017-02-08 | add some protection against opener attacks if external site is opened via ↵ | Andrew Dolgov | |
window.open() | |||
2017-02-04 | parse_counters: skip subscribed-feeds id properly | Andrew Dolgov | |
2017-02-04 | cached_image: remove unnecessary basename() | Andrew Dolgov | |
2017-02-04 | reset local counter cache when feed count changes | Andrew Dolgov | |
2017-02-04 | image cache: do not try to cache data: schema urls; add caching of html5 ↵ | Andrew Dolgov | |
video content (similar to cache_starred_images plugin) | |||
2017-02-04 | image cache: send files as content-disposition: attachment; add .png suffix ↵ | Andrew Dolgov | |
to image urls | |||
2017-01-29 | af_redditimgur: inline streamable.com videos | Andrew Dolgov | |
2017-01-28 | af_readability: force utf8 preamble on html document load. no idea why but ↵ | Andrew Dolgov | |
it seems to work better even for not-unicode sites. | |||
2017-01-28 | subscribe dialog: do not report errors via alert() | Andrew Dolgov | |
fetch_file_contents: reset all globals on start, return error message body when not using curl subscribe_to_feed: report if cloudflare is in the error message | |||
2017-01-26 | compact.css: remove version tag | Andrew Dolgov | |
2017-01-26 | add compact theme with smaller font | Andrew Dolgov | |
2017-01-26 | preferences: set themes dropdown to default if selected theme is missing | Andrew Dolgov | |
2017-01-25 | remove default.css | Andrew Dolgov | |
2017-01-25 | implement cache-busting for default theme.css | Andrew Dolgov | |
night theme: small fixes | |||
2017-01-25 | increase content font size by 1px | Andrew Dolgov | |
2017-01-25 | pass article guid to hook_render_article | Andrew Dolgov | |
2017-01-25 | Merge branch 'fix-sanitize-dfn' into 'master' | Andrew Dolgov | |
sanitize: allow <dfn> tag ### In brief * Add `<dfn>` tag to allowed tags list * `<dfn>` represents the defining instance of a term in HTML * More [information about `<dfn>` on the w3school's website](http://www.w3schools.com/tags/tag_dfn.asp ) ### Example This stops article content such as... ``` Indian tea harvests are divided up by <dfn>flush</dfn>. ``` ...from getting turned into... ``` Indian tea harvests are divided up by . ``` See merge request !45 | |||
2017-01-24 | sanitize: allow dfn tag | Shane Synan | |
Add <dfn> tag to allowed tags list. <dfn> represents the defining instance of a term in HTML. |