banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
10,047 Commits
1 Branch
18 Tags
108 MiB
master
release-2021-10-24-14-02
release-2021-07-11-16-25
release-2021-03-03-13-03
release-2021-02-25-17-30
release-2020-12-20-14-26
release-2020-12-16-16-18
release-2020-12-13-00-34
release-2020-11-13-13-25
release-2020-10-16-17-24
release-2020-10-12-13-17
release-2020-10-07-12-33
release-2020-10-03-11-50
release-2020-09-28-18-13
release-2020-09-25-13-32
release-2020-09-15-23-57
release-2020-08-22-13-43
release-2020-06-16-12-02
release-2020-05-23-22-08
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '476be67ff9'
${ noResults }
Commit Graph

1630 Commits (476be67ff9e9d0b38487ea6e6ccea393a67837de)

Author SHA1 Message Date
Andrew Dolgov 15e8ee3471 housekeeping: add task to cleanup orphan feed icons 4 years ago
Andrew Dolgov 82bc740363 Logger::log - allow specifying errno 
bump severity of PDO exception log messages to E_USER_WARNING
 4 years ago
Andrew Dolgov 3b17c45887 exclude E_USER_NOTICE from recent events icon 4 years ago
Andrew Dolgov 23d20847a3 update_rss_feed: fallback to previous method if passthru() is not available 4 years ago
Andrew Dolgov c70e26db31 validate url: feed urlencoded() URL to filter_var() only 4 years ago
Andrew Dolgov 7c8bed0524 accept -1 as a valid exit code for per-feed update processes 4 years ago
Andrew Dolgov 335dcd3bf9 don't mention last_updated in non-zero failure error message because that's not what it means 4 years ago
Andrew Dolgov 3534b8dfa7 improve logging for per-feed update task failures 4 years ago
Andrew Dolgov 74cd60d7cc update_rss_feed: don't return as if failed on http 304 4 years ago
Andrew Dolgov d4d0e976dc update-feed: exit with non-zero exit code if update_rss_feed() failed 
daemon: log if per-feed update task terminated with non-zero exit code
 4 years ago
Andrew Dolgov 0761533d0a lock per-feed update processes based on feed ID to reduce possibilty 
of concurrent updates
 4 years ago
Andrew Dolgov 528b387563 update individual feed in a separate process to prevent PHP fatal errors 
(for example, OOM) from stopping the entire batch
this should also slightly increase memory budget for update processes
 4 years ago
Andrew Dolgov e993d4feb2 Merge branch 'master' of git.fakecake.org:tt-rss 4 years ago
Andrew Dolgov 71e9f70b8a search_to_sql: use per-user default language instead of hardcoded english if isn't specified explicitly 4 years ago
Andrew Dolgov d0ed7890df prev: add missing class 4 years ago
Andrew Dolgov 215f388992 move timestamp-related stuff to a separate class 4 years ago
Andrew Dolgov 05744bb474 fix updater never scheduling feeds for update if they never been updated before while having default update interval set 4 years ago
Andrew Dolgov 8fb2baecdc another hack for validation of URLs with invalid characters 4 years ago
Andrew Dolgov a897c4165b validate URLs: convert IDN to punycode before passing URL to filter_var() 4 years ago
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 4 years ago
Andrew Dolgov b5710baf34 - don't fail on non-ascii characters when validating URLs 
- fix IDN hostnames not being converted properly
 4 years ago
Andrew Dolgov ab6aa0ad3e fix previous re: resolve_redirects 4 years ago
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 4 years ago
Andrew Dolgov 3dd4169b5f clarify some URL validation-related error messages 4 years ago
Andrew Dolgov 4785f21316 update_rss_feed: log effective URL after fetching 
validate_url: treat scheme as case-insensitive
 4 years ago
Andrew Dolgov 05ef9aac2f update URL pointing to version.json 4 years ago
Andrew Dolgov 03a337a660 add basic safe mode which doesn't load any user plugins 4 years ago
Andrew Dolgov a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 4 years ago
Andrew Dolgov afa0023c51 don't try to update manually disabled feeds even if they haven't been updated before or are marked for a manual update 4 years ago
Andrew Dolgov 37f41a5246 forgotpass: use type strict comparison for reset token 4 years ago
Andrew Dolgov e3adacc588 fix several cases of Db class being invoked as wrong name (as DB) 4 years ago
Andrew Dolgov 89d53a7f49 fix typo in previous 4 years ago
Andrew Dolgov 1f79d614c4 fix OTP QR code not displayed because of CSRF token passed as a query 
parameter
use type-strict comparison when validating CSRF token on the backend
 4 years ago
Andrew Dolgov 9d3c794983 subscribe: allow pre-filling feed URL if passed via query string 4 years ago
Andrew Dolgov 33fdde249e pass CSRF token to opml import and feed icon replace dialogs 4 years ago
Andrew Dolgov 42b5564d1e editarticletags: load dialog via XHR 4 years ago
Andrew Dolgov 0706a328a4 handler: default base csrf_ignore() to false 4 years ago
Andrew Dolgov 0a142912d3 backend handler: require CSRF, remove obsolete code 4 years ago
Andrew Dolgov 154417d80b public/logout: require valid CSRF token 4 years ago
Andrew Dolgov cbcb10a272 Feeds: load quickaddfeed and search dialogs via XHR w/ CSRF protection 4 years ago
Andrew Dolgov 8080c525fd - backend: require CSRF token to be passed via POST 
- do not leak CSRF token via GET request in feed debugger
- rework Article/redirect to use POST
 4 years ago
Andrew Dolgov e670ac2ee5 require CSRF token for Article/redirect 4 years ago
Andrew Dolgov 7e50c6c4b5 - enable CSRF support earlier 
- remove rpc/sanityCheck from CSRF-excluded calls
 4 years ago
Andrew Dolgov 79f102c25d af_proxy_http: never print received data directly, always redirect to cached_url 
cache/getUrl: basename() passed filename just in case
 4 years ago
Andrew Dolgov 4a074111b5 user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean()) 4 years ago
Andrew Dolgov da98ba662e public/subscribe: require valid CSRF token when validating the form 4 years ago
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http 
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
 4 years ago
Andrew Dolgov a922b3cc6d order_to_override_query: allow HOOK_HEADLINES_CUSTOM_SORT_OVERRIDE plugins to override built-in sorting 4 years ago
Andrew Dolgov 67f02e2aa7 properly return counters for labels with zero assigned articles 
refs https://community.tt-rss.org/t/label-counter-doesnt-update-when-count-goes-down-to-zero/3766
 4 years ago
Rodney Stromlund 88ced02622 Silence php 7.2 error message generated in `session_set_cookie_params`. 4 years ago