aboutsummaryrefslogtreecommitdiffhomepage
path: root/application
Commit message (Collapse)AuthorAgeFilesLines
* Security: fix multiple XSS vulnerabilities + fix search tags with special charsArthurHoaro2020-10-067-15/+50
| | | | | | XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list. Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
* Merge pull request #1575 from ArthurHoaro/feature/php8ArthurHoaro2020-10-031-1/+1
|\
| * Compatibility with PHP 8ArthurHoaro2020-09-291-1/+1
| |
* | Merge pull request #1574 from stoeps13/hosting-fixArthurHoaro2020-10-031-2/+8
|\ \
| * | Revert unrelated changes and add unit testsArthurHoaro2020-09-301-7/+17
| | |
| * | Fix identationChristoph Stoettner2020-09-301-5/+5
| | |
| * | Change to ->container->environmentChristoph Stoettner2020-09-301-18/+10
| | |
| * | Workaround for hoster (ionos)Christoph Stoettner2020-09-291-2/+6
| |/ | | | | | | | | | | The hoster writes the environment variable with bearer token to REDIRECT_HTTP_AUTHORIZATION and needs to provide RewriteBase / to .htaccess
* | Fix a bug preventing to edit bookmark with ID #0ArthurHoaro2020-09-301-1/+1
| |
* | Fix warning if the encoding retrieved from external headers is invalidArthurHoaro2020-09-302-2/+2
|/ | | | Also fixed the regex to support this failing header: charset="utf-8"\r\n"
* Fix invalid redirection using the path of an external domainArthurHoaro2020-09-221-0/+7
| | | | Fixes #1554
* Merge pull request #1559 from ArthurHoaro/fix/edit-redirectArthurHoaro2020-09-221-1/+1
|\ | | | | Fix redirection to referer after editing a link
| * Fix redirection to referer after editing a linkArthurHoaro2020-09-221-1/+1
| | | | | | | | Fixes #1545
* | Merge pull request #1539 from ArthurHoaro/feature/manual-root-urlArthurHoaro2020-09-223-6/+10
|\ \ | |/ |/|
| * Fix subfolder configuration in unit testsArthurHoaro2020-09-121-1/+1
| |
| * Add manual configuration for root URLArthurHoaro2020-09-122-5/+9
| | | | | | | | | | | | This new setting under 'general.root_url' allows to override automatic discovery of Shaarli instance's URL. Fixes #1339
* | Merge pull request #1553 from ArthurHoaro/fix/404-pageArthurHoaro2020-09-123-4/+38
|\ \ | | | | | | Properly handle 404 errors
| * | Properly handle 404 errorsArthurHoaro2020-09-123-4/+38
| | | | | | | | | | | | | | | | | | Use 404 template instead of default Slim error page if the route is not found. Fixes #827
* | | Merge pull request #1551 from ArthurHoaro/fix/plugin-save-metadataArthurHoaro2020-09-122-14/+16
|\ \ \ | |_|/ |/| | Plugins: do not save metadata along plugin parameters
| * | Plugins: do not save metadata along plugin parametersArthurHoaro2020-09-122-14/+16
| |/ | | | | | | | | | | Also prevent the token to be saved. Fixes #1550
* | Merge pull request #1552 from ArthurHoaro/feature/better-initializerArthurHoaro2020-09-121-11/+63
|\ \ | |/ |/|
| * Improve default bookmarks after installArthurHoaro2020-09-101-11/+63
| | | | | | | | | | | | | | Used @nodiscc suggestion in #1148 (slightly edited). It provides a description of what Shaarli does, Markdown rendering demo, and a thumbnail link. Fixes #1148
* | Merge pull request #1547 from ArthurHoaro/fix/daily-visibilityArthurHoaro2020-09-062-7/+14
|\ \ | | | | | | Fix visibility issue on daily page
| * | Fix visibility issue on daily pageArthurHoaro2020-09-062-7/+14
| |/ | | | | | | | | | | This filter (links by day) didn't apply any visibility parameter. Fixes #1543
* | Merge pull request #1538 from ArthurHoaro/feature/plugins-bookmark-serviceArthurHoaro2020-09-063-14/+18
|\ \ | | | | | | Inject BookmarkServiceInterface in plugins data
| * | Inject BookmarkServiceInterface in plugins dataArthurHoaro2020-09-033-14/+18
| | | | | | | | | | | | Related discussion: ilesinge/shaarli-related#7
* | | Merge pull request #1541 from ArthurHoaro/fix/legacy-login-encodingArthurHoaro2020-09-031-1/+11
|\ \ \
| * | | Fix: encoding in legacy route login redirection to post bookmarkArthurHoaro2020-09-031-1/+11
| | |/ | |/| | | | | | | | | | When a bookmark is post from a logged out user, he is first redirected to the login page with 'returnurl' containing the link, then redirected again when the login is processed. We need to reencode the posted URL, otherwise the browser does not handle the fragment as a part of the posted parameter.
