banananetwork
/
tt-rss
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
release-2021-10-24-14-02
release-2021-07-11-16-25
release-2021-03-03-13-03
release-2021-02-25-17-30
release-2020-12-20-14-26
release-2020-12-16-16-18
release-2020-12-13-00-34
release-2020-11-13-13-25
release-2020-10-16-17-24
release-2020-10-12-13-17
release-2020-10-07-12-33
release-2020-10-03-11-50
release-2020-09-28-18-13
release-2020-09-25-13-32
release-2020-09-15-23-57
release-2020-08-22-13-43
release-2020-06-16-12-02
release-2020-05-23-22-08
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'c3d14e1fa5'
${ noResults }
tt-rss/include
History
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http 
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
 		5 years ago
..
autoload.php autoloader: check if class name is namespaced before trying to split it 8 years ago
colors.php php 7.4 deprecation-related fixes 6 years ago
controls.php implement automatic night mode detection using MQL 6 years ago
db-prefs.php remove some redundant php closing tags 9 years ago
db.php remove some redundant php closing tags 9 years ago
errorhandler.php remove some redundant php closing tags 9 years ago
functions.php - fix multiple vulnerabilities in af_proxy_http 5 years ago
login_form.php login form: add workarounds for chrome password manager 6 years ago
sanity_check.php Update wiki and forums links in error message. 6 years ago
sanity_config.php sanity config: fix typo 7 years ago
sessions.php remove version.php and VERSION global constant, do version-related things in a slightly less ridiculous way 6 years ago