aboutsummaryrefslogtreecommitdiffhomepage
Commit message (Collapse)AuthorAgeFilesLines
* httpd: always forward the 'Authorization' headerVirtualTam2018-03-251-0/+4
| | | | | | | | | | | | | | | | | | | | | On some Apache HTTPD setups where the CGI/FastCGI mode is used, the HTTP header containing the JWT token is not forwarded, which results in the following error when attempting to use the REST API: "401 Not authorized: JWT token not provided" This patch allows forwarding the 'Authorization' header. An alternative would be to use the `CGIPassAuth` directive to allow all authorization headers to be forwarded. See: - https://secure.php.net/manual/en/features.http-auth.php#114877 - https://stackoverflow.com/questions/26475885/authorization-header-missing-in-php-post-request - https://stackoverflow.com/questions/13387516/authorization-header-missing-in-django-rest-framework-is-apache-to-blame - https://stackoverflow.com/questions/17018586/apache-2-4-php-fpm-and-authorization-headers - https://httpd.apache.org/docs/2.4/en/mod/core.html#cgipassauth Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* htaccess: prevent accessing resources not managed by SCMVirtualTam2018-03-251-0/+8
| | | | | | | | | See: - https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/ - https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing - https://httpd.apache.org/docs/current/mod/mod_rewrite.html Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Bump Shaarli version to v0.9.5v0.9.5ArthurHoaro2018-02-021-1/+1
| | | | Signed-off-by: ArthurHoaro <arthur@hoa.ro>
* Bump Shaarli version to v0.9.4ArthurHoaro2018-02-021-1/+1
|
* Bump Shaarli version to v0.9.3VirtualTam2018-02-021-1/+1
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Bump Shaarli version to v0.9.2ArthurHoaro2018-02-021-1/+1
| | | | Signed-off-by: ArthurHoaro <arthur@hoa.ro>
* Bump version to v0.9.1VirtualTam2018-02-021-1/+1
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Fix version fileArthurHoaro2018-02-021-1/+1
|
* Bump version to v0.9.0ArthurHoaro2018-02-021-1/+1
| | | | Signed-off-by: ArthurHoaro <arthur@hoa.ro>
* Merge pull request #1076 from ArthurHoaro/changelog-v0.9.5ArthurHoaro2018-02-022-1/+6
|\ | | | | CHANGELOG + AUTHORS (v0.9.5)
| * CHANGELOG + AUTHORSArthurHoaro2018-02-022-1/+6
|/
* Merge pull request #1070 from ArthurHoaro/hotfix/lc-messages-warningArthurHoaro2018-02-022-0/+7
|\ | | | | Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
| * Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installedArthurHoaro2018-01-312-0/+7
| | | | | | | | | | | | | | | | As stated in the docs: > LC_MESSAGES for system responses (available if PHP was compiled with libintl) Fixes #1067
* | Merge pull request #1069 from ArthurHoaro/feature/dependenciesArthurHoaro2018-01-311-89/+89
|\ \ | |/ |/| Update dependencies and include latest version netscape-bookmark-parser
| * Update dependencies and include latest version netscape-bookmark-parserArthurHoaro2018-01-311-89/+89
|/
* Merge pull request #1063 from ArthurHoaro/hotfix/legacy-warningsArthurHoaro2018-01-313-3/+18
|\ | | | | Fix warnings when upgrading from legacy SebSauvage version
| * Fix warnings when upgrading from legacy SebSauvage versionArthurHoaro2018-01-253-3/+18
| | | | | | | | Fixes #1040
* | Update badgesArthurHoaro2018-01-301-2/+2
| |
* | Merge pull request #1065 from ArthurHoaro/release-v9.0.4ArthurHoaro2018-01-302-5/+9
|\ \ | |/ |/| pre release v0.9.4
| * Update AUTHORSArthurHoaro2018-01-301-4/+5
| |
| * Update CHANGELOGArthurHoaro2018-01-301-1/+4
|/
* Merge pull request #977 from ArthurHoaro/feature/dl-filterArthurHoaro2018-01-234-68/+293
|\ | | | | Extract the title/charset during page download, and check content type
| * Extract the title/charset during page download, and check content typeArthurHoaro2017-10-284-68/+293
| | | | | | | | | | | | | | Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML). Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted. Closes #579
* | Merge pull request #1058 from FranckKe/patch-1nodiscc2018-01-181-1/+1
|\ \ | | | | | | doc: bookmarklet: fix link to issue 196
| * | Fix link to issue 196Franck Kerbiriou2018-01-181-1/+1
| | |
* | | Merge pull request #1057 from shaarli/doc-derefindnodiscc2018-01-181-0/+4
|\ \ \ | | | | | | | | doc: import: add link to derefind conversion tool
| * | | doc: import: add link to derefind conversion toolnodiscc2018-01-171-0/+4
| |/ / | | | | | | As mentioned on gitter
* | | Merge pull request #1049 from shaarli/doc-docker-armnodiscc2018-01-181-0/+1
|\ \ \ | |/ / |/| | doc: add arm32v7 docker build documentation
| * | doc: fix link to dockerfilesnodiscc2018-01-131-1/+1
| | |
| * | doc: docker: add links to docker build and qemu documentationnodiscc2018-01-121-1/+1
| | |
| * | doc: docker: remove armhf tags, add link to Dockerfilesnodiscc2018-01-121-3/+1
| | |
| * | doc: add armhf docker imagesnodiscc2018-01-051-0/+3
| | |
* | | Merge pull request #1055 from virtualtam/changelogVirtualTam2018-01-131-0/+27
|\ \ \ | | | | | | | | Update CHANGELOG for the next v0.9.x
| * | | Update CHANGELOG for the next v0.9.xVirtualTam2018-01-101-0/+27
|/ / / | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | | Merge pull request #1054 from shaarli/doc-mbstring-webhostsnodiscc2018-01-091-1/+1
|\ \ \ | | | | | | | | doc: Server Requirements: php-mbstring: add 'hosting providers'
| * | | doc: Server Requirements: php-mbstring: add 'hosting providers'nodiscc2018-01-091-1/+1
| | | |
* | | | Merge pull request #1050 from virtualtam/changelog/cveVirtualTam2018-01-091-2/+4
|\ \ \ \ | |/ / / |/| | | Reference CVE-2018-5249 in CHANGELOG
| * | | Reference CVE-2018-5249 in CHANGELOGVirtualTam2018-01-061-2/+4
|/ / / | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/pull/1046 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | | Merge pull request #1043 from immanuelfodor/improvement/shaarli-markdown-toolbarArthurHoaro2018-01-061-0/+1
|\ \ \ | |/ / |/| | Adding 3rd party plugin 'markdown-toolbar' to docs
| * | adding 3rd party plugin markdown-toolbar to docsimmanuelfodor2017-12-301-0/+1
| | |
* | | Merge pull request #1047 from virtualtam/changelogVirtualTam2018-01-045-19/+39
|\ \ \ | | | | | | | | Update changelog, documentation and authors
| * | | Update AUTHORS and contributor mailmapVirtualTam2018-01-042-4/+10
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
| * | | Update CHANGELOG, README badges and installation instructionsVirtualTam2018-01-043-15/+29
|/ / / | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | | Merge pull request #1046 from virtualtam/security/login-xssVirtualTam2018-01-041-1/+1
|\ \ \ | | | | | | | | Fix XSS vulnerability
| * | | Fix XSS vulnerabilityVirtualTam2018-01-041-1/+1
|/ / / | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | | Feature: Docker armhf support (#1041)Immánuel!2018-01-042-0/+94
| | | | | | | | | | | | | | | | | | | | | | | | | | | Docker: add Alpine Linux ARM HF latest and master images See: - http://www.armhf.com/ - https://wiki.alpinelinux.org/wiki/Alpine_on_ARM - https://hub.docker.com/r/lsiobase/alpine.armhf/
* | | Merge pull request #1044 from ArthurHoaro/hotfix/plugins-parameter-buttonArthurHoaro2018-01-011-3/+3
|\ \ \ | | | | | | | | Fix an issue preventing the Save button to appear for plugin parameters
| * | | Fix an issue preventing the Save button to appear for plugin parametersArthurHoaro2018-01-011-3/+3
|/ / / | | | | | | | | | is a special variable in RainTPL used in loops
* | | Merge pull request #1037 from ArthurHoaro/theme/improvements2ArthurHoaro2018-01-011-26/+26
|\ \ \ | | | | | | | | Add CSS classes and IDs in Shaarli's menu
| * | | Add CSS class and IDs in Shaarli's menuArthurHoaro2017-12-161-26/+26
| |/ / | | | | | | | | | Fixes #877