Andrew Dolgov
70adfd4a74
* sanitize: never rewrite relative links to our own prefix
...
* use Config::get_self_url() instead of get_self_url_prefix() in a bunch
of places
4 years ago
Andrew Dolgov
211f699aa0
migrate the rest into Config::
4 years ago
Andrew Dolgov
e4107ac952
wip: initial for config object
4 years ago
Andrew Dolgov
053b262aa7
rename public.php/cached_url to cached
4 years ago
Andrew Dolgov
166f2d4666
diskcache: unify naming
4 years ago
Andrew Dolgov
3b52cea811
move some old-style handlers to new callback ones
4 years ago
Andrew Dolgov
c94f1b6ff8
fix some more warnings reported by phpstan
4 years ago
Andrew Dolgov
40f38fc87f
pluginhost: load plugin data automatically (also marks load_data method as private)
4 years ago
John Aylward
01c0d4bbfd
allow audio to be sent to client from the cache
4 years ago
Andrew Dolgov
38a7a1da88
hide uninteresting errors in several DOMDocument->loadHTML() invocations
4 years ago
Andrew Dolgov
74568df4ff
remove a lot of stuff from global context (functions.php), add a few helper classes instead
4 years ago
Andrew Dolgov
79f102c25d
af_proxy_http: never print received data directly, always redirect to cached_url
...
cache/getUrl: basename() passed filename just in case
4 years ago
Andrew Dolgov
c3d14e1fa5
- fix multiple vulnerabilities in af_proxy_http
...
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
4 years ago
Andrew Dolgov
6eb94f1e13
better support for image srcset attributes as discussed in https://community.tt-rss.org/t/problem-with-img-srcset/3519
5 years ago
Andrew Dolgov
c275a0cd33
DiskCache: append fake file extension when sending cached files based on mime type to make saving files easier
5 years ago
Andrew Dolgov
3a4b9249a9
DiskCache: properly deal with srcset attributes
5 years ago
lllusion3418
ec1b0befc7
add support for video[@src] in media cache
...
it's a valid alternative to a source[@src] child element:
https://developer.mozilla.org/en-US/docs/Web/HTML/Element/video
5 years ago
lllusion3418
b4287a2e98
fix url rewriting for videos with poster and src
...
if a poster attribute was present only that would have been rewritten
and the (arguably more important) src attribute would be left as-is
5 years ago
Andrew Dolgov
75ab1f05f9
DiskCache::rewriteUrls() - remove img[@srcset]
5 years ago
Andrew Dolgov
c34726b2b2
consistency: use DiskCache->exists() to check for present files
5 years ago
Andrew Dolgov
3c075bfd21
DiskCache: more strict checking for input filenames, getUrl() is no longer static
5 years ago
Andrew Dolgov
fdb6066bf6
* HOOK_ENCLOSURE_ENTRY: pass article_id to handler
...
* DiskCache: multiple fixes; support isWritable() for cache entries, set content-disposition for send()
* public/cached_url: allow selecting files from sub-caches other than images
* plugins/Cache_Starred_Images: rework to use DiskCache, can be enabled per-user, properly handles article enclosures, etc
5 years ago
Andrew Dolgov
bed695b127
DiskCache::expire: support .no-auto-expiry to prevent automatic cache maintenance
5 years ago
Andrew Dolgov
19b9b27662
expire_cached_files to DiskCache::expire()
5 years ago
Andrew Dolgov
133c2b482b
move rewrite_cached_urls to DiskCache::rewriteUrls()
5 years ago
Andrew Dolgov
b1dd38f880
add DiskCache.getUrl() and use it in a bunch of places
5 years ago
Andrew Dolgov
7602819b98
add DiskCache.send; switch af_zz_imgproxy to use DiskCache
5 years ago
Andrew Dolgov
82694bd6ce
add DiskCache.isWritable
5 years ago
Andrew Dolgov
86308b30ea
add classes/diskcache
5 years ago