| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|\ \ \
| | | |
| | | | |
httpd: always forward the 'Authorization' header
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
On some Apache HTTPD setups where the CGI/FastCGI mode is used, the HTTP header
containing the JWT token is not forwarded, which results in the following error
when attempting to use the REST API:
"401 Not authorized: JWT token not provided"
This patch allows forwarding the 'Authorization' header. An alternative would
be to use the `CGIPassAuth` directive to allow all authorization headers to be
forwarded.
See:
- https://secure.php.net/manual/en/features.http-auth.php#114877
- https://stackoverflow.com/questions/26475885/authorization-header-missing-in-php-post-request
- https://stackoverflow.com/questions/13387516/authorization-header-missing-in-django-rest-framework-is-apache-to-blame
- https://stackoverflow.com/questions/17018586/apache-2-4-php-fpm-and-authorization-headers
- https://httpd.apache.org/docs/2.4/en/mod/core.html#cgipassauth
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \ \ \
| | | | |
| | | | | |
Documentation : Fix current version file name
|
| |/ / / |
|
|\ \ \ \
| |/ / /
|/| | | |
fix: IP ban check for the Vintage theme
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
Introduced by https://github.com/shaarli/Shaarli/pull/1008
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \ \
| |/ /
|/| | |
Nginx logs to stdout for Docker images
|
| | | |
|
|\ \ \
| | | |
| | | | |
Fix warning when trying to save redictor setting from the configure page
|
|/ / /
| | |
| | |
| | |
| | |
| | | |
It has been removed from the web page.
Fixes #1099
|
|\ \ \
| |/ /
|/| | |
Make max download size and timeout configurable
|
| | |
| | |
| | |
| | | |
Fixes #1061
|
|\ \ \
| | | |
| | | | |
PSR: use elseif instead of else if
|
| |/ /
| | |
| | |
| | | |
See https://www.php-fig.org/psr/psr-2/\#51-if-elseif-else
|
|\ \ \
| |/ /
|/| | |
Fix permission issue introduced with multi-stage build
|
|/ / |
|
|\ \
| |/
|/| |
Doxygen: ignore data/, simplify Make target
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| | |
| | | |
docker: introduce multi-stage image build (master, latest)
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Relates to https://github.com/shaarli/Shaarli/issues/755
Relates to https://github.com/shaarli/Shaarli/pull/1072
See:
- https://docs.docker.com/develop/develop-images/multistage-build/
- https://hub.docker.com/r/library/composer/
- https://github.com/composer/docker
- https://github.com/docker-library/docs/tree/master/composer
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \ \
| | | |
| | | | |
Ignore the case while checking DOCTYPE during the file import
|
| | |/
| |/|
| | |
| | | |
Fixes #1091
|
|\ \ \
| |/ /
|/| | |
Use a specific page title in all pages
|
|/ /
| |
| |
| |
| |
| | |
Also fixed a few French translation issues
Fixes #954 #955
|
|\ \
| | |
| | | |
Update badges for 'stable'
|
|/ /
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| |/
|/| |
Documentation: cleanup, update references to config(.json)?.php
|
| |
| |
| |
| |
| |
| | |
Closes https://github.com/shaarli/Shaarli/issues/1082
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
htaccess: prevent accessing resources not managed by SCM
|
|/
|
|
|
|
|
|
|
| |
See:
- https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/
- https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing
- https://httpd.apache.org/docs/current/mod/mod_rewrite.html
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Refactor login / ban management
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to https://github.com/shaarli/Shaarli/issues/324
Added:
- Add the `LoginManager` class to manage logins and bans
Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies
Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Executes daily hooks before creating columns.
|
| | |
|
|\ \
| | |
| | | |
Add a filter to only display public links
|
| | |
| | |
| | |
| | | |
#1038
|
| | |
| | |
| | |
| | |
| | |
| | | |
When the key filter is clicked once, it only displays private link. When it is clicked on again, it becomes red and only public links are displayed. Another click and all links are displayed. The current visibility status is shown in the search banner
Fixes #1030
|
|\ \ \
| | | |
| | | | |
Drop PHP 5.5 compatibility and run Travis UT against PHP 7.2
|
| | | |
| | | |
| | | |
| | | | |
See https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003
|
| | | |
| | | |
| | | |
| | | | |
PHPUnit 4.x contains deprecated PHP functions in PHP 7.2.
|
|/ / / |
|
| | | |
|
|\ \ \
| | | |
| | | | |
CHANGELOG + AUTHORS (v0.9.5)
|
|/ / / |
|
|\ \ \
| |_|/
|/| | |
Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
As stated in the docs:
> LC_MESSAGES for system responses (available if PHP was compiled with libintl)
Fixes #1067
|
|\ \ \
| |/ /
|/| | |
Update dependencies and include latest version netscape-bookmark-parser
|
|/ / |
|
|\ \
| | |
| | | |
Fix warnings when upgrading from legacy SebSauvage version
|