index
:
tt-rss.git
app-rootless
claro-throwback
dockerignore-test
dojo-module-define-test
exp-flavor-icon-cache
exp-flex-feedtree
exp-headline-flavor-images
exp-separate-handlers
jaeger-tracing
js-objects
js-strict-mode
json-viewfeed
jsonfeed-test-branch
lint-workflow
master
pdo-experimental
protected/dockerignore-test
protected/html2text
protected/kaniko
protected/opentelemetry
protected/phpunit-integration
protected/psr-4
protected/sanitizer-test
sanitizer-test
single-app-object
test
testing-php8.1
unify-method-naming
weblate-integration
wip-config-object
wip-hook-callbacks
wip-new-prefs
wip-no-prototype
wip-php8
wip-phpstan-level6
Web-based news feed aggregator
Linux User
summary
refs
log
tree
commit
diff
log msg
author
committer
range
path:
root
/
include
Age
Commit message (
Expand
)
Author
2021-02-08
sanity checks: use better CLI detection, shorten most of the text
wip-php8
Andrew Dolgov
2021-02-06
event log: add pagination
Andrew Dolgov
2021-02-06
_color_pack: define variable before using
Andrew Dolgov
2021-02-06
fix clean() for arrays and user plugin list
Andrew Dolgov
2021-02-06
more php8 fixes mostly related to login
Andrew Dolgov
2021-02-05
initial WIP for php8; bump php version requirement to 7.0
Andrew Dolgov
2021-01-07
feed editor: show purge interval correctly if FORCE_ARTICLE_PURGE is set
Andrew Dolgov
2020-12-20
update_rss_feed: fix BLACKLISTED_TAGS not working properly, simplify tag-rela...
Andrew Dolgov
2020-12-12
Make 'ttrss_error_handler' compatible w/ 8.
wn
2020-12-12
Don't do deprecated 'libxml_disable_entity_loader(true)' under PHP 8.
wn
2020-12-12
Switch to 'get_error_types()' to ensure availability in 'include/functions.php'.
wn
2020-12-12
Only do sanity checks for self URL if we can create a valid URL.
wn
2020-12-11
- move sphinx plugin to a separate repo
Andrew Dolgov
2020-11-30
add support for an override stylesheet which applies to all users
Andrew Dolgov
2020-10-01
enable Farsi locale in the UI
Andrew Dolgov
2020-09-30
add DAEMON_UNSUCCESSFUL_DAYS_LIMIT tunable (defaults to 30 days)
Andrew Dolgov
2020-09-30
set session.cookie_lifetime to 0 initially instead of a rather useless min()
Andrew Dolgov
2020-09-28
schema: add ttrss_feeds.last_successful_update
Andrew Dolgov
2020-09-23
move timestamp-related stuff to a separate class
Andrew Dolgov
2020-09-22
remove a lot of stuff from global context (functions.php), add a few helper c...
Andrew Dolgov
2020-09-21
clarify some URL validation-related error messages
Andrew Dolgov
2020-09-21
clarify some URL validation-related error messages
Andrew Dolgov
2020-09-21
update_rss_feed: log effective URL after fetching
Andrew Dolgov
2020-09-20
resolve_redirects: fix previous
Andrew Dolgov
2020-09-20
resolve_redirects: only use three argument version of get_headers() on php 7.1+
Andrew Dolgov
2020-09-18
add basic safe mode which doesn't load any user plugins
Andrew Dolgov
2020-09-17
validate_url: relax requirements for URLs, limit additional port/loopback fil...
Andrew Dolgov
2020-09-17
replace FALSE with false so that static analyzer shuts up about it
Andrew Dolgov
2020-09-17
rename gettext.inc to gettext.inc.php (cosmetic)
Andrew Dolgov
2020-09-17
fetch_file_contents: validate effective URL (after redirects) without CURL
Andrew Dolgov
2020-09-17
fetch_file_contents: validate effective URL (after redirects) if using CURL
Andrew Dolgov
2020-09-17
don't try to call hash_equals() on unset user token
Andrew Dolgov
2020-09-17
use hash_equals() correctly
Andrew Dolgov
2020-09-17
fix several cases of Db class being invoked as wrong name (as DB)
Andrew Dolgov
2020-09-17
replace some plain http links with https
Andrew Dolgov
2020-09-17
* use get_random_bytes() for CSRF token
Andrew Dolgov
2020-09-17
fix OTP QR code not displayed because of CSRF token passed as a query
Andrew Dolgov
2020-09-17
amend previous to 127/8 subnet
Andrew Dolgov
2020-09-17
fetch_file_contents: resolve requested hosts and check for possible
Andrew Dolgov
2020-09-16
build_url: also put query parameters and fragment in resulting URL
Andrew Dolgov
2020-09-16
cached_url: block SVG images because of potential javascript inside
Andrew Dolgov
2020-09-15
don't pass csrf token as a GET parameter to Article
Andrew Dolgov
2020-09-15
rewrite_relative_url: validate resulting absolutized URLs
Andrew Dolgov
2020-09-15
validate_url: only allow safe ports (80, 443), disallow access to loopback
Andrew Dolgov
2020-09-15
validate_url: add clean()
Andrew Dolgov
2020-09-15
rename base64_img() to image_to_base64()
Andrew Dolgov
2020-09-15
cached_url: perform mimetype validation before possible HOOK_SEND_LOCAL_FILE ...
Andrew Dolgov
2020-09-14
remove csrf token from rpc method sanityCheck
Andrew Dolgov
2020-09-14
- fix multiple vulnerabilities in af_proxy_http
Andrew Dolgov
2020-07-13
Update wiki and forums links in error message.
Rodney Stromlund
[next]