]>
git.wh0rd.org Git - tt-rss.git/log
Andrew Dolgov [Tue, 14 Feb 2017 16:46:37 +0000 (19:46 +0300)]
af_zz_imgproxy: remove filter hook, not needed
Andrew Dolgov [Tue, 14 Feb 2017 15:49:11 +0000 (18:49 +0300)]
Merge branch 'master' of git.tt-rss.org:fox/tt-rss
Andrew Dolgov [Tue, 14 Feb 2017 15:48:40 +0000 (18:48 +0300)]
af_zz_imgproxy: rewrite to absolute url; add on-parse article filter hook to handle redirect situation in case frontend has open_basedir (disabled currently)
Andrew Dolgov [Tue, 14 Feb 2017 10:42:29 +0000 (13:42 +0300)]
Merge branch 'german-translation' into 'master'
Update german translation
See merge request !47
Heiko Adams [Tue, 14 Feb 2017 08:43:24 +0000 (09:43 +0100)]
Update german translation
Andrew Dolgov [Tue, 14 Feb 2017 08:22:32 +0000 (11:22 +0300)]
rebase translations
Andrew Dolgov [Tue, 14 Feb 2017 06:32:21 +0000 (09:32 +0300)]
set error report url to https
Andrew Dolgov [Mon, 13 Feb 2017 20:36:58 +0000 (23:36 +0300)]
bind headlines menu to a selector to avoid remaking it unnecessarily
Andrew Dolgov [Mon, 13 Feb 2017 19:49:20 +0000 (22:49 +0300)]
fix vertical position of cdm collapse button in floating title
Andrew Dolgov [Mon, 13 Feb 2017 19:45:30 +0000 (22:45 +0300)]
cdmcollapse/expand: use less convoluted selector queries
Andrew Dolgov [Mon, 13 Feb 2017 16:21:38 +0000 (19:21 +0300)]
add af_zz_vidmute
Andrew Dolgov [Mon, 13 Feb 2017 12:49:41 +0000 (15:49 +0300)]
af_zz_imgproxy: truncate url in error png
Andrew Dolgov [Mon, 13 Feb 2017 12:25:52 +0000 (15:25 +0300)]
af_zz_imgproxy: show GD-based (if possible) error message on proxy failure
Andrew Dolgov [Mon, 13 Feb 2017 12:25:21 +0000 (15:25 +0300)]
rewrite_relative_url: cleanup resulting url path while rewriting
Andrew Dolgov [Mon, 13 Feb 2017 05:46:36 +0000 (08:46 +0300)]
af_zz_imgproxy: disable api render hook: pointless, because api clients won't have an authenticated cookie-based session
Andrew Dolgov [Mon, 13 Feb 2017 05:08:19 +0000 (08:08 +0300)]
af_zz_imgproxy: fix typo
Andrew Dolgov [Sun, 12 Feb 2017 17:24:29 +0000 (20:24 +0300)]
format_article_enclosures: allow embedding .jpeg files
Andrew Dolgov [Sun, 12 Feb 2017 17:23:32 +0000 (20:23 +0300)]
fix previous, again
Andrew Dolgov [Sun, 12 Feb 2017 14:32:43 +0000 (17:32 +0300)]
af_zz_imgproxy: limit enclosure rewriting to images
Andrew Dolgov [Sun, 12 Feb 2017 14:02:07 +0000 (17:02 +0300)]
add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy (2)
Andrew Dolgov [Sun, 12 Feb 2017 13:01:28 +0000 (16:01 +0300)]
add HOOK_ENCLOSURE_ENTRY for af_zz_imgproxy
Andrew Dolgov [Sun, 12 Feb 2017 11:19:37 +0000 (14:19 +0300)]
Merge branch 'fix-target-blank-vulnerability' into 'master'
Prevent target='_blank' vulnerability on dynamic link
This merge request refere to https://tt-rss.org/forum/viewtopic.php?f=8&t=4048
It fix the issue I enconter on some feeds I follow.
Just need to add "noopener" and "noreferrer" on "_blank" link to avoid the vulnerability.
