summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2017-02-12add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxyAndrew Dolgov
2017-02-12Merge branch 'fix-target-blank-vulnerability' into 'master' Andrew Dolgov
Prevent target='_blank' vulnerability on dynamic link This merge request refere to https://tt-rss.org/forum/viewtopic.php?f=8&t=4048 It fix the issue I enconter on some feeds I follow. Just need to add "noopener" and "noreferrer" on "_blank" link to avoid the vulnerability. See merge request !46
2017-02-12Prevent target='_blank' vulnerability on dynamic linkJérémy DECOOL
2017-02-10af_zz_imgproxy: redirect to caller url unless called in user contextAndrew Dolgov
2017-02-10allow user plugins to expose public methods out in a limited fashionAndrew Dolgov
2017-02-10use get_self_url_prefix() when rewriting cached imagesAndrew Dolgov
2017-02-10add some print_checkbox/print_button calls; rename some plugin preference ↵Andrew Dolgov
pane titles
2017-02-10af_zz_imgproxy: urlencode() url parameter, DUHAndrew Dolgov
2017-02-10use print_hidden() for hidden dojo form fieldsAndrew Dolgov
2017-02-10af_zz_imgproxy: add optional setting to proxy all remote imagesAndrew Dolgov
functions: add some form helper methods
2017-02-10af_zz_imgproxy: use inline disposition, misc updatesAndrew Dolgov
2017-02-10update af_zz_imgproxy to plug into built-in image cachingAndrew Dolgov
2017-02-10sanitize: properly handle cached content in archived articlesAndrew Dolgov
2017-02-10add af_zz_imgproxy (initial)Andrew Dolgov
2017-02-09pass several image files used in notify messages to frontend as base64 to ↵Andrew Dolgov
prevent broken error messages in case network connection is down. also, update some close buttons to show correct cursor.
2017-02-09handle_rpc_json: fix netalert button never appearing on JSON parse errorAndrew Dolgov
2017-02-08add some protection against opener attacks if external site is opened via ↵Andrew Dolgov
window.open()
2017-02-04parse_counters: skip subscribed-feeds id properlyAndrew Dolgov
2017-02-04cached_image: remove unnecessary basename()Andrew Dolgov
2017-02-04reset local counter cache when feed count changesAndrew Dolgov
2017-02-04image cache: do not try to cache data: schema urls; add caching of html5 ↵Andrew Dolgov
video content (similar to cache_starred_images plugin)
2017-02-04image cache: send files as content-disposition: attachment; add .png suffix ↵Andrew Dolgov
to image urls
2017-01-29af_redditimgur: inline streamable.com videosAndrew Dolgov
2017-01-28af_readability: force utf8 preamble on html document load. no idea why but ↵Andrew Dolgov
it seems to work better even for not-unicode sites.
2017-01-28subscribe dialog: do not report errors via alert()Andrew Dolgov
fetch_file_contents: reset all globals on start, return error message body when not using curl subscribe_to_feed: report if cloudflare is in the error message
2017-01-26compact.css: remove version tagAndrew Dolgov
2017-01-26add compact theme with smaller fontAndrew Dolgov
2017-01-26preferences: set themes dropdown to default if selected theme is missingAndrew Dolgov
2017-01-25remove default.cssAndrew Dolgov
2017-01-25implement cache-busting for default theme.cssAndrew Dolgov
night theme: small fixes
2017-01-25increase content font size by 1pxAndrew Dolgov
2017-01-25pass article guid to hook_render_articleAndrew Dolgov
2017-01-25Merge branch 'fix-sanitize-dfn' into 'master' Andrew Dolgov
sanitize: allow <dfn> tag ### In brief * Add `<dfn>` tag to allowed tags list * `<dfn>` represents the defining instance of a term in HTML * More [information about `<dfn>` on the w3school's website](http://www.w3schools.com/tags/tag_dfn.asp ) ### Example This stops article content such as... ``` Indian tea harvests are divided up by <dfn>flush</dfn>. ``` ...from getting turned into... ``` Indian tea harvests are divided up by . ``` See merge request !45
2017-01-24sanitize: allow dfn tagShane Synan
Add <dfn> tag to allowed tags list. <dfn> represents the defining instance of a term in HTML.
2017-01-24Merge branch 'more-af-comics' into 'master' Andrew Dolgov
Support hyphens in GoComics URLs. See merge request !44
2017-01-24Support hyphens in GoComics URLs.JustAMacUser
2017-01-24support rel=noopener for linksAndrew Dolgov
2017-01-24fetch_file_contents: rework the way shim works to prevent intermittent warningsAndrew Dolgov
2017-01-24sanitize: allow acronym tagAndrew Dolgov
2017-01-23add some vertical space to diijt menu itemsAndrew Dolgov
2017-01-23reference pubsubhubbub classes using their namespaceAndrew Dolgov
2017-01-22Merge branch 'af-comics-ui' into 'master' Andrew Dolgov
Added feed URL instructions for GoComics. GoComics feed URL syntax now included on existing Prefs page for af_comics plugin. See merge request !43
2017-01-22Added feed URL instructions for GoComics.JustAMacUser
2017-01-22unpackVisibleHeadlines: do not iterate over all RROWs all the timeAndrew Dolgov
2017-01-22feed tree: only run animation for appearing unread counters to prevent ↵Andrew Dolgov
clashes with aux counter updating and animations ending up in wrong state
2017-01-22initHeadlinesMenu: remove unneeded outputAndrew Dolgov
2017-01-22attach headline menu objects to correct DOM nodes in combined modeAndrew Dolgov
2017-01-22parse_counters: cache previous reply and skip processing of unchanged rows ↵Andrew Dolgov
(better implementation)
2017-01-22parse_counters: cache previous reply and skip processing of unchanged rowsAndrew Dolgov
2017-01-22reuse menu objects while appending headline rowsAndrew Dolgov
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-07 17:02:36 +0000