Commit Graph

8784 Commits (c10a43069ec1e71b6608574a81fb29c76919e132)
 

Author SHA1 Message Date
Anders Kaseorg 88946d331a Replace all setTimeout strings with functions
This fixes a cross-site scripting vulnerability.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Andrew Dolgov 0047f2578f Merge branch 'lib-upgrades' into 'master'
Third-party library upgrades

* lib: Upgrade php-gettext from 1.0.11 to 1.0.12
* lib: Upgrade accept-to-gettext.php from 2003-08-14 to 2007-04-01
* lib: Upgrade JShrink from 0.5.1 to 1.1.0
* lib: Upgrade mobile-detect from svn r44 (2012-05-03) to 2.8.24 (2016-11-11)
* lib: Upgrade php-publisher from ??? to a5d6a0e (2016-11-15)
* lib: Upgrade php-subscriber from ??? to 1213f89 (2016-11-15)
* lib: Upgrade script.aculo.us from 1.8.3 to 1.9.0
* lib: Upgrade timezones.txt from 2010k/l/m/n/2011a to 2016j

See merge request !40
8 years ago
Andrew Dolgov 6be7fe00ae Merge branch 'prototype-1.7.3' into 'master'
lib: Upgrade Prototype from 1.7 to 1.7.3

Are you sure you want these as separate merge requests?  The rest of the upgrades are much less invasive than Dojo, with essentially no changes outside of `lib`.  I would of course leave them as separate commits in any case, but I had assumed they would be more convenient to test in one batch.

See merge request !39
8 years ago
Anders Kaseorg 566e8574fb lib: Upgrade timezones.txt from 2010k/l/m/n/2011a to 2016j
https://www.iana.org/time-zones

The local change adding Automatic was preserved; the local change
removing Zulu was not.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 4ad37eda21 lib: Upgrade script.aculo.us from 1.8.3 to 1.9.0
https://script.aculo.us/

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg becd215a75 lib: Upgrade php-subscriber from ??? to 1213f89 (2016-11-15)
https://github.com/pubsubhubbub/php-subscriber

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 5ddc3e274d lib: Upgrade php-publisher from ??? to a5d6a0e (2016-11-15)
https://github.com/pubsubhubbub/php-publisher

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg e0c232b8f1 lib: Upgrade mobile-detect from svn r44 (2012-05-03) to 2.8.24 (2016-11-11)
https://github.com/serbanghita/Mobile-Detect

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 22f5fdf810 lib: Upgrade JShrink from 0.5.1 to 1.1.0
https://github.com/tedivm/JShrink

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 8eaad18b8c lib: Upgrade accept-to-gettext.php from 2003-08-14 to 2007-04-01
http://grep.be/data/accept-to-gettext.inc

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 526096f06a lib: Upgrade php-gettext from 1.0.11 to 1.0.12
https://launchpad.net/php-gettext

The local change to rename the gettext_reader function to
__construct (commit 00b6b66827) has been
preserved.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Andrew Dolgov b80101ef2d addendum to the previous 8 years ago
Andrew Dolgov ee575027fd assorted CSS fixes related to Dojo upgrade 8 years ago
Andrew Dolgov 157944d424 set .loadingExpando height to a correct value 8 years ago
Anders Kaseorg e3cfa33ba9 lib: Upgrade Prototype from 1.7 to 1.7.3
http://prototypejs.org/

The local change from ‘on’ to ‘p_on’ for Dojo compatibility has been
preserved.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Andrew Dolgov 84012df5cd prefs: auto expand feed tree 8 years ago
Andrew Dolgov b7d63a58db fix loading indicator position/size for tree leafs 8 years ago
Andrew Dolgov 7fbc10c236 force-enable persist for feedTree 8 years ago
Andrew Dolgov e2e2479984 Merge branch 'dojo-1.12.1'
Conflicts:
	js/prefs.js
8 years ago
Andrew Dolgov ab235fc5f1 prefs: add updateSelectedPrompt shim called by toggleSelectedRow() 8 years ago
Andrew Dolgov 1c4f5e8390 add dependency on dojo/_base/html 8 years ago
Anders Kaseorg 6887a0f573 lib: Upgrade Dojo and Dijit from 1.8.3 to 1.12.1
The itemNode and expandoNode elements have changed from img to
span (https://bugs.dojotoolkit.org/ticket/16699), so we now put our
tree icons inside them rather than replacing them.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 9f539be3c2 Replace deprecated dojo.place with domConstruct.place
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Anders Kaseorg 6a11634c93 dojo: Build dojo/dom-construct
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
8 years ago
Andrew Dolgov c606bd5741 tweak the enclosure dropdown display a little bit for less-readable urls 8 years ago
Andrew Dolgov db92edd1aa update phpmailer 8 years ago
Andrew Dolgov f6bcb5c606 Merge branch 'subscribe-idn-feed' into 'master'
Subscribe to feed with Internationalized Domain Name

