tt-rss.git - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2021-01-07	auth_remote: use empty() instead of isset() while checking headers	Andrew Dolgov

2021-01-05	fix auth_remote broken by previous commit	Andrew Dolgov

2021-01-05	auth_remote: rewrite header checking to be more readable	Andrew Dolgov

2021-01-03	af_redditimgur: also blacklist in-content links	Andrew Dolgov

2020-12-21	Add support for HTTP_REMOTE_USER variable for user authentication	Tony

2020-12-20	af_redditimgur: also rewrite in the API handler	Andrew Dolgov

2020-12-20	af_redditimgur: add option to rewrite reddit URLs to teddit.net	Andrew Dolgov

2020-12-18	redditimgur: blacklist github because it usually resolves to a huge profile ↵	Andrew Dolgov
	photo of someone
2020-12-12	Address param order deprecation warning for 'af_redditimgur'.	wn

2020-12-11	- move sphinx plugin to a separate repo	Andrew Dolgov
	- regenerate config checks without sphinx-related variables
2020-12-11	shorten_expanded: remove loading=lazy from images if enabled	Andrew Dolgov

2020-11-26	af_readability: allow appending to original summary instead of always	Andrew Dolgov
	replacing it, some minor code cleanup
2020-10-11	Ensure proxy_all setting is saved in database.	JustAMacUser

2020-10-01	hide uninteresting errors in several DOMDocument->loadHTML() invocations	Andrew Dolgov

2020-09-23	move timestamp-related stuff to a separate class	Andrew Dolgov

2020-09-22	remove a lot of stuff from global context (functions.php), add a few helper ↵	Andrew Dolgov
	classes instead
2020-09-17	replace FALSE with false so that static analyzer shuts up about it	Andrew Dolgov

2020-09-17	auth_internal: cast OTP code to integer before trying to check it	Andrew Dolgov

2020-09-17	* use get_random_bytes() for CSRF token	Andrew Dolgov
	* get_random_bytes: use PHP7 random_bytes() if it is available * validate CSRF token using hash_equals
2020-09-17	auth_internal: use type-strict comparison when checking OTP code	Andrew Dolgov

2020-09-15	af_proxy_http: require separate token to access imgproxy	Andrew Dolgov

2020-09-15	af_proxy_http: never print received data directly, always redirect to cached_url	Andrew Dolgov
	cache/getUrl: basename() passed filename just in case
2020-09-15	af_redditimgur: don't add embedded blank gif image for rewritten videos	Andrew Dolgov

2020-09-14	- fix multiple vulnerabilities in af_proxy_http	Andrew Dolgov
	- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions
2020-06-24	core: pass found enclosures to HOOK_ARTICLE_FILTER	Andrew Dolgov
	af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
2020-05-30	Created hotkeys_force_top plugin	Nathan Warner
	Renamed swap_jk to match new naming scheme.
2020-05-17	implement keyboard-related changes discussed in ↵	Andrew Dolgov
	https://community.tt-rss.org/t/changing-the-amount-of-scroll-by-arrow-key/3452/7
2020-05-13	use intersection observer to unpack visible articles, remove ↵	Andrew Dolgov
	Headlines.unpackVisible()
2020-05-09	rename cdmScrollToId to cdmMoveToId	Andrew Dolgov
	prevent smooth scrolling when going directly to an article
2020-03-13	allow overriding built-in templates via templates.local	Andrew Dolgov

2020-02-28	af_readability: allow get full text button to work as a toggle; in cdm, ↵	Andrew Dolgov
	scroll to article after embedding
2020-02-27	af_comics: split contents of subscribe/basic_info/fetch hooks into ↵	Andrew Dolgov
	appropriate per-comic filters
2020-02-27	af_comics: mention that Far Side needs cached media	Andrew Dolgov

2020-02-27	af_comics: escape all template urls	Andrew Dolgov

2020-02-27	use canonical fetch url for Far Side	Andrew Dolgov

2020-02-27	remove unnecessary debugging from previous	Andrew Dolgov

2020-02-27	af_comics: add experimental support for The Far Side	Andrew Dolgov

2020-02-27	af_readability: sanitize content requested for embedding	Andrew Dolgov

2020-02-27	fix plugins/note javascript part broken by previous changeset	Andrew Dolgov

2020-02-27	af_readability: add article button to embed content of a specific article	Andrew Dolgov

2020-02-22	don't generate default.css, replace with themes/light.css as a default root ↵	Andrew Dolgov
	CSS file
2020-01-04	Also match images with query string (size, tokens, etc).	koffieanon

2020-01-04	Spaces to tabs for consistency.	koffieanon

2020-01-04	Fix bug processing found due to operator precedence.	koffieanon

2019-12-18	remove version.php and VERSION global constant, do version-related things in ↵	Andrew Dolgov
	a slightly less ridiculous way
2019-11-27	Af_Youtube_Embed: whitelist youtube iframes if enabled	Andrew Dolgov

2019-11-18	af_comics: support buni webtoon episodes	Andrew Dolgov

2019-11-03	2fa: check TOTP based on previous secret values (oops of the year, 2019)	Andrew Dolgov

2019-11-01	auth_internal: fix indents	Andrew Dolgov

2019-11-01	implement app password checking / management UI	Andrew Dolgov