See merge request !46
Jérémy DECOOL [Sun, 12 Feb 2017 10:01:36 +0000 (11:01 +0100)]
Prevent target='_blank' vulnerability on dynamic link
Andrew Dolgov [Fri, 10 Feb 2017 19:02:30 +0000 (22:02 +0300)]
af_zz_imgproxy: redirect to caller url unless called in user context
Andrew Dolgov [Fri, 10 Feb 2017 13:04:28 +0000 (16:04 +0300)]
allow user plugins to expose public methods out in a limited fashion
Andrew Dolgov [Fri, 10 Feb 2017 12:14:47 +0000 (15:14 +0300)]
use get_self_url_prefix() when rewriting cached images
Andrew Dolgov [Fri, 10 Feb 2017 11:57:25 +0000 (14:57 +0300)]
add some print_checkbox/print_button calls; rename some plugin preference pane titles
Andrew Dolgov [Fri, 10 Feb 2017 11:41:11 +0000 (14:41 +0300)]
af_zz_imgproxy: urlencode() url parameter, DUH
Andrew Dolgov [Fri, 10 Feb 2017 11:36:21 +0000 (14:36 +0300)]
use print_hidden() for hidden dojo form fields
Andrew Dolgov [Fri, 10 Feb 2017 11:17:18 +0000 (14:17 +0300)]
af_zz_imgproxy: add optional setting to proxy all remote images
functions: add some form helper methods
Andrew Dolgov [Fri, 10 Feb 2017 09:37:21 +0000 (12:37 +0300)]
af_zz_imgproxy: use inline disposition, misc updates
Andrew Dolgov [Fri, 10 Feb 2017 09:12:09 +0000 (12:12 +0300)]
update af_zz_imgproxy to plug into built-in image caching
Andrew Dolgov [Fri, 10 Feb 2017 09:11:09 +0000 (12:11 +0300)]
sanitize: properly handle cached content in archived articles
Andrew Dolgov [Fri, 10 Feb 2017 07:25:10 +0000 (10:25 +0300)]
add af_zz_imgproxy (initial)
Andrew Dolgov [Thu, 9 Feb 2017 20:19:26 +0000 (23:19 +0300)]
pass several image files used in notify messages to frontend as base64 to prevent broken error messages in case network connection is down. also, update some close buttons to show correct cursor.
Andrew Dolgov [Thu, 9 Feb 2017 20:04:34 +0000 (23:04 +0300)]
handle_rpc_json: fix netalert button never appearing on JSON parse error
Andrew Dolgov [Wed, 8 Feb 2017 12:07:05 +0000 (15:07 +0300)]
add some protection against opener attacks if external site is opened via window.open()
Andrew Dolgov [Sat, 4 Feb 2017 11:50:50 +0000 (14:50 +0300)]
parse_counters: skip subscribed-feeds id properly
Andrew Dolgov [Sat, 4 Feb 2017 09:02:17 +0000 (12:02 +0300)]
cached_image: remove unnecessary basename()
Andrew Dolgov [Sat, 4 Feb 2017 08:57:31 +0000 (11:57 +0300)]
reset local counter cache when feed count changes
Andrew Dolgov [Sat, 4 Feb 2017 08:50:01 +0000 (11:50 +0300)]
image cache: do not try to cache data: schema urls; add caching of html5 video content (similar to cache_starred_images plugin)
Andrew Dolgov [Sat, 4 Feb 2017 08:32:24 +0000 (11:32 +0300)]
image cache: send files as content-disposition: attachment; add .png suffix to image urls
Andrew Dolgov [Sun, 29 Jan 2017 11:36:37 +0000 (14:36 +0300)]
af_redditimgur: inline streamable.com videos
Andrew Dolgov [Sat, 28 Jan 2017 11:24:48 +0000 (14:24 +0300)]
af_readability: force utf8 preamble on html document load. no idea why but it seems to work better even for not-unicode sites.