Currently you cannot subscribe to feeds on hosts with internationalized domain names (IDNA) within tt-rss. You need to manually convert them to punycode to subscribe to them.

This patch adds code to detect IDNA and convert them to punycode in fix_url() if possible on the system. This requires PHP IDN functions (e.g. on Debian Jessie this needs php5-intl to be installed), so a notice is added to the installer sanity check.

See merge request !37
8 years ago
Andrew Dolgov 6b06a609af headlines toolbar: move selection links into the dropdown 8 years ago
Andrew Dolgov 6293d3717c add toggle_sidebar plugin, remove obsolete toggle button
add PluginHost::HOOK_MAIN_TOOLBAR_BUTTON
8 years ago
Andrew Dolgov 4822485a74 hide selected_prompt on low width screens 8 years ago
Andrew Dolgov 17a8e61d2a deprecate encrypted feed passwords because mcrypt is getting removed from php 7.1
1. transparent decryption for existing installs stays for the time being
2. new passwords are not going to be encrypted even if FEED_CRYPT_KEY is defined
3. added update.php --decrypt-feeds to bulk decrypt existing encrypted passwords
4. updated install to not auto-generate crypt key
5. added warning to config.php-dist
8 years ago
Andrew Dolgov 370fe2bdcd Merge branch 'fclose-before-unlink-updater' into 'master'
If Windows, fclose() before unlink() in updater.php

Windows barks an error if you try to unlink() a file while the pointer is still open(); If running under Windows, fclose() the handle before the unlink();

See merge request !36
8 years ago
tsimmons 9973b13e19 Make sure we are running on Windows before fclose() to avoid race condition possible in Nix. 8 years ago
tsimmons 8231c039ed Close lockfile handle before trying to unlink during update. 8 years ago
Andrew Dolgov 8b8568e9a3 edit tags dialog: fix height 8 years ago
Andrew Dolgov 8de58e1798 mail plugin: i guess rows= on dijit text areas doesn't work now 8 years ago
Andrew Dolgov eee818c46a ttrssmailer: include phpmailer's smtp class 8 years ago
Bernhard Thaler 62958fe9dc convert to punycode for feed on idn hostname 8 years ago
Andrew Dolgov 832aa24943 update phpmailer (again) 8 years ago
Andrew Dolgov d518096b83 update phpmailer 8 years ago
Andrew Dolgov 73c4e7ddf2 edit tags dialog: enable overflow so that tag completion works properly 8 years ago
Andrew Dolgov 3d5d289077 set_basic_feed_info: fix typo 8 years ago
Andrew Dolgov bfe1eb4e52 rssfuncs: fix warning when trying to update nonexisting feed 8 years ago
Andrew Dolgov 12ff230bc2 maybe we shouldn't escape entry_author twice 8 years ago
Andrew Dolgov f04b12d8e7 category: swap context menu items 8 years ago
Andrew Dolgov e4071d2544 feedparser: fix syntax error 8 years ago
Andrew Dolgov acfee412a3 feed tree: add category context menu entry to un/collapse it 8 years ago
Andrew Dolgov 4a5490dc58 feedparser: fix normalize_encoding() not working properly for some encodings 8 years ago
Andrew Dolgov 3bba9c396f fetch_file_contents: set timeout when not using CURL 8 years ago
Andrew Dolgov e3dceca66b get_article_filters: add unicode modifier to preg_match() 8 years ago