aboutsummaryrefslogtreecommitdiffhomepage
Commit message (Collapse)AuthorAgeFilesLines
* API: expect JWT in the Authorization headerVirtualTam2017-01-152-6/+34
| | | | | | | | | | | | | | | | | Relates to https://github.com/shaarli/Shaarli/pull/731 Added: - require the presence of the 'Authorization' header Changed: - use the HTTP Bearer Token authorization schema See: - https://jwt.io/introduction/#how-do-json-web-tokens-work- - https://tools.ietf.org/html/rfc6750 - http://security.stackexchange.com/q/108662 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Merge pull request #753 from ArthurHoaro/usercssArthurHoaro2017-01-142-1/+17
|\ | | | | Move user.css to data folder
| * Move user.css to data folderArthurHoaro2017-01-142-1/+17
|/
* Add an AUTHORS file, simplify COPYING, bump year to 2017VirtualTam2017-01-075-28/+62
| | | | | | | | | | | | | | | | | Added: - AUTHORS file listing Shaarli contributors - mailmap information to group a Git author's different aliases - Makefile target to list contributors from Git commit data Changed: - Simplify COPYING by using a single "Shaarli Community" entry - Bump year to 2017 See: - man git-shortlog - https://www.kernel.org/pub/software/scm/git/docs/git-shortlog.html#_mapping_authors Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Cleanup: use safe boolean comparisonsVirtualTam2017-01-074-4/+6
| | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Merge pull request #732 from ArthurHoaro/feature/theme-managerArthur2017-01-0652-16/+215
|\ | | | | Theme manager: improvements
| * Fix permalink image alignement in daily pageArthurHoaro2017-01-051-0/+4
| |
| * Updater: keep custom theme preference with the new theme settingArthurHoaro2017-01-058-69/+163
| |
| * Minor improvements regarding #705 (coding style, unit tests, etc.)ArthurHoaro2017-01-0520-28/+92
| |
| * Change templates set through administration UIKnah Tsaeb2017-01-0541-14/+52
| |
* | Cleanup: explicit method visibilityVirtualTam2017-01-0516-69/+65
| | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Cleanup: remove unused variablesVirtualTam2017-01-052-5/+1
| | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | API+Docker: enable nginx URL rewritingVirtualTam2017-01-053-0/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | Closes https://github.com/shaarli/Shaarli/issues/668 Changed: - let nginx rewrite API URLs See: - https://www.slimframework.com/docs/start/web-servers.html - https://nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_split_path_info Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | Merge pull request #739 from virtualtam/fix/api/jwt-signatureVirtualTam2017-01-054-13/+49
|\ \ | |/ |/| API: fix JWT signature verification
| * API: fix JWT signature verificationVirtualTam2017-01-044-13/+49
|/ | | | | | | | | | | | | | | | | | | | | | Fixes https://github.com/shaarli/Shaarli/issues/737 Added: - Base64Url utilities Fixed: - use URL-safe Base64 encoding/decoding functions - use byte representations for HMAC digests - all JWT parts are Base64Url-encoded See: - https://en.wikipedia.org/wiki/JSON_Web_Token - https://tools.ietf.org/html/rfc7519 - https://scotch.io/tutorials/the-anatomy-of-a-json-web-token - https://jwt.io/introduction/ - https://en.wikipedia.org/wiki/Base64#URL_applications - https://secure.php.net/manual/en/function.base64-encode.php#103849 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* Merge pull request #682 from ArthurHoaro/delete-buttonArthur2017-01-043-9/+15
|\ | | | | Bugfixes on link deletion, and use a GET form
| * Bugfixes on link deletion, and use a GET formArthurHoaro2016-12-163-9/+15
| | | | | | | | | | | | | | | | | | | | | | | | Use a GET form to delete links: harmonize with edit_link and preparation for #585 Bug fixes: * LinkDB element can't be passed as reference, fix error: PHP Notice: Indirect modification of overloaded element of LinkDB has no effect * Resource cache folder setting wasn't set correctly
* | Merge pull request #733 from ArthurHoaro/hotfix/reverse-proxy-portArthur2017-01-042-2/+23
|\ \ | | | | | | Hide default ports in local URL behind a reverse proxy
| * | Hide default port in local URL behind a reverse proxyArthurHoaro2017-01-032-2/+23
| | |
* | | Merge pull request #736 from virtualtam/url/annoying/campaignVirtualTam2017-01-042-35/+72
|\ \ \ | | | | | | | | URL cleanup: add 'campaign_' to the annoying parameters