Andrew Dolgov [Sat, 28 Jan 2017 09:45:49 +0000 (12:45 +0300)]
subscribe dialog: do not report errors via alert()
fetch_file_contents: reset all globals on start, return error message body when not using curl
subscribe_to_feed: report if cloudflare is in the error message
Andrew Dolgov [Thu, 26 Jan 2017 19:43:57 +0000 (22:43 +0300)]
compact.css: remove version tag
Andrew Dolgov [Thu, 26 Jan 2017 19:41:18 +0000 (22:41 +0300)]
add compact theme with smaller font
Andrew Dolgov [Thu, 26 Jan 2017 19:37:22 +0000 (22:37 +0300)]
preferences: set themes dropdown to default if selected theme is missing
Andrew Dolgov [Wed, 25 Jan 2017 09:18:15 +0000 (12:18 +0300)]
remove default.css
Andrew Dolgov [Wed, 25 Jan 2017 09:17:41 +0000 (12:17 +0300)]
implement cache-busting for default theme.css
night theme: small fixes
Andrew Dolgov [Wed, 25 Jan 2017 08:22:53 +0000 (11:22 +0300)]
increase content font size by 1px
Andrew Dolgov [Wed, 25 Jan 2017 05:50:42 +0000 (08:50 +0300)]
pass article guid to hook_render_article
Andrew Dolgov [Wed, 25 Jan 2017 05:43:50 +0000 (08:43 +0300)]
Merge branch 'fix-sanitize-dfn' into 'master'
sanitize: allow <dfn> tag
### In brief
* Add `<dfn>` tag to allowed tags list
* `<dfn>` represents the defining instance of a term in HTML
* More [information about `<dfn>` on the w3school's website](http://www.w3schools.com/tags/tag_dfn.asp )
### Example
This stops article content such as...
```
Indian tea harvests are divided up by <dfn>flush</dfn>.
```
...from getting turned into...
```
Indian tea harvests are divided up by .
```
See merge request !45
Shane Synan [Wed, 25 Jan 2017 00:39:17 +0000 (18:39 -0600)]
sanitize: allow dfn tag
Add <dfn> tag to allowed tags list. <dfn> represents the defining
instance of a term in HTML.
Andrew Dolgov [Tue, 24 Jan 2017 20:08:21 +0000 (23:08 +0300)]
Merge branch 'more-af-comics' into 'master'
Support hyphens in GoComics URLs.
See merge request !44
JustAMacUser [Tue, 24 Jan 2017 20:06:46 +0000 (15:06 -0500)]
Support hyphens in GoComics URLs.
Andrew Dolgov [Tue, 24 Jan 2017 15:45:25 +0000 (18:45 +0300)]
support rel=noopener for links
Andrew Dolgov [Tue, 24 Jan 2017 12:11:13 +0000 (15:11 +0300)]
fetch_file_contents: rework the way shim works to prevent intermittent warnings
Andrew Dolgov [Tue, 24 Jan 2017 08:36:43 +0000 (11:36 +0300)]
sanitize: allow acronym tag
Andrew Dolgov [Mon, 23 Jan 2017 16:21:25 +0000 (19:21 +0300)]
add some vertical space to diijt menu items
Andrew Dolgov [Mon, 23 Jan 2017 05:20:46 +0000 (08:20 +0300)]
reference pubsubhubbub classes using their namespace
Andrew Dolgov [Sun, 22 Jan 2017 18:57:31 +0000 (21:57 +0300)]
Merge branch 'af-comics-ui' into 'master'
Added feed URL instructions for GoComics.
GoComics feed URL syntax now included on existing Prefs page for af_comics plugin.
See merge request !43
JustAMacUser [Sun, 22 Jan 2017 18:52:25 +0000 (13:52 -0500)]
Added feed URL instructions for GoComics.
Andrew Dolgov [Sun, 22 Jan 2017 17:57:16 +0000 (20:57 +0300)]
unpackVisibleHeadlines: do not iterate over all RROWs all the time
Andrew Dolgov [Sun, 22 Jan 2017 17:20:35 +0000 (20:20 +0300)]
feed tree: only run animation for appearing unread counters to prevent clashes with aux counter updating and animations ending up in wrong state
Andrew Dolgov [Sun, 22 Jan 2017 16:58:17 +0000 (19:58 +0300)]
initHeadlinesMenu