summaryrefslogtreecommitdiff
path: root/include/functions.php
AgeCommit message (Collapse)Author
2018-12-02move some more stuff out of common.jsAndrew Dolgov
rework client-side cookie functions a bit limit dojo cachebust based on server scripts modification time remove param_escape()
2018-12-02set use strict on JS modules; remove some mostly useless stuff like ↵Andrew Dolgov
get_minified_js()
2018-12-02remove obsolete row selection functionsAndrew Dolgov
move getUrlParam() to Utils
2018-12-01bring back (debloated) version of unexpanded combined modeAndrew Dolgov
2018-12-01enable c-up/down hotkeys even out of cdmAndrew Dolgov
2018-11-30strip_harmful_tags: remove data- attributesAndrew Dolgov
2018-11-30remove expandable CDM headlinesAndrew Dolgov
2018-11-30use xhrPost is even more places!Andrew Dolgov
2018-11-30debug logging system rework:Andrew Dolgov
* support various logging levels per-message * remove hacks like debug_suppress, DAEMON_EXTENDED_DEBUG, etc * _debug() is kept as a compatibility shim for plugins
2018-10-16fix session write handler always assuming that database entry exists and ↵Andrew Dolgov
failing silently if it doesn't; remove session cookie-related hacks
2018-10-16login: check for stale session in login handler, instead of authenticate_user()Andrew Dolgov
2018-10-16another attempt to enforce session ID regeneration on loginAndrew Dolgov
2018-10-16properly save auth_module after logging inAndrew Dolgov
2018-10-15it was probably not the best idea to use session_regenerate_id() right after ↵Andrew Dolgov
session_start(), duh
2018-10-15force regenerate session id on successful login, remove previous blank SID checkAndrew Dolgov
2018-10-14logout user: commit destroyed sessionAndrew Dolgov
2018-09-071. per-feed option STRIP_IMAGES should now also affect other media tagsAndrew Dolgov
2. video/audio elements were not replaced with text links properly in low bandwidth mode
2018-08-23send_local_file: touch() sent files to reset their expiration cooldownAndrew Dolgov
2018-08-20rewrite_cached_urls: support video postersAndrew Dolgov
2018-08-20Revert "add (hidden) _NGINX_XACCEL_PREFIX which uses nginx X-Accel-Redirect ↵Andrew Dolgov
to serve static files faster" This reverts commit c5c3a0a2a8febaa2b1ebcae6c17ff4398a9da6c7.
2018-08-20split transparent rewriting of locally cached media URLs to execute after ↵Andrew Dolgov
both sanitize() and HOOK_RENDER_ARTICLE to allow plugins work on original source URLs consistently
2018-08-20add (hidden) _NGINX_XACCEL_PREFIX which uses nginx X-Accel-Redirect to serve ↵Andrew Dolgov
static files faster
2018-08-16send_local_file: add application/octet-stream hackAndrew Dolgov
cached_url: return original requested filename to save as
2018-06-20move JShrink Minifier to vendor/Andrew Dolgov
2018-05-25fetch_file_contents: allow setting http Accept headerAndrew Dolgov
2018-05-23increase buffersize to 16384 bytesAndrew Dolgov
(also some trailing whitespace got clipped)
2018-05-23increased CURLOPT_BUFFERSIZE from 128 to 256Alexander Yaburov
2018-05-20implement hard limits on downloaded data size for general fetching and cache ↵Andrew Dolgov
plugins: MAX_DOWNLOAD_FILE_SIZE & MAX_CACHE_FILE_SIZE
2018-04-14change filter rule regexp type to textfoobar
2018-02-27Allow abbr tag when sanitizing.JustAMacUser
2018-02-25fix previous wrt if-modified-since being added to context options headersAndrew Dolgov
2018-02-25Обновить 'include/functions.php'Metallizzer
The "Connection: close" header is added to the context_options
2018-02-12Merge branch 'master' of git.fakecake.org:tt-rssAndrew Dolgov
2018-02-11sanitize: disallow width and height attributes for imagesAndrew Dolgov
2018-02-11Merge branch 'save-effective-url' of JustAMacUser/tt-rss into masterfox
2018-02-11Have fetch_file_contents() save the effective URL.JustAMacUser
2018-02-11tag_is_valid: simplify codeAndrew Dolgov
2018-01-30include: convert some spaces to tabsAndrew Dolgov
2018-01-18undocumenting the proxy settings [see #36]martin scharm
in response to https://git.tt-rss.org/git/tt-rss/pulls/36#issuecomment-119
2018-01-17some proxies require `request_fulluri` set to true [see #36]martin scharm
at least polipo won't work for plain HTTP URLs (HTTPS strangely also works without `request_fulluri`..?) see https://git.tt-rss.org/git/tt-rss/pulls/36
2018-01-14Add proper support for proxiesmartin scharm
There are situations where you want tt-rss to use a proxy (e.g. because of network restrictions, or privacy concerns). tt-rss already comes with an undocumented `_CURL_HTTP_PROXY` variable (see eg https://binfalse.de/2015/05/06/ttrss-with-proxy/), however that won't have an effect when, for example, php-curl is not installed, see https://git.tt-rss.org/git/tt-rss/src/c30f5e18119d1935e8fe6d422053b127e8f4f1b3/include/functions.php#L377 In this case it would use the `file_get_contents` with a stream context without a proxy definition: https://git.tt-rss.org/git/tt-rss/src/c30f5e18119d1935e8fe6d422053b127e8f4f1b3/include/functions.php#L487 Here I propose to properly support proxies, and I introduced a `PROXY` variable, that is respected in both scenarios, with and without curl installed.
2017-12-30search_to_sql: quote fallback search languageAndrew Dolgov
2017-12-30Add missing quotes to array_map.JustAMacUser
2017-12-17force-cast some variables used in queries to integerAndrew Dolgov
do not display SQL query in headlines debug mode
2017-12-13sanitize: disable referrer via referrerpolicy for img elementsAndrew Dolgov
2017-12-06bool_to_sql_bool: for some reason PDO really likes integers for boolean columnsAndrew Dolgov
incidentally this fixes OPML filter import
2017-12-05remove mentions of deprecated.jsAndrew Dolgov
2017-12-03force strip_tags() on all user input unless explicitly allowedAndrew Dolgov
2017-12-03queryfeedheadlines: there's no need to quote order_by/override_orderAndrew Dolgov
else: feedicon cache busting etc
2017-12-03add defaultPasswordWarning nag dialogAndrew Dolgov
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 04:28:11 +0000