| * | | URL cleanup: add 'campaign_' to the annoying parametersVirtualTam2017-01-042-35/+72
|/ / / | | | | | | | | | | | | | | | Closes https://github.com/shaarli/Shaarli/issues/735 Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | | Merge pull request #731 from virtualtam/fix/api/namespacesVirtualTam2017-01-031-2/+2
|\ \ \ | | | | | | | | API: fix Slim namespaces
| * | | API: fix Slim namespacesVirtualTam2017-01-021-2/+2
| | | | | | | | | | | | | | | | Signed-off-by: VirtualTam <virtualtam@flibidi.net>
* | | | Merge pull request #734 from ArthurHoaro/hotfix/api-install-errorArthur2017-01-031-2/+2
|\ \ \ \ | |_|/ / |/| | | Fix fatal error during the install
| * | | Fix fatal error during the installArthurHoaro2017-01-031-2/+2
|/ / /
* | | Merge pull request #719 from ArthurHoaro/feed-opensearchArthur2017-01-032-0/+4
|\ \ \ | | | | | | | | Add opensearch to RSS and ATOM feeds
| * | | Add opensearch to RSS and ATOM feedsArthurHoaro2017-01-032-0/+4
| |/ / | | | | | | | | | Fixes #709
* | | Merge pull request #725 from ArthurHoaro/hotfix/privatetags-splitArthur2017-01-034-5/+30
|\ \ \ | |/ / |/| | Fixes presence of empty tags for private tags and in search results
| * | Fixes presence of empty tags for private tags and in search resultsArthurHoaro2017-01-034-5/+30
|/ / | | | | | | | | | | | | * Private tags: make sure empty tags are properly filtered * Search results: * Use preg_split instead of function combination * Add normalize_spaces to remove extra whitespaces displaying empty tags search
* | Merge pull request #620 from ArthurHoaro/pubsubhubArthur2016-12-2012-45/+193
|\ \ | | | | | | Move Pubsubhub to a default plugin
| * | Move PubSubHubbub code as a default pluginArthurHoaro2016-12-2012-38/+183
| | |
| * | Add plugin placeholders in RSS and ATOM feeds templatesArthurHoaro2016-12-202-9/+12
|/ /
* | Merge pull request #666 from ArthurHoaro/slim-apiArthur2016-12-2023-19/+1126
|\ \ | | | | | | REST API structure using Slim framework
| * | REST API structure using Slim frameworkArthurHoaro2016-12-1518-16/+983
| | | | | | | | | | | | | | | | | | * REST API routes are handle by Slim. * Every API controller go through ApiMiddleware which handles security. * First service implemented `/info`, for tests purpose.
| * | PHP requirement increased to PHP 5.5 - See #599ArthurHoaro2016-12-153-3/+3
| | |
| * | Prepare settings for the API in the admin page and during the installArthurHoaro2016-12-127-2/+142
| | | | | | | | | | | | | | | | | | | | | | | | API settings: - api.enabled - api.secret The API settings will be initialized (and the secret generated) with an update method.
* | | Fix typo in markdown plugin meta descriptionArthurHoaro2016-12-181-1/+1
| |/ |/|
* | Merge pull request #714 from ArthurHoaro/hotfix/banloginArthur2016-12-162-2/+3
|\ \ | | | | | | Fixes can login function call in loginform.html
| * | Fixes can login function call in loginform.htmlArthurHoaro2016-12-152-2/+3
| |/ | | | | | | Fixes #711
* | Merge pull request #716 from ArthurHoaro/hotfix/editoldlinksArthur2016-12-151-1/+3
|\ \ | |/ |/| Fix a regression: permalinks change when old links are edited
| * Fix a regression: permalinks change when old links are editedArthurHoaro2016-12-151-1/+3
|/ | | | fixes #713
* Ignore compressed tar archivehelpArthurHoaro2016-12-121-1/+1
|
* Merge pull request #708 from ArthurHoaro/v0.8.1v0.8.1Arthur2016-12-1212-36/+198
|\ | | | | Bump version to v0.8.1
| * Bump version to v0.8.1ArthurHoaro2016-12-1212-36/+198
|/ | | | Signed-off-by: ArthurHoaro <arthur@hoa.ro>
* Merge pull request #707 from ArthurHoaro/changelogArthur2016-12-121-1/+10
|\ | | | | changelog: add release date for v0.8.1 and add section v0.9.0
| * changelog: add release date for v0.8.1 and add section v0.9.0ArthurHoaro2016-12-121-1/+10
| |
* | Merge pull request #706 from ArthurHoaro/changelogArthur2016-12-121-4/+13
|\| | | | | changelog update
| * changelog updateArthurHoaro2016-12-121-4/+13
|/
* Merge pull request #697 from ArthurHoaro/feature/ids-bisArthur2016-12-1220-233/+617
|\ | | | | Link ID refactoring
| * Add a persistent 'shorturl' key to all linksArthurHoaro2016-12-1215-91/+115
| | | | | | | | | | | | | | All existing link will keep their permalinks. New links will have smallhash generated with date+id. The purpose of this is to avoid collision between links due to their creation date.