summaryrefslogtreecommitdiff
path: root/classes
AgeCommit message (Collapse)Author
2020-09-14public/subscribe: require valid CSRF token when validating the formAndrew Dolgov
2020-09-14- fix multiple vulnerabilities in af_proxy_httpAndrew Dolgov
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-11order_to_override_query: allow HOOK_HEADLINES_CUSTOM_SORT_OVERRIDE plugins ↵Andrew Dolgov
to override built-in sorting
2020-08-29properly return counters for labels with zero assigned articlesAndrew Dolgov
refs https://community.tt-rss.org/t/label-counter-doesnt-update-when-count-goes-down-to-zero/3766
2020-08-14Silence php 7.2 error message generated in `session_set_cookie_params`.Rodney Stromlund
2020-08-13pluginhost: allow overriding default sort modes via ↵Andrew Dolgov
HOOK_HEADLINES_CUSTOM_SORT_MAP etc
2020-08-13move order_by to SQL override logic into a separate functionAndrew Dolgov
2020-08-11instead of taking batch timestamp and score (?) into account, make oldest ↵Andrew Dolgov
first sorting work consistently with newest first - i.e. rely on feed-provided timestamp
2020-08-10OPML: export/import per-feed purge intervalAndrew Dolgov
2020-08-01more int/string type mismatches on getCategoriesPaco Esteban
2020-07-31make sure all ints are casted (to int) on getCategoriesPaco Esteban
2020-07-01Merge branch 'bugfix/invalid-opml' of wn/tt-rss into masterfox
2020-07-01when exporting OPML via web UI, add user login to the filenameAndrew Dolgov
2020-07-01prefs: show disabled filters properly on mysqlAndrew Dolgov
2020-07-01prefs: show root of filter tree as enabled so it's not grayed outAndrew Dolgov
2020-06-27Properly check if OPML file was loaded during import.wn_
2020-06-24core: pass found enclosures to HOOK_ARTICLE_FILTERAndrew Dolgov
af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
2020-06-15better support for image srcset attributes as discussed in ↵Andrew Dolgov
https://community.tt-rss.org/t/problem-with-img-srcset/3519
2020-06-05eslint-related fixes; move a few things from global context to AppAndrew Dolgov
2020-05-22when removing favicon, reset its auto-refresh timerAndrew Dolgov
2020-05-17calculate_article_hash: don't die() on previous, woopsAndrew Dolgov
2020-05-17calculate_article_hash: ignore some useless or read-only fields (i.e. GUID) ↵Andrew Dolgov
when calculating hash
2020-05-17* store UID in article hashed GUID separately so it could be migrated ↵Andrew Dolgov
cleanly to a different instance * store resulting GUID as a JSON object so it could be extended easier if needed
2020-05-13add --opml-export to update.phpAndrew Dolgov
2020-05-12DiskCache: append fake file extension when sending cached files based on ↵Andrew Dolgov
mime type to make saving files easier
2020-04-29DiskCache: properly deal with srcset attributesAndrew Dolgov
2020-04-29remove unneeded var_dump()Andrew Dolgov
2020-04-29* add HOOK_ENCLOSURE_IMPORTEDAndrew Dolgov
* pass feed id to HOOK_FEED_PARSED
2020-04-04search: add support for label:XXX search keywordAndrew Dolgov
Labels: enforce case-insensitive lookups when creating/looking for labels
2020-03-13allow overriding built-in templates via templates.localAndrew Dolgov
2020-03-12add support for video[@src] in media cachelllusion3418
it's a valid alternative to a source[@src] child element: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/video
2020-03-12actually download <video> posters to media cachelllusion3418
video[@poster] is already supported in the rewriting logic but never actually downloaded
2020-03-12fix url rewriting for videos with poster and srclllusion3418
if a poster attribute was present only that would have been rewritten and the (arguably more important) src attribute would be left as-is
2020-03-10PluginHost/save_data: use separate PDO connection to prevent issues with ↵Andrew Dolgov
nested transactions
2020-02-28batchSubscribe: use validationtextareaAndrew Dolgov
2020-02-28add validationtextarea control, use it for filter match editorAndrew Dolgov
2020-02-28filter test dialog: pass contents via xhr POSTAndrew Dolgov
2020-02-27external subscribe dialog: support dark themeAndrew Dolgov
2020-02-27share anything dialog: support dark themeAndrew Dolgov
2020-02-22don't generate default.css, replace with themes/light.css as a default root ↵Andrew Dolgov
CSS file
2020-02-20properly calculate marked counters for feeds in nested categoriesAndrew Dolgov
2020-02-201. feedtree: show counters for marked articles if view-mode == markedAndrew Dolgov
2. hide/show relevant counter nodes using css 3. cleanup some counter-related code 4. compile default css into light theme to prevent cache-related issues
2020-02-18prefs layout fixes:Andrew Dolgov
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords 2. show explanatory messages when OTP or password changing is not available 3. allow app (API) passwords when using any auth module
2020-01-27getCategoryCounters: properly handle categories which don't have any stored ↵Andrew Dolgov
feeds/articles
2020-01-25mark primary button in the default password dialogAndrew Dolgov
2020-01-25default password warning: fix close button, don't crash if dialog is ↵Andrew Dolgov
recreated (on feed tree reload etc)
2020-01-25getCategoryUnread: return correct unread count for labels categoryAndrew Dolgov
2020-01-25getCategoryChildrenUnread: fix typoAndrew Dolgov
2020-01-25getCategoryCounters: properly calculate counters for child subcategory entriesAndrew Dolgov
getCategoryUnread: cleanup
2020-01-24getCategoryUnread: don't return unread counters for Special category because ↵Andrew Dolgov
it doesn't make a lot of sense to do so
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 22:15:46 +0000