Commit Graph

100 Commits (f72e6947d5048c4af5fcfc7bb8da64435bd6246a)

Author SHA1 Message Date
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
4 years ago
Andrew Dolgov ddf9227dc4 pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc 4 years ago
Andrew Dolgov 6573541873 * add HOOK_ENCLOSURE_IMPORTED
* pass feed id to HOOK_FEED_PARSED
5 years ago
Andrew Dolgov 208e02c47d PluginHost/save_data: use separate PDO connection to prevent issues with nested transactions 5 years ago
Andrew Dolgov d15f0349bf remove hardcoded iframe domain whitelist, make iframe script whitelisting configurable by plugins (HOOK_IFRAME_WHITELISTED) 5 years ago
jc 8fd11fd53a Add const HOOK_FEED_TREE 5 years ago
jc a243979aaf Add const HOOK_FEED_TREE 5 years ago
Andrew Dolgov 3e4701116d af_readability: add missing file 5 years ago
Andrew Dolgov 865c54abcb fix get_method_url() to use correct method parameter 5 years ago
Andrew Dolgov 10c63ed582 pluginhost: add helper methods to get private/public pluginmethod endpoint URLs 5 years ago
Andrew Dolgov 7f8946f14e pluginhost: implement priority-based system for running hooks 5 years ago
Andrew Dolgov 9d852e052c add HOOK_ARTICLE_IMAGE for Article::get_article_image() 5 years ago
Andrew Dolgov fdb6066bf6 * HOOK_ENCLOSURE_ENTRY: pass article_id to handler
* DiskCache: multiple fixes; support isWritable() for cache entries, set content-disposition for send()
* public/cached_url: allow selecting files from sub-caches other than images
* plugins/Cache_Starred_Images: rework to use DiskCache, can be enabled per-user, properly handles article enclosures, etc
5 years ago
Andrew Dolgov 6955b2e02d plugins: add HOOK_GET_FULL_TEXT which may be used to provide full text extraction to core code and other plugins, instead of trying to invoke af_readability specifically 6 years ago
Andrew Dolgov 614a4b3b4a pluginhost: remove plugin gettext helpers (moved to plugin base class) 6 years ago
Andrew Dolgov c1175070a2 add P_sprintf 6 years ago
Andrew Dolgov 72fcc81919 support per-plugin locale directories 6 years ago
Andrew Dolgov 95f63e121a note that HOOK_FORMAT_ARTICLE_CDM is dead for now 6 years ago
Andrew Dolgov a01c33d654 add HOOK_FILTER_TRIGGERED (for filter debugging) 6 years ago
Andrew Dolgov c10a43069e debug logging system rework:
* support various logging levels per-message
 * remove hacks like debug_suppress, DAEMON_EXTENDED_DEBUG, etc
 * _debug() is kept as a compatibility shim for plugins
6 years ago
Andrew Dolgov 57932e1837 remove PHPMailer and related directives from config.php-dist; add pluggable Mailer class 6 years ago
Andrew Dolgov 3a0292303e php: remove trailing whitespaces 6 years ago
Andrew Dolgov 32c0c07cc1 pluginhost: implement basic autoloader for classes bundled with plugins (uses vendor/ layout) 6 years ago
Andrew Dolgov 6fb5f17be6 pluginhost: always return an array in get_all() 7 years ago
Andrew Dolgov f70d456a5b Merge branch 'master' of git.tt-rss.org:git/tt-rss into pdo-experimental 7 years ago
Andrew Dolgov 7c6f7bb0aa fix some minor issues found by code analyzer 7 years ago
Andrew Dolgov df5d2a0665 pluginhost: do not connect via legacy DB api until requested
log all initiated legacy database connections
7 years ago
Andrew Dolgov f8108cc28d pluginhost: save_data() fixes 7 years ago
Andrew Dolgov 8af94f1292 pluginhost: use PDO 7 years ago
dim0x69 5395526444 add HOOK_UNSUBSCRIBE_FEED 7 years ago
Andrew Dolgov 8b73bd28d8 remove apache-specific x-sendfile stuff
implement a hook (HOOK_SEND_LOCAL_FILE) which plugins may use to send files
via httpd-specific implementation to increase performance typically on larger files
7 years ago
wn_ bec5ba93e2 Add 'HOOK_FEED_BASIC_INFO' to enable plugins to provide basic feed info.
It's expected the plugin will return content parsable by FeedParser, which
will act as an interface to the basic feed info.  In the case of a plugin
that also uses 'HOOK_FETCH_FEED', both might return the same content.

The hook signature was made somewhat similar to 'HOOK_FETCH_FEED'.
7 years ago
Andrew Dolgov e50a647916 add HOOK_FORMAT_ARTICLE & HOOK_FORMAT_ARTICLE_CDM
Feeds::format_headlines_list: add some comments for cdm article closing tags
8 years ago
Andrew Dolgov ea79a0e033 remove some redundant php closing tags 8 years ago
Andrew Dolgov 7b55001eee fix various issues reported by static analysis
update gitlab-ci config
8 years ago
Andrew Dolgov 58210301e0 add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy 8 years ago
Andrew Dolgov 6293d3717c add toggle_sidebar plugin, remove obsolete toggle button
add PluginHost::HOOK_MAIN_TOOLBAR_BUTTON
8 years ago
Andrew Dolgov 399678a14e add PluginHost.HOOK_ARTICLE_EXPORT_FEED 9 years ago
Andrew Dolgov 583f163f40 don't init plugins when loading everything to make a list, duh 9 years ago
Andrew Dolgov b87744534a add plugin-based filter actions (see example plugin in attic)
bump schema
9 years ago
Andrew Dolgov 5914f31981 pluginhost: mention that update task & housekeeping hooks are for global plugins only 10 years ago
Andrew Dolgov ca5d39e866 pluginhost: assume plugins.local exists 10 years ago
Andrew Dolgov 7c0a2ab202 pluginhost: allow loading user plugins from plugins.local 10 years ago
Andrew Dolgov 945346cbff add HOOK_RENDER_ENCLOSURE & af_youtube_embed plugin 10 years ago
Andrew Dolgov 7eb87b80d5 add pluginhost HOOK_HEADLINES_BEFORE (refs #814) 10 years ago
wltb 01465325b4 Add subscribe hook, give more information to fetch_feed hook 11 years ago
Dave Zaikos 2bb11658a8 Added HOOK_FORMAT_ENCLOSURES plugin hook.
Runs HTML and enclosures array through a plugin hook when rendering an article's enclosures in format_article_enclosures(). Allows plugins to override handling of how enclosures are presented by either filtering the array of enclosures, or generating the HTML to add to the article content.
11 years ago
Rob Hoelz baaf4c3043 Make search mechanism pluggable
Currently, TinyTinyRSS can use raw SQL or the Sphinx search engine
for searching.  It would be nice if other search engines (such as
Xapian) could be used, or if features of the underlying SQL engine
(such as MySQL's FULLTEXT indexes) could be leveraged.  This commit
makes searching into a plugin hook, falling back to the builtin behavior
if no search plugin is active.  The Sphinx search behavior has been
broken out into a plugin.
11 years ago
Andrew Dolgov 84e36b61a3 make_init_params: add plugins 11 years ago
Dave Zaikos a96bb3d88a Fixed a bug in PluginHost::del_hook() where the parameters passed to array_search() were in the incorrect order. 11 years ago