Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-09-14 | - fix multiple vulnerabilities in af_proxy_http | Andrew Dolgov | |
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions | |||
2019-08-16 | af_readability: add missing file | Andrew Dolgov | |
2019-03-07 | hotkey help: remove more info button | Andrew Dolgov | |
2019-03-04 | digestTest: don't display empty digest when not logged in | Andrew Dolgov | |
2019-03-02 | digest: add ARTICLE_LABELS | Andrew Dolgov | |
2019-02-22 | dialogs: use semantic markup instead of dlgsec stuff | Andrew Dolgov | |
continue unifying quoting style for html strings | |||
2019-02-21 | UI: add some more info links to relevant wiki pages; minor layout updates | Andrew Dolgov | |
2018-12-10 | update hotkey help dialog a bit | Andrew Dolgov | |
2017-12-03 | force strip_tags() on all user input unless explicitly allowed | Andrew Dolgov | |
2017-05-04 | move digest stuff to Digest class | Andrew Dolgov | |
2017-04-26 | remove some redundant php closing tags | Andrew Dolgov | |
2013-04-17 | fix blank character after opening bracket in function calls | Andrew Dolgov | |
2013-04-17 | remove $link | Andrew Dolgov | |
2013-03-28 | remove dialogNotice; tweak dialog appearance a bit | Andrew Dolgov | |
2013-03-18 | tweak hotkey map notation to allow stuff like shift-arrows | Andrew Dolgov | |
2013-03-15 | fix warning in hotkey help dialog when disabled hotkey is processed | Andrew Dolgov | |
2013-02-27 | hotkey help: fix actions bound to multiple sequences not displayed correctly | Andrew Dolgov | |
2013-01-22 | add hack to support arbitrary key descriptions for hotkeys | Andrew Dolgov | |
2012-12-29 | help: remove checkboxes | Andrew Dolgov | |
2012-12-28 | help cleanup, use dijit dialog | Andrew Dolgov | |
2012-12-24 | split digest stuff into digest.php | Andrew Dolgov | |
2012-11-01 | remove backend/digestSend | Andrew Dolgov | |
2012-01-31 | implement digestTest back | Andrew Dolgov | |
misc digest updates and improvements | |||
2012-01-30 | implement preferred time for sending out digests | Andrew Dolgov | |
2011-12-14 | do not include keyboard help files into index and prefs.php | Andrew Dolgov | |
2011-12-13 | move help to backend class | Andrew Dolgov | |
2011-12-13 | add catchall backend class | Andrew Dolgov | |