Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-09-23 | move timestamp-related stuff to a separate class | Andrew Dolgov | |
2020-09-22 | use self:: in some places to invoke static methods from the same class | Andrew Dolgov | |
2020-09-22 | remove a lot of stuff from global context (functions.php), add a few helper ↵ | Andrew Dolgov | |
classes instead | |||
2020-09-18 | add basic safe mode which doesn't load any user plugins | Andrew Dolgov | |
2020-09-17 | replace FALSE with false so that static analyzer shuts up about it | Andrew Dolgov | |
2020-09-17 | fix typo in previous | Andrew Dolgov | |
2020-09-17 | fix OTP QR code not displayed because of CSRF token passed as a query | Andrew Dolgov | |
parameter use type-strict comparison when validating CSRF token on the backend | |||
2020-09-16 | pass CSRF token to opml import and feed icon replace dialogs | Andrew Dolgov | |
2020-09-14 | user preferences: forbid < and > characters when changing passwords (were ↵ | Andrew Dolgov | |
silently stripped on save because of clean()) | |||
2020-09-14 | - fix multiple vulnerabilities in af_proxy_http | Andrew Dolgov | |
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions | |||
2020-07-01 | prefs: show disabled filters properly on mysql | Andrew Dolgov | |
2020-07-01 | prefs: show root of filter tree as enabled so it's not grayed out | Andrew Dolgov | |
2020-06-05 | eslint-related fixes; move a few things from global context to App | Andrew Dolgov | |
2020-05-22 | when removing favicon, reset its auto-refresh timer | Andrew Dolgov | |
2020-03-13 | allow overriding built-in templates via templates.local | Andrew Dolgov | |
2020-02-28 | batchSubscribe: use validationtextarea | Andrew Dolgov | |
2020-02-28 | add validationtextarea control, use it for filter match editor | Andrew Dolgov | |
2020-02-28 | filter test dialog: pass contents via xhr POST | Andrew Dolgov | |
2020-02-22 | don't generate default.css, replace with themes/light.css as a default root ↵ | Andrew Dolgov | |
CSS file | |||
2020-02-20 | 1. feedtree: show counters for marked articles if view-mode == marked | Andrew Dolgov | |
2. hide/show relevant counter nodes using css 3. cleanup some counter-related code 4. compile default css into light theme to prevent cache-related issues | |||
2020-02-18 | prefs layout fixes: | Andrew Dolgov | |
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords 2. show explanatory messages when OTP or password changing is not available 3. allow app (API) passwords when using any auth module | |||
2020-01-24 | scrap counter cache system; rework counters to sum() booleans instead | Andrew Dolgov | |
2019-12-17 | update app password notice | Andrew Dolgov | |
2019-12-06 | add a hidden tweakable which forbids changing passwords | Andrew Dolgov | |
2019-12-06 | user css dialog: allow saving and applying CSS without closing the dialog | Andrew Dolgov | |
2019-11-14 | add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc | Andrew Dolgov | |
2019-11-01 | Merge branch 'master' of git.fakecake.org:tt-rss | Andrew Dolgov | |
2019-11-01 | line endings + remove : from headings | Andrew Dolgov | |
2019-11-01 | OTP stuff: update notice wording a bit | Andrew Dolgov | |
2019-11-01 | auth_internal: fix indents | Andrew Dolgov | |
2019-11-01 | implement app password checking / management UI | Andrew Dolgov | |
2019-11-01 | add placeholder UI plumbing for app passwords | Andrew Dolgov | |
2019-11-01 | allow using OTP without GD | Andrew Dolgov | |
2019-10-09 | add notification for OTP being disabled | Andrew Dolgov | |
2019-10-09 | add notifications for mail and password changes | Andrew Dolgov | |
update and shorten some other message templates | |||
2019-08-21 | makefeedtree: properly calculate feed total amount in no-categories mode | Andrew Dolgov | |
2019-08-02 | update SSL certificate wiki link | Andrew Dolgov | |
2019-07-12 | filter dialog: add inline regexp checker | Andrew Dolgov | |
2019-07-12 | add placeholder Filters.filterDlgCheckRegExp | Andrew Dolgov | |
2019-06-20 | move more globals to more appropriate places | Andrew Dolgov | |
set libxml to always use internal errors | |||
2019-06-20 | move several more global functions to more appropriate classes | Andrew Dolgov | |
2019-06-20 | get_feeds_from_html: remove XML preamble hack | Andrew Dolgov | |
move several related helper functions to Feeds class | |||
2019-05-31 | event log: simplify styles, prevent horizontal scrolling | Andrew Dolgov | |
sql logger: clip context length to 8kb | |||
2019-05-06 | feed tree: set placeholder feed unread value to -1 | Andrew Dolgov | |
2019-04-14 | Fix button focus issues | Michael Kuhn | |
This change introduces derived classes for ComboButton, DropDownButton and Select that make sure that buttons do not remain focused after their menus are closed. This allows using hotkeys after closing them. | |||
2019-04-13 | Fix focus issues with hotkeys | Michael Kuhn | |
Since making use of keypress in addition to keydown, hotkeys did not work in certain scenarios, including clicking on the feed tree expanders or empty spaces of the toolbar. This issue is caused by dijit.Tree and dijit.Toolbar implementing the _KeyNavMixin, which explicitly stops propagation of keypress events. This change contains two main fixes plus a smaller hotfix: 1. It overrides _onContainerKeydown and _onContainerKeypress for fox.FeedTree (which inherits from dijit.Tree). 2. It adds fox.Toolbar, which overrides _onContainerKeydown, _onContainerKeypress and focus. This fixes hotkeys being swallowed and the first focusable child receiving focus when clicking on an empty space of the toolbar. 3. It adds the same handling of keydown and keypress to the prefs hotkey handler as is done in the main hotkey handler. | |||
2019-04-10 | feed editor: use DEFAULT_SEARCH_LANGUAGE as a default per-feed dropdown value | Andrew Dolgov | |
2019-04-10 | use DEFAULT_SEARCH_LANGUAGE to generate tsvector index if per-feed language ↵ | Andrew Dolgov | |
is not specified, also use it as default value on search form for convenience | |||
2019-03-14 | fix feed icon upload not working, rework form to use FormData/ajax | Andrew Dolgov | |
2019-03-10 | batch subscribe: stop dialog from being submitted twice | Andrew Dolgov | |