summaryrefslogtreecommitdiff
path: root/plugins
AgeCommit message (Collapse)Author
2020-09-17replace FALSE with false so that static analyzer shuts up about itAndrew Dolgov
2020-09-17auth_internal: cast OTP code to integer before trying to check itAndrew Dolgov
2020-09-17* use get_random_bytes() for CSRF tokenAndrew Dolgov
* get_random_bytes: use PHP7 random_bytes() if it is available * validate CSRF token using hash_equals
2020-09-17auth_internal: use type-strict comparison when checking OTP codeAndrew Dolgov
2020-09-15af_proxy_http: require separate token to access imgproxyAndrew Dolgov
2020-09-15af_proxy_http: never print received data directly, always redirect to cached_urlAndrew Dolgov
cache/getUrl: basename() passed filename just in case
2020-09-15af_redditimgur: don't add embedded blank gif image for rewritten videosAndrew Dolgov
2020-09-14- fix multiple vulnerabilities in af_proxy_httpAndrew Dolgov
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions
2020-06-24core: pass found enclosures to HOOK_ARTICLE_FILTERAndrew Dolgov
af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
2020-05-30Created hotkeys_force_top pluginNathan Warner
Renamed swap_jk to match new naming scheme.
2020-05-17implement keyboard-related changes discussed in ↵Andrew Dolgov
https://community.tt-rss.org/t/changing-the-amount-of-scroll-by-arrow-key/3452/7
2020-05-13use intersection observer to unpack visible articles, remove ↵Andrew Dolgov
Headlines.unpackVisible()
2020-05-09rename cdmScrollToId to cdmMoveToIdAndrew Dolgov
prevent smooth scrolling when going directly to an article
2020-03-13allow overriding built-in templates via templates.localAndrew Dolgov
2020-02-28af_readability: allow get full text button to work as a toggle; in cdm, ↵Andrew Dolgov
scroll to article after embedding
2020-02-27af_comics: split contents of subscribe/basic_info/fetch hooks into ↵Andrew Dolgov
appropriate per-comic filters
2020-02-27af_comics: mention that Far Side needs cached mediaAndrew Dolgov
2020-02-27af_comics: escape all template urlsAndrew Dolgov
2020-02-27use canonical fetch url for Far SideAndrew Dolgov
2020-02-27remove unnecessary debugging from previousAndrew Dolgov
2020-02-27af_comics: add experimental support for The Far SideAndrew Dolgov
2020-02-27af_readability: sanitize content requested for embeddingAndrew Dolgov
2020-02-27fix plugins/note javascript part broken by previous changesetAndrew Dolgov
2020-02-27af_readability: add article button to embed content of a specific articleAndrew Dolgov
2020-02-22don't generate default.css, replace with themes/light.css as a default root ↵Andrew Dolgov
CSS file
2020-01-04Also match images with query string (size, tokens, etc).koffieanon
2020-01-04Spaces to tabs for consistency.koffieanon
2020-01-04Fix bug processing found due to operator precedence.koffieanon
2019-12-18remove version.php and VERSION global constant, do version-related things in ↵Andrew Dolgov
a slightly less ridiculous way
2019-11-27Af_Youtube_Embed: whitelist youtube iframes if enabledAndrew Dolgov
2019-11-18af_comics: support buni webtoon episodesAndrew Dolgov
2019-11-032fa: check TOTP based on previous secret values (oops of the year, 2019)Andrew Dolgov
2019-11-01auth_internal: fix indentsAndrew Dolgov
2019-11-01implement app password checking / management UIAndrew Dolgov
2019-11-01add placeholder authentication via app passwords if service is passedAndrew Dolgov
forbid logins via regular passwords for services remove AUTH_DISABLE_OTP
2019-11-01auth_internal: fix OTP seed checkingAndrew Dolgov
2019-10-09add notifications for mail and password changesAndrew Dolgov
update and shorten some other message templates
2019-10-06af_comics: Use a fixed time of day when generating fake feed for GoComics. ↵JustAMacUser
Without this the timestamp is always updated to be the time the feed is fetched, which causes the comics to keep moving to the top/bottom of the article list depending on the sort order. (Using 11:00 a.m. UTC as that should keep the date the same across the majority of time zones.) Try to get the actual title for GoComics comics. Also a little code clean up.
2019-09-13 Fix error "mb_convert_encoding(): Illegal character encoding specified"Aleksandr Beliaev
modified: plugins/af_readability/init.php
2019-08-21af_readability: require php 7.0Andrew Dolgov
2019-08-16af_readability: add missing fileAndrew Dolgov
2019-08-15pluginhost: add helper methods to get private/public pluginmethod endpoint URLsAndrew Dolgov
2019-08-15fix several leftover mentions of old (renamed) class name, duhAndrew Dolgov
2019-08-15af_zz_imgproxy: rename to af_proxy_http, use priority hook loaderAndrew Dolgov
2019-08-14consistency: use DiskCache->exists() to check for present filesAndrew Dolgov
2019-08-14retire MIN_CACHE_FILE_SIZEAndrew Dolgov
2019-08-14af_zz_imgproxy: redirect to cached_url (3!!)Andrew Dolgov
2019-08-14af_zz_imgproxy: redirect to cached_url if cache already exists so that urls ↵Andrew Dolgov
are a bit shorter (2)
2019-08-14af_zz_imgproxy: redirect to cached_url if cache already exists so that urls ↵Andrew Dolgov
are a bit shorter
2019-08-14DiskCache: more strict checking for input filenames, getUrl() is no longer ↵Andrew Dolgov
static
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 18:00:06 +0000