| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
|
|\
| |
| | |
Add trusted IPs in config and try to ban forwarded IP on failed login
|
| |
| |
| |
| |
| |
| |
| |
| | |
* Add a new settings (which needs to be manually set): `security.trusted_proxies`
* On login failure, if the `REMOTE_ADDR` is in the trusted proxies, try to retrieve the forwarded IP in headers.
* If found, the client address is added in ipbans, else we do nothing.
Fixes #409
|
|/
|
|
| |
fixup between both methods
|
| |
|
| |
|
|
|
|
| |
see https://github.com/shaarli/Shaarli/issues/531 for details
|
|
|
|
| |
Going through multiple reverse proxy will store multiple scheme and port in HTTP header separated by a comma. Shaarli will use the first one to generate server_url.
|
|
|
|
|
|
|
|
| |
Additions:
- [makefile] check versioned files are not executable
- [travis] call the new make target
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
|
|
| |
* `get_http_url()` renamed to `get_http_response()`.
* Use the same HTTP context to retrieve response headers and content.
* Follow HTTP 301 and 302 redirections to retrieve the title (default max 3 redirections).
* Add `LinkUtils` to extract titles and charset.
* Try to retrieve charset from HTTP headers first (new), then HTML content.
* Use mb_string to re-encode title if necessary.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Relates to #333
Modifications:
- refactor server URL utility functions
- do not access global `$_SERVER` variables
- add test coverage
- improve readability
- apply coding conventions
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
Relates to #333
Modifications:
- move HTTP utils to 'application/HttpUtils.php'
- simplify logic
- replace 'http_parse_headers_shaarli' by built-in 'get_headers()'
- remove superfluous '$status' parameter (provided by the HTTP headers)
- apply coding conventions
- add test coverage (unitary only)
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|