aboutsummaryrefslogtreecommitdiffhomepage
path: root/application/front
Commit message (Collapse)AuthorAgeFilesLines
* Security: fix multiple XSS vulnerabilities + fix search tags with special charsArthurHoaro2020-10-064-12/+21
| | | | | | XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list. Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
* Fix a bug preventing to edit bookmark with ID #0ArthurHoaro2020-09-301-1/+1
|
* Fix warning if the encoding retrieved from external headers is invalidArthurHoaro2020-09-301-1/+1
| | | | Also fixed the regex to support this failing header: charset="utf-8"\r\n"
* Fix invalid redirection using the path of an external domainArthurHoaro2020-09-221-0/+7
| | | | Fixes #1554
* Merge pull request #1559 from ArthurHoaro/fix/edit-redirectArthurHoaro2020-09-221-1/+1
|\ | | | | Fix redirection to referer after editing a link
| * Fix redirection to referer after editing a linkArthurHoaro2020-09-221-1/+1
| | | | | | | | Fixes #1545
* | Merge pull request #1539 from ArthurHoaro/feature/manual-root-urlArthurHoaro2020-09-221-1/+1
|\ \ | |/ |/|
| * Fix subfolder configuration in unit testsArthurHoaro2020-09-121-1/+1
| |
* | Merge pull request #1553 from ArthurHoaro/fix/404-pageArthurHoaro2020-09-121-0/+29
|\ \ | | | | | | Properly handle 404 errors
| * | Properly handle 404 errorsArthurHoaro2020-09-121-0/+29
| |/ | | | | | | | | | | Use 404 template instead of default Slim error page if the route is not found. Fixes #827
* / Plugins: do not save metadata along plugin parametersArthurHoaro2020-09-121-0/+1
|/ | | | | | Also prevent the token to be saved. Fixes #1550
* Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-serviceArthurHoaro2020-09-062-14/+14
|\ | | | | Inject BookmarkServiceInterface in plugins data
| * Inject BookmarkServiceInterface in plugins dataArthurHoaro2020-09-032-14/+14
| | | | | | | | Related discussion: ilesinge/shaarli-related#7
* | Merge pull request #1537 from ArthurHoaro/fix/back-compatible-targetsArthurHoaro2020-09-031-2/+2
|\ \
| * | Improve backward compatibility for LegacyRouterArthurHoaro2020-09-031-2/+2
| |/ | | | | | | | | | | | | LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter. So we change a few of its values there, to match the new ones defined in TemplatePage. @see discussion in shaarli/Shaarli#1537
* / Fix login loop for private instancesArthurHoaro2020-09-011-1/+1
|/ | | | | | GET /login and POST /login have 2 distinct route name. Fixes #1533
* Better handling of plugin incompatibilityArthurHoaro2020-08-271-1/+2
| | | | | If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks). Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.:
* Move error handling to dedicated controller instead of middlewareArthurHoaro2020-08-212-25/+46
|
* Move all admin controller into a dedicated groupArthurHoaro2020-08-135-22/+52
| | | | Also handle authentication check in a new middleware for the admin group.
* Remove anonymous permission and initialize bookmarks on loginArthurHoaro2020-08-011-5/+0
|
* Fix basePath in unit tests reference DBArthurHoaro2020-07-281-0/+1
|
* Better support for notes permalinkArthurHoaro2020-07-282-1/+6
|
* Fix redirection after post install loginArthurHoaro2020-07-271-1/+1
|
* New basePath: fix officiel plugin paths and vintage templateArthurHoaro2020-07-2610-164/+38
|
* Fix: visitor are allowed to chose nb of links per pageArthurHoaro2020-07-242-19/+34
|
* Fix default link and redirection in install controllerArthurHoaro2020-07-241-2/+2
|
* Update French translationArthurHoaro2020-07-231-1/+1
|
* Multiple small fixesArthurHoaro2020-07-234-17/+17
|
* Process login through Slim controllerArthurHoaro2020-07-233-11/+130
|
* Process Shaarli install through Slim controllerArthurHoaro2020-07-235-3/+214
|
* Process main page (linklist) through Slim controllerArthurHoaro2020-07-2315-42/+345
| | | | | Including a bunch of improvements on the container, and helper used across new controllers.
* Process thumbnail synchronize page through Slim controllersArthurHoaro2020-07-232-1/+80
|
* Process token retrieve through Slim controllerArthurHoaro2020-07-231-0/+26
|
* Process plugins administration page through Slim controllersArthurHoaro2020-07-231-0/+98
|
* Process bookmarks import through Slim controllerArthurHoaro2020-07-232-15/+83
|
* Process bookmark exports through Slim controllersArthurHoaro2020-07-231-0/+92
|
* Pin bookmarks through Slim controllerArthurHoaro2020-07-231-0/+36
|
* Process change visibility action through Slim controllerArthurHoaro2020-07-231-1/+69
|
* Improve ManageTagController coverage and error handlingArthurHoaro2020-07-231-12/+32
|
* Use multi-level routes for existing controllers instead of 1 level everywhereArthurHoaro2020-07-239-26/+44
| | | | Also prefix most admin routes with /admin/
* Explicitly define base and asset path in templatesArthurHoaro2020-07-232-1/+16
| | | | | | | With the new routes, all pages are not all at the same folder level anymore (e.g. /shaare and /shaare/123), so we can't just use './' everywhere. The most consistent way to handle this is to prefix all path with the proper variable, and handle the actual path in controllers.
* Handle shaare creation/edition/deletion through Slim controllersArthurHoaro2020-07-235-9/+269
|
* Process manage tags page through Slim controllerArthurHoaro2020-07-232-1/+88
|
* Process configure page through Slim controllerArthurHoaro2020-07-231-0/+120
|
* Test ShaarliAdminControllerArthurHoaro2020-07-231-1/+3
|
* Process password change controller through SlimArthurHoaro2020-07-236-2/+205
|
* Process tools page through Slim controllerArthurHoaro2020-07-231-0/+49
|
* Initialize admin Slim controllersArthurHoaro2020-07-2316-50/+76
| | | | | | - Reorganize visitor controllers - Fix redirection with Slim's requests base path - Fix daily links
* Process session filters through Slim controllersArthurHoaro2020-07-232-0/+124
| | | | | | | Including: - visibility - links per page - untagged only
* Process remove tag endpoint through Slim controllerArthurHoaro2020-07-231-1/+47
|