Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Security: fix multiple XSS vulnerabilities + fix search tags with special chars | ArthurHoaro | 2020-10-06 | 4 | -12/+21 |
| | | | | | | XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list. Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong. | ||||
* | Fix a bug preventing to edit bookmark with ID #0 | ArthurHoaro | 2020-09-30 | 1 | -1/+1 |
| | |||||
* | Fix warning if the encoding retrieved from external headers is invalid | ArthurHoaro | 2020-09-30 | 1 | -1/+1 |
| | | | | Also fixed the regex to support this failing header: charset="utf-8"\r\n" | ||||
* | Fix invalid redirection using the path of an external domain | ArthurHoaro | 2020-09-22 | 1 | -0/+7 |
| | | | | Fixes #1554 | ||||
* | Merge pull request #1559 from ArthurHoaro/fix/edit-redirect | ArthurHoaro | 2020-09-22 | 1 | -1/+1 |
|\ | | | | | Fix redirection to referer after editing a link | ||||
| * | Fix redirection to referer after editing a link | ArthurHoaro | 2020-09-22 | 1 | -1/+1 |
| | | | | | | | | Fixes #1545 | ||||
* | | Merge pull request #1539 from ArthurHoaro/feature/manual-root-url | ArthurHoaro | 2020-09-22 | 1 | -1/+1 |
|\ \ | |/ |/| | |||||
| * | Fix subfolder configuration in unit tests | ArthurHoaro | 2020-09-12 | 1 | -1/+1 |
| | | |||||
* | | Merge pull request #1553 from ArthurHoaro/fix/404-page | ArthurHoaro | 2020-09-12 | 1 | -0/+29 |
|\ \ | | | | | | | Properly handle 404 errors | ||||
| * | | Properly handle 404 errors | ArthurHoaro | 2020-09-12 | 1 | -0/+29 |
| |/ | | | | | | | | | | | Use 404 template instead of default Slim error page if the route is not found. Fixes #827 | ||||
* / | Plugins: do not save metadata along plugin parameters | ArthurHoaro | 2020-09-12 | 1 | -0/+1 |
|/ | | | | | | Also prevent the token to be saved. Fixes #1550 | ||||
* | Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-service | ArthurHoaro | 2020-09-06 | 2 | -14/+14 |
|\ | | | | | Inject BookmarkServiceInterface in plugins data | ||||
| * | Inject BookmarkServiceInterface in plugins data | ArthurHoaro | 2020-09-03 | 2 | -14/+14 |
| | | | | | | | | Related discussion: ilesinge/shaarli-related#7 | ||||
* | | Merge pull request #1537 from ArthurHoaro/fix/back-compatible-targets | ArthurHoaro | 2020-09-03 | 1 | -2/+2 |
|\ \ | |||||
| * | | Improve backward compatibility for LegacyRouter | ArthurHoaro | 2020-09-03 | 1 | -2/+2 |
| |/ | | | | | | | | | | | | | LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter. So we change a few of its values there, to match the new ones defined in TemplatePage. @see discussion in shaarli/Shaarli#1537 | ||||
* / | Fix login loop for private instances | ArthurHoaro | 2020-09-01 | 1 | -1/+1 |
|/ | | | | | | GET /login and POST /login have 2 distinct route name. Fixes #1533 | ||||
* | Better handling of plugin incompatibility | ArthurHoaro | 2020-08-27 | 1 | -1/+2 |
| | | | | | If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks). Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.: | ||||
* | Move error handling to dedicated controller instead of middleware | ArthurHoaro | 2020-08-21 | 2 | -25/+46 |
| | |||||
* | Move all admin controller into a dedicated group | ArthurHoaro | 2020-08-13 | 5 | -22/+52 |
| | | | | Also handle authentication check in a new middleware for the admin group. | ||||
* | Remove anonymous permission and initialize bookmarks on login | ArthurHoaro | 2020-08-01 | 1 | -5/+0 |
| | |||||
* | Fix basePath in unit tests reference DB | ArthurHoaro | 2020-07-28 | 1 | -0/+1 |
| | |||||
* | Better support for notes permalink | ArthurHoaro | 2020-07-28 | 2 | -1/+6 |
