| Commit message (Collapse) | Author | Age | Files | Lines |
|\
| |
| | |
Fix delete button in editlink
|
| |
| |
| |
| | |
This one was forgotten in #682
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/pull/731
Added:
- require the presence of the 'Authorization' header
Changed:
- use the HTTP Bearer Token authorization schema
See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| | |
| | | |
Move user.css to data folder
|
|/ / |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Added:
- AUTHORS file listing Shaarli contributors
- mailmap information to group a Git author's different aliases
- Makefile target to list contributors from Git commit data
Changed:
- Simplify COPYING by using a single "Shaarli Community" entry
- Bump year to 2017
See:
- man git-shortlog
- https://www.kernel.org/pub/software/scm/git/docs/git-shortlog.html#_mapping_authors
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Theme manager: improvements
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Closes https://github.com/shaarli/Shaarli/issues/668
Changed:
- let nginx rewrite API URLs
See:
- https://www.slimframework.com/docs/start/web-servers.html
- https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_split_path_info
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| |/
|/| |
API: fix JWT signature verification
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes https://github.com/shaarli/Shaarli/issues/737
Added:
- Base64Url utilities
Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded
See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Bugfixes on link deletion, and use a GET form
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Use a GET form to delete links: harmonize with edit_link and preparation for #585
Bug fixes:
* LinkDB element can't be passed as reference, fix error:
PHP Notice: Indirect modification of overloaded element of LinkDB has no effect
* Resource cache folder setting wasn't set correctly
|
|\ \
| | |
| | | |
Hide default ports in local URL behind a reverse proxy
|
| | | |
|
|\ \ \
| | | |
| | | | |
URL cleanup: add 'campaign_' to the annoying parameters
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
Closes https://github.com/shaarli/Shaarli/issues/735
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \ \
| | | |
| | | | |
API: fix Slim namespaces
|
| | | |
| | | |
| | | |
| | | | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \ \ \
| |_|/ /
|/| | | |
Fix fatal error during the install
|
|/ / / |
|
|\ \ \
| | | |
| | | | |
Add opensearch to RSS and ATOM feeds
|
| |/ /
| | |
| | |
| | | |
Fixes #709
|
|\ \ \
| |/ /
|/| | |
Fixes presence of empty tags for private tags and in search results
|
|/ /
| |
| |
| |
| |
| |
| | |
* Private tags: make sure empty tags are properly filtered
* Search results:
* Use preg_split instead of function combination
* Add normalize_spaces to remove extra whitespaces displaying empty tags search
|
|\ \
| | |
| | | |
Move Pubsubhub to a default plugin
|
| | | |
|
|/ / |
|
|\ \
| | |
| | | |
REST API structure using Slim framework
|
| | |
| | |
| | |
| | |
| | |
| | | |
* REST API routes are handle by Slim.
* Every API controller go through ApiMiddleware which handles security.
* First service implemented `/info`, for tests purpose.
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
API settings:
- api.enabled
- api.secret
The API settings will be initialized (and the secret generated) with an update method.
|
| |/
|/| |
|
|\ \
| | |
| | | |
Fixes can login function call in loginform.html
|
| |/
| |
| |
| | |
Fixes #711
|
|\ \
| |/
|/| |
Fix a regression: permalinks change when old links are edited
|
|/
|
|
| |
fixes #713
|
| |
|
|\
| |
| | |
Bump version to v0.8.1
|
|/
|
|
| |
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
|
|\
| |
| | |
changelog: add release date for v0.8.1 and add section v0.9.0
|
| | |
|
|\|
| |
| | |
changelog update
|
|/ |
|