| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
|
|
|
| |
Allowed check branches are now `latest` and `stable`.
|
|\
| |
| | |
Link imports are now logged in `data/` folder, and can be debug using…
|
| | |
|
| |
| |
| |
| |
| |
| | |
`dev.debug=true` setting
related to #741 and #681
|
|/ |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use php-intl extension to display datetimes a bit more nicely, depending on the locale.
What changes:
* the day is no longer displayed
* day number and month are ordered according to the locale
* the timezone is more readable (UTC+1 instead of CET)
|
|
|
|
|
|
| |
- Creates arrays_combination function to cover all cases
- add the underscore separator in the regex
- add `utf8` encoding in addition to `UTF-8`
|
|
|
|
|
|
|
|
|
|
|
| |
Namespaces have been introduced with the REST API, and should be generalized
to the whole codebase to manage object scope and benefit from autoloading.
See:
- https://secure.php.net/manual/en/language.namespaces.php
- http://www.php-fig.org/psr/psr-4/
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
|
| |
|
|
|
|
| |
See http://shaarli.github.io/api-documentation/#links-link-get
|
| |
|
|
|
|
|
|
| |
No update regarding the UI or the API for now
Fixes #758
|
|
|
|
| |
Fixes #724
|
|\
| |
| | |
REST API: implement getLinks service
|
| |
| |
| |
| | |
See http://shaarli.github.io/api-documentation/#links-links-collection-get
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/pull/731
Added:
- require the presence of the 'Authorization' header
Changed:
- use the HTTP Bearer Token authorization schema
See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| | |
| | | |
Theme manager: improvements
|
| | | |
|
| | | |
|
| |/ |
|
| |
| |
| |
| | |
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes https://github.com/shaarli/Shaarli/issues/737
Added:
- Base64Url utilities
Fixed:
- use URL-safe Base64 encoding/decoding functions
- use byte representations for HMAC digests
- all JWT parts are Base64Url-encoded
See:
- https://en.wikipedia.org/wiki/JSON_Web_Token
- https://tools.ietf.org/html/rfc7519
- https://scotch.io/tutorials/the-anatomy-of-a-json-web-token
- https://jwt.io/introduction/
- https://en.wikipedia.org/wiki/Base64#URL_applications
- https://secure.php.net/manual/en/function.base64-encode.php#103849
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\
| |
| | |
Hide default ports in local URL behind a reverse proxy
|
| | |
|
|/
|
|
|
|
| |
Closes https://github.com/shaarli/Shaarli/issues/735
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|
|
|
|
|
|
| |
* Private tags: make sure empty tags are properly filtered
* Search results:
* Use preg_split instead of function combination
* Add normalize_spaces to remove extra whitespaces displaying empty tags search
|
| |
|
|
|
|
|
|
| |
* REST API routes are handle by Slim.
* Every API controller go through ApiMiddleware which handles security.
* First service implemented `/info`, for tests purpose.
|
|
|
|
|
|
|
|
| |
API settings:
- api.enabled
- api.secret
The API settings will be initialized (and the secret generated) with an update method.
|
|
|
|
|
|
|
| |
All existing link will keep their permalinks.
New links will have smallhash generated with date+id.
The purpose of this is to avoid collision between links due to their creation date.
|
| |
|
|\
| |
| | |
Markdown: fixes feed rendering with nomarkdown tag
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* make sure we match exactly `nomarkdown` tag
* pass the whole link data to stripNoMarkdownTag() to:
* strip the noMD tag in taglist (array)
* strip the tag in tags (string)
Fixes #689
tmp
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If `mod_version` is enabled, the previous syntax will apply for Apache <2.4.
If not, the new syntax is used by default.
Fixes #676
`mod_version` identifier is `version_module` across all Apache versions. See:
* https://httpd.apache.org/docs/current/mod/mod_version.html
* https://httpd.apache.org/docs/2.2/mod/mod_version.html
* https://serverfault.com/questions/733910/how-do-i-load-mod-version-only-if-it-isnt-built-in-to-apache
Note that version_module comes built-in with Debian (and derivatives) Apache2 packages, see https://wiki.debian.org/Apache/PackagingFor24
|
|
|
|
|
|
| |
Fixes #672
+ Markdown to HTML unit test
|
|\
| |
| | |
LinkDB: code cleanup
|
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/issues/95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| | |
Relates to https://github.com/shaarli/Shaarli/issues/95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
| |
| |
| |
| |
| |
| | |
Relates to #95
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
|
|\ \
| |/
|/| |
Fix hashtag links in Feeds
|
| |
| |
| |
| | |
Make the hashtag link absolute in feeds to work properly in RSS syndication tools.
|
|/ |
|
|\
| |
| | |
Isso comments plugin
|
| |
| |
| |
| | |
Use Isso client to let visitors comments on permalinks
|