| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Extract the title/charset during page download, and check content type
|
| |
| |
| |
| |
| |
| |
| | |
Use CURLOPT_WRITEFUNCTION to check the response code and content type (only allow HTML).
Also extract the title and charset during downloading chunk of data, and stop it when everything has been extracted.
Closes #579
|
|\ \
| | |
| | | |
Force HTTPS if the original port is 443 behind a reverse proxy
|
| |/
| |
| |
| | |
Fixes #1022
|
|/
|
|
| |
1kB chunk size has caused me a lot of trouble with Travis which wasn't completing the download
|
|
|
|
| |
Without HTTP_X_FORWARDED_PORT check, might be set to false even though the user is using HTTPS, thus disabling Firefox Social block display
|
|
|
|
|
| |
alongside _PORT and _PROTO
Fixes #879
|
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|\
| |
| | |
Add trusted IPs in config and try to ban forwarded IP on failed login
|
| |
| |
| |
| |
| |
| |
| |
| | |
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
* On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
* If found, the client address is added in ipbans, else we do nothing.
Fixes #409
|
|/
|
|
| |
fixup between both methods
|
| |
|
| |
|
|
|
|
| |
see https://github.com/shaarli/Shaarli/issues/531 for details
|
|
|
|
| |
Going through multiple reverse proxy will store multiple scheme and port in HTTP header separated by a comma. Shaarli will use the first one to generate server_url.
|
|
|
|
|
|
|
|
| |
Additions:
- [makefile] check versioned files are not executable
- [travis] call the new make target
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
|
|
| |
* `get_http_url()` renamed to `get_http_response()`.
* Use the same HTTP context to retrieve response headers and content.
* Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections).
* Add `LinkUtils` to extract titles and charset.
* Try to retrieve charset from HTTP headers first (new), then HTML content.
* Use mb_string to re-encode title if necessary.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to #333
Modifications:
- refactor server URL utility functions
- do not access global `$_SERVER` variables
- add test coverage
- improve readability
- apply coding conventions
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
Relates to #333
Modifications:
- move HTTP utils to 'application/HttpUtils.php'
- simplify logic
- replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
- remove superfluous '$status' parameter (provided by the HTTP headers)
- apply coding conventions
- add test coverage (unitary only)
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|