| | |||||
* | Fix redirection after post install login | ArthurHoaro | 2020-07-27 | 1 | -1/+1 |
| | |||||
* | New basePath: fix officiel plugin paths and vintage template | ArthurHoaro | 2020-07-26 | 10 | -164/+38 |
| | |||||
* | Fix: visitor are allowed to chose nb of links per page | ArthurHoaro | 2020-07-24 | 2 | -19/+34 |
| | |||||
* | Fix default link and redirection in install controller | ArthurHoaro | 2020-07-24 | 1 | -2/+2 |
| | |||||
* | Update French translation | ArthurHoaro | 2020-07-23 | 1 | -1/+1 |
| | |||||
* | Multiple small fixes | ArthurHoaro | 2020-07-23 | 4 | -17/+17 |
| | |||||
* | Process login through Slim controller | ArthurHoaro | 2020-07-23 | 3 | -11/+130 |
| | |||||
* | Process Shaarli install through Slim controller | ArthurHoaro | 2020-07-23 | 5 | -3/+214 |
| | |||||
* | Process main page (linklist) through Slim controller | ArthurHoaro | 2020-07-23 | 15 | -42/+345 |
| | | | | | Including a bunch of improvements on the container, and helper used across new controllers. | ||||
* | Process thumbnail synchronize page through Slim controllers | ArthurHoaro | 2020-07-23 | 2 | -1/+80 |
| | |||||
* | Process token retrieve through Slim controller | ArthurHoaro | 2020-07-23 | 1 | -0/+26 |
| | |||||
* | Process plugins administration page through Slim controllers | ArthurHoaro | 2020-07-23 | 1 | -0/+98 |
| | |||||
* | Process bookmarks import through Slim controller | ArthurHoaro | 2020-07-23 | 2 | -15/+83 |
| | |||||
* | Process bookmark exports through Slim controllers | ArthurHoaro | 2020-07-23 | 1 | -0/+92 |
| | |||||
* | Pin bookmarks through Slim controller | ArthurHoaro | 2020-07-23 | 1 | -0/+36 |
| | |||||
* | Process change visibility action through Slim controller | ArthurHoaro | 2020-07-23 | 1 | -1/+69 |
| | |||||
* | Improve ManageTagController coverage and error handling | ArthurHoaro | 2020-07-23 | 1 | -12/+32 |
| | |||||
* | Use multi-level routes for existing controllers instead of 1 level everywhere | ArthurHoaro | 2020-07-23 | 9 | -26/+44 |
| | | | | Also prefix most admin routes with /admin/ | ||||
* | Explicitly define base and asset path in templates | ArthurHoaro | 2020-07-23 | 2 | -1/+16 |
| | | | | | | | With the new routes, all pages are not all at the same folder level anymore (e.g. /shaare and /shaare/123), so we can't just use './' everywhere. The most consistent way to handle this is to prefix all path with the proper variable, and handle the actual path in controllers. | ||||
* | Handle shaare creation/edition/deletion through Slim controllers | ArthurHoaro | 2020-07-23 | 5 | -9/+269 |
| | |||||
* | Process manage tags page through Slim controller | ArthurHoaro | 2020-07-23 | 2 | -1/+88 |
| | |||||
* | Process configure page through Slim controller | ArthurHoaro | 2020-07-23 | 1 | -0/+120 |
| | |||||
* | Test ShaarliAdminController | ArthurHoaro | 2020-07-23 | 1 | -1/+3 |
| | |||||
* | Process password change controller through Slim | ArthurHoaro | 2020-07-23 | 6 | -2/+205 |
| | |||||
* | Process tools page through Slim controller | ArthurHoaro | 2020-07-23 | 1 | -0/+49 |
| | |||||
* | Initialize admin Slim controllers | ArthurHoaro | 2020-07-23 | 16 | -50/+76 |
| | | | | | | - Reorganize visitor controllers - Fix redirection with Slim's requests base path - Fix daily links | ||||
* | Process session filters through Slim controllers | ArthurHoaro | 2020-07-23 | 2 | -0/+124 |
| | | | | | | | Including: - visibility - links per page - untagged only | ||||
* | Process remove tag endpoint through Slim controller | ArthurHoaro | 2020-07-23 | 1 | -1/+47 |
| |