Andrew Dolgov
093d463320
af_zz_imgproxy: truncate url in error png
8 years ago
Andrew Dolgov
bf6398650a
af_zz_imgproxy: show GD-based (if possible) error message on proxy failure
8 years ago
Andrew Dolgov
4a23031fcd
rewrite_relative_url: cleanup resulting url path while rewriting
8 years ago
Andrew Dolgov
ab39e213b3
af_zz_imgproxy: disable api render hook: pointless, because api clients won't have an authenticated cookie-based session
8 years ago
Andrew Dolgov
ff4f2b1e0c
af_zz_imgproxy: fix typo
8 years ago
Andrew Dolgov
454292b295
format_article_enclosures: allow embedding .jpeg files
8 years ago
Andrew Dolgov
046a0cc7c8
fix previous, again
8 years ago
Andrew Dolgov
bc83dcb381
af_zz_imgproxy: limit enclosure rewriting to images
8 years ago
Andrew Dolgov
676c7303ca
add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy (2)
8 years ago
Andrew Dolgov
58210301e0
add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy
8 years ago
Andrew Dolgov
3891782cf5
Merge branch 'fix-target-blank-vulnerability' into 'master'
...
Prevent target='_blank' vulnerability on dynamic link
This merge request refere to https://tt-rss.org/forum/viewtopic.php?f=8&t=4048
It fix the issue I enconter on some feeds I follow.
Just need to add "noopener" and "noreferrer" on "_blank" link to avoid the vulnerability.
See merge request !46
8 years ago
Jérémy DECOOL
ba2853caac
Prevent target='_blank' vulnerability on dynamic link
8 years ago
Andrew Dolgov
2187322cae
af_zz_imgproxy: redirect to caller url unless called in user context
8 years ago
Andrew Dolgov
4daaf23491
allow user plugins to expose public methods out in a limited fashion
8 years ago
Andrew Dolgov
fafd32e2dc
use get_self_url_prefix() when rewriting cached images
8 years ago
Andrew Dolgov
dc8bd8a640
add some print_checkbox/print_button calls; rename some plugin preference pane titles
8 years ago
Andrew Dolgov
51198e7e40
af_zz_imgproxy: urlencode() url parameter, DUH
8 years ago
Andrew Dolgov
328118d12e
use print_hidden() for hidden dojo form fields
8 years ago
Andrew Dolgov
8cf37284e7
af_zz_imgproxy: add optional setting to proxy all remote images
...
functions: add some form helper methods
8 years ago
Andrew Dolgov
38b3998bbc
af_zz_imgproxy: use inline disposition, misc updates
8 years ago
Andrew Dolgov
c93d43c617
update af_zz_imgproxy to plug into built-in image caching
8 years ago
Andrew Dolgov
7818bfde0b
sanitize: properly handle cached content in archived articles
8 years ago
Andrew Dolgov
c4ebf01e69
add af_zz_imgproxy (initial)
8 years ago
Andrew Dolgov
70c0a8c2e0
pass several image files used in notify messages to frontend as base64 to prevent broken error messages in case network connection is down. also, update some close buttons to show correct cursor.
8 years ago
Andrew Dolgov
3188e863b3
handle_rpc_json: fix netalert button never appearing on JSON parse error
8 years ago
Andrew Dolgov
829d478f1b
add some protection against opener attacks if external site is opened via window.open()
8 years ago
Andrew Dolgov
23c8ef7e36
parse_counters: skip subscribed-feeds id properly
8 years ago
Andrew Dolgov
9c7ebaa08c
cached_image: remove unnecessary basename()
8 years ago
Andrew Dolgov
6358d70d5e
reset local counter cache when feed count changes
8 years ago
Andrew Dolgov
5edd605ae1
image cache: do not try to cache data: schema urls; add caching of html5 video content (similar to cache_starred_images plugin)
8 years ago
Andrew Dolgov
0442cbb6c1
image cache: send files as content-disposition: attachment; add .png suffix to image urls
8 years ago
Andrew Dolgov
60e97d9e63
af_redditimgur: inline streamable.com videos
8 years ago
Andrew Dolgov
f45a1152bb
af_readability: force utf8 preamble on html document load. no idea why but it seems to work better even for not-unicode sites.
8 years ago
Andrew Dolgov
24c7e4132d
subscribe dialog: do not report errors via alert()
...
fetch_file_contents: reset all globals on start, return error message body when not using curl
subscribe_to_feed: report if cloudflare is in the error message
8 years ago
Andrew Dolgov
80fbc1fdc4
compact.css: remove version tag
8 years ago
Andrew Dolgov
181c8285dd
add compact theme with smaller font
8 years ago
Andrew Dolgov
22387de225
preferences: set themes dropdown to default if selected theme is missing
8 years ago
Andrew Dolgov
7d9aac9afa
remove default.css
8 years ago
Andrew Dolgov
e432b8fbe2
implement cache-busting for default theme.css
...
night theme: small fixes
8 years ago
Andrew Dolgov
7c04f8afeb
increase content font size by 1px
8 years ago
Andrew Dolgov
553ec3c351
pass article guid to hook_render_article
8 years ago
Andrew Dolgov
e304c1473b
Merge branch 'fix-sanitize-dfn' into 'master'
...
sanitize: allow <dfn> tag
### In brief
* Add `<dfn>` tag to allowed tags list
* `<dfn>` represents the defining instance of a term in HTML
* More [information about `<dfn>` on the w3school's website](http://www.w3schools.com/tags/tag_dfn.asp )
### Example
This stops article content such as...
```
Indian tea harvests are divided up by <dfn>flush</dfn>.
```
...from getting turned into...
```
Indian tea harvests are divided up by .
```
See merge request !45
8 years ago
Shane Synan
311cdb27f4
sanitize: allow dfn tag
...
Add <dfn> tag to allowed tags list. <dfn> represents the defining
instance of a term in HTML.
8 years ago
Andrew Dolgov
e3cdbd87bc
Merge branch 'more-af-comics' into 'master'
...
Support hyphens in GoComics URLs.
See merge request !44
8 years ago
JustAMacUser
051737e931
Support hyphens in GoComics URLs.
8 years ago
Andrew Dolgov
3b001e4330
support rel=noopener for links
8 years ago
Andrew Dolgov
e934d63e0c
fetch_file_contents: rework the way shim works to prevent intermittent warnings
8 years ago
Andrew Dolgov
67268b0017
sanitize: allow acronym tag
8 years ago
Andrew Dolgov
d2c3e846c4
add some vertical space to diijt menu items
8 years ago
Andrew Dolgov
cb3f877303
reference pubsubhubbub classes using their namespace
8 years ago