bf6398650a
af_zz_imgproxy: show GD-based (if possible) error message on proxy failure
7 years ago
4a23031fcd
rewrite_relative_url: cleanup resulting url path while rewriting
7 years ago
ab39e213b3
af_zz_imgproxy: disable api render hook: pointless, because api clients won't have an authenticated cookie-based session
7 years ago
ff4f2b1e0c
af_zz_imgproxy: fix typo
7 years ago
454292b295
format_article_enclosures: allow embedding .jpeg files
7 years ago
046a0cc7c8
fix previous, again
7 years ago
bc83dcb381
af_zz_imgproxy: limit enclosure rewriting to images
7 years ago
676c7303ca
add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy (2)
7 years ago
58210301e0
add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy
7 years ago
3891782cf5
Merge branch 'fix-target-blank-vulnerability' into 'master'
...
Prevent target='_blank' vulnerability on dynamic link
This merge request refere to https://tt-rss.org/forum/viewtopic.php?f=8&t=4048
It fix the issue I enconter on some feeds I follow.
Just need to add "noopener" and "noreferrer" on "_blank" link to avoid the vulnerability.
See merge request !46
7 years ago
ba2853caac
Prevent target='_blank' vulnerability on dynamic link
7 years ago
2187322cae
af_zz_imgproxy: redirect to caller url unless called in user context
7 years ago
4daaf23491
allow user plugins to expose public methods out in a limited fashion
7 years ago
fafd32e2dc
use get_self_url_prefix() when rewriting cached images
7 years ago
dc8bd8a640
add some print_checkbox/print_button calls; rename some plugin preference pane titles
7 years ago
51198e7e40
af_zz_imgproxy: urlencode() url parameter, DUH
7 years ago
328118d12e
use print_hidden() for hidden dojo form fields
7 years ago
8cf37284e7
af_zz_imgproxy: add optional setting to proxy all remote images
...
functions: add some form helper methods
7 years ago
38b3998bbc
af_zz_imgproxy: use inline disposition, misc updates
7 years ago
c93d43c617
update af_zz_imgproxy to plug into built-in image caching
7 years ago
7818bfde0b
sanitize: properly handle cached content in archived articles
7 years ago
c4ebf01e69
add af_zz_imgproxy (initial)
7 years ago
70c0a8c2e0
pass several image files used in notify messages to frontend as base64 to prevent broken error messages in case network connection is down. also, update some close buttons to show correct cursor.
8 years ago
3188e863b3
handle_rpc_json: fix netalert button never appearing on JSON parse error
8 years ago
829d478f1b
add some protection against opener attacks if external site is opened via window.open()
8 years ago
23c8ef7e36
parse_counters: skip subscribed-feeds id properly
8 years ago
9c7ebaa08c
cached_image: remove unnecessary basename()
8 years ago
6358d70d5e
reset local counter cache when feed count changes
8 years ago
5edd605ae1
image cache: do not try to cache data: schema urls; add caching of html5 video content (similar to cache_starred_images plugin)
8 years ago
0442cbb6c1
image cache: send files as content-disposition: attachment; add .png suffix to image urls
8 years ago
60e97d9e63
af_redditimgur: inline streamable.com videos
8 years ago
f45a1152bb
af_readability: force utf8 preamble on html document load. no idea why but it seems to work better even for not-unicode sites.
8 years ago
24c7e4132d
subscribe dialog: do not report errors via alert()
...
fetch_file_contents: reset all globals on start, return error message body when not using curl
subscribe_to_feed: report if cloudflare is in the error message
8 years ago
80fbc1fdc4
compact.css: remove version tag
8 years ago
181c8285dd
add compact theme with smaller font
8 years ago
22387de225
preferences: set themes dropdown to default if selected theme is missing
8 years ago
7d9aac9afa
remove default.css
8 years ago
e432b8fbe2
implement cache-busting for default theme.css
...
night theme: small fixes
8 years ago
7c04f8afeb
increase content font size by 1px
8 years ago
553ec3c351
pass article guid to hook_render_article
8 years ago
e304c1473b
Merge branch 'fix-sanitize-dfn' into 'master'
...
sanitize: allow <dfn> tag
### In brief
* Add `<dfn>` tag to allowed tags list
* `<dfn>` represents the defining instance of a term in HTML
* More [information about `<dfn>` on the w3school's website](http://www.w3schools.com/tags/tag_dfn.asp )
### Example
This stops article content such as...
```
Indian tea harvests are divided up by <dfn>flush</dfn>.
```
...from getting turned into...
```
Indian tea harvests are divided up by .
```
See merge request !45
8 years ago
311cdb27f4
sanitize: allow dfn tag
...
Add <dfn> tag to allowed tags list. <dfn> represents the defining
instance of a term in HTML.
8 years ago
e3cdbd87bc
Merge branch 'more-af-comics' into 'master'
...
Support hyphens in GoComics URLs.
See merge request !44
8 years ago
051737e931
Support hyphens in GoComics URLs.
8 years ago
3b001e4330
support rel=noopener for links
8 years ago
e934d63e0c
fetch_file_contents: rework the way shim works to prevent intermittent warnings
8 years ago
67268b0017
sanitize: allow acronym tag
8 years ago
d2c3e846c4
add some vertical space to diijt menu items
8 years ago
cb3f877303
reference pubsubhubbub classes using their namespace
8 years ago
141df0c4cf
Merge branch 'af-comics-ui' into 'master'
...
Added feed URL instructions for GoComics.
GoComics feed URL syntax now included on existing Prefs page for af_comics plugin.
See merge request !43
8 years ago
Andrew Dolgov