* | | Merge pull request #1537 from ArthurHoaro/fix/back-compatible-targetsArthurHoaro2020-09-032-131/+7
|\ \ \ | |/ / |/| |
| * | Improve backward compatibility for LegacyRouterArthurHoaro2020-09-032-131/+7
| |/ | | | | | | | | | | | | LegacyRouter is no longer used for routing, only in existing plugins to match the _PAGE_ parameter. So we change a few of its values there, to match the new ones defined in TemplatePage. @see discussion in shaarli/Shaarli#1537
* | Merge pull request #1520 from ArthurHoaro/fix/jp-languageArthurHoaro2020-09-031-1/+2
|\ \
| * | Japanese translation: add language to admin configuration pageArthurHoaro2020-08-271-1/+2
| | | | | | | | | | | | Also use ISO country code (JP) instead of JA.
* | | Merge pull request #1526 from kcaran/links_per_pageArthurHoaro2020-09-031-0/+2
|\ \ \
| * | | Avoid using global variablesKeith Carangelo2020-08-311-1/+1
| | | | | | | | | | | | Co-authored-by: ArthurHoaro <arthur@hoa.ro>
| * | | Added $links_per_page variable to template and display on defaultKeith Carangelo2020-08-291-0/+2
| |/ /
* | | Merge pull request #1524 from ArthurHoaro/fix/rss-stickyArthurHoaro2020-09-034-8/+25
|\ \ \ | | | | | | | | Fixed: Pinned bookmarks are displayed first in ATOM/RSS feeds
| * | | Fixed: Pinned bookmarks are displayed first in ATOM/RSS feedsArthurHoaro2020-08-294-8/+25
| |/ / | | | | | | | | | Fixes #1485
* | | Merge pull request #1536 from ArthurHoaro/fix/login-private-shaarliArthurHoaro2020-09-031-1/+1
|\ \ \ | | | | | | | | Fix login loop for private instances
| * | | Fix login loop for private instancesArthurHoaro2020-09-011-1/+1
| | |/ | |/| | | | | | | | | | | | | GET /login and POST /login have 2 distinct route name. Fixes #1533
* | | Merge pull request #1534 from ArthurHoaro/fix/legacy-route-postArthurHoaro2020-09-031-5/+27
|\ \ \ | |/ / |/| |
| * | Support redirection of legacy route 'do=configure'ArthurHoaro2020-09-011-0/+17
| | |
| * | Fix legacy redirection when Shaarli instance is under a subfolderArthurHoaro2020-09-011-6/+9
| | |
| * | Fix support for legacy route login redirectionArthurHoaro2020-09-011-3/+5
| |/ | | | | | | Makes sure that the user is properly redirected to the bookmark form after login, even with legacy routes
* / Fix broken route to filter not tagged bookmarksArthurHoaro2020-08-311-1/+0
|/ | | | | | Also display the filter for visitors. Fixes #1529
* Better handling of plugin incompatibilityArthurHoaro2020-08-274-4/+13
| | | | | If a PHP is raised while executing plugin hook, Shaarli will display an error instead of rendering the error page (or just ending in fatal error for default hooks). Also added phpErrorHandler which is handled differently that regular errorHandler by Slim.:
* Move error handling to dedicated controller instead of middlewareArthurHoaro2020-08-213-25/+51
|
* Move all admin controller into a dedicated groupArthurHoaro2020-08-136-23/+53
| | | | Also handle authentication check in a new middleware for the admin group.
* Bookmark's thumbnails PHPDoc improvementArthurHoaro2020-08-011-3/+3
|
* Remove anonymous permission and initialize bookmarks on loginArthurHoaro2020-08-016-49/+33
|
* Fix basePath in unit tests reference DBArthurHoaro2020-07-282-1/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-30 11:09:56 +0000