Andrew Dolgov
7874f6ac58
remove PHPMD.UnusedFormalParameter
4 years ago
Andrew Dolgov
51d2deeea9
fix hierarchy of authentication modules, make everything extend Auth_Base and implement hook_auth_user() for pluginhost
4 years ago
Andrew Dolgov
363b3629a4
rewrite a few more hooks
4 years ago
Andrew Dolgov
9de26d44da
af_psql_trgm: fix warning
4 years ago
Andrew Dolgov
d293cbd5a9
fix several warnings related to feed editor
4 years ago
Andrew Dolgov
c1ad7acfb9
bookmarklet: encode URL properly so special characters won't get lost
4 years ago
Andrew Dolgov
5849a39820
af_redditimgur: don't try to load empty html; fix a warning in update debugger
4 years ago
Andrew Dolgov
ce489a724b
fix a few more warnings
4 years ago
Andrew Dolgov
9fdeb58fd3
check a few more php8 warnings
4 years ago
Andrew Dolgov
6e774a58fe
more php8 fixes mostly related to login
4 years ago
Andrew Dolgov
403dca154c
initial WIP for php8; bump php version requirement to 7.0
4 years ago
Andrew Dolgov
6c546f37ba
af_redditimgur: handle youtube /embed/ URLs
4 years ago
Andrew Dolgov
b30b354b53
af_redditimgur: add some last minute handling for generic preview media URLs provided in JSON
4 years ago
Andrew Dolgov
0d1336bd29
af_redditimgur:
...
* draw a basic form for testurl() if no url is given
* only process specific JSON media files/child elements until something is found
* handle generic preview images for self posts (not link posts because
link is handled afterwards)
4 years ago
Andrew Dolgov
1ded706f8f
af_redditimgur: cleanup, rework to embed stuff from reddit-provided JSON first
4 years ago
Andrew Dolgov
41bde84a92
af_redditimgur: add basic support for reddit galleries
4 years ago
Andrew Dolgov
4e95591087
af_redditimgur: shorten href stuff
4 years ago
Andrew Dolgov
7a2ad08a7d
scored_oldest_first: update sort caption
4 years ago
Andrew Dolgov
c82457e534
add plugins/scored_oldest_first
4 years ago
Andrew Dolgov
6d4005f984
af_psql_trgm:
...
1. better debugging output
2. fix incorrect default values being used sometimes
3. remove special workaround for equal titles because trgm extension
seems to be working properly for those now (tested on postgres 11)
4. code cleanup
4 years ago
Andrew Dolgov
0868ff9d64
auth_remote: use empty() instead of isset() while checking headers
4 years ago
Andrew Dolgov
dc40f69511
fix auth_remote broken by previous commit
4 years ago
Andrew Dolgov
8a34084df1
auth_remote: rewrite header checking to be more readable
4 years ago
Andrew Dolgov
8764662138
af_redditimgur: also blacklist in-content links
4 years ago
Tony
564a24fd78
Add support for HTTP_REMOTE_USER variable for user authentication
4 years ago
Andrew Dolgov
9e62513095
af_redditimgur: also rewrite in the API handler
4 years ago
Andrew Dolgov
f25ea5355c
af_redditimgur: add option to rewrite reddit URLs to teddit.net
4 years ago
Andrew Dolgov
50d089ae59
redditimgur: blacklist github because it usually resolves to a huge profile photo of someone
4 years ago
wn
6f31372b37
Address param order deprecation warning for 'af_redditimgur'.
4 years ago
Andrew Dolgov
65254f5db4
- move sphinx plugin to a separate repo
...
- regenerate config checks without sphinx-related variables
4 years ago
Andrew Dolgov
43bd3394c3
shorten_expanded: remove loading=lazy from images if enabled
4 years ago
Andrew Dolgov
8479421da4
af_readability: allow appending to original summary instead of always
...
replacing it, some minor code cleanup
4 years ago
JustAMacUser
65b3926ae5
Ensure proxy_all setting is saved in database.
4 years ago
Andrew Dolgov
38a7a1da88
hide uninteresting errors in several DOMDocument->loadHTML() invocations
4 years ago
Andrew Dolgov
215f388992
move timestamp-related stuff to a separate class
4 years ago
Andrew Dolgov
74568df4ff
remove a lot of stuff from global context (functions.php), add a few helper classes instead
4 years ago
Andrew Dolgov
a4525d31b2
replace FALSE with false so that static analyzer shuts up about it
4 years ago
Andrew Dolgov
d8619b9a84
auth_internal: cast OTP code to integer before trying to check it
4 years ago
Andrew Dolgov
a817d3794d
* use get_random_bytes() for CSRF token
...
* get_random_bytes: use PHP7 random_bytes() if it is available
* validate CSRF token using hash_equals
4 years ago
Andrew Dolgov
0757ad0406
auth_internal: use type-strict comparison when checking OTP code
4 years ago
Andrew Dolgov
91e1542a82
af_proxy_http: require separate token to access imgproxy
4 years ago
Andrew Dolgov
79f102c25d
af_proxy_http: never print received data directly, always redirect to cached_url
...
cache/getUrl: basename() passed filename just in case
4 years ago
Andrew Dolgov
0758397dd8
af_redditimgur: don't add embedded blank gif image for rewritten videos
4 years ago
Andrew Dolgov
c3d14e1fa5
- fix multiple vulnerabilities in af_proxy_http
...
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
4 years ago
Andrew Dolgov
c352e872e9
core: pass found enclosures to HOOK_ARTICLE_FILTER
...
af_redditimgur: remove enclosures if we found something to embed because it's going to be a low-res thumbnail
4 years ago
Nathan Warner
f8d96543de
Created hotkeys_force_top plugin
...
Renamed swap_jk to match new naming scheme.
5 years ago
Andrew Dolgov
9ae9302b6b
implement keyboard-related changes discussed in https://community.tt-rss.org/t/changing-the-amount-of-scroll-by-arrow-key/3452/7
5 years ago
Andrew Dolgov
5e77d0062b
use intersection observer to unpack visible articles, remove Headlines.unpackVisible()
5 years ago
Andrew Dolgov
a802649d53
rename cdmScrollToId to cdmMoveToId
...
prevent smooth scrolling when going directly to an article
5 years ago
Andrew Dolgov
1f2a721905
allow overriding built-in templates via templates.local
5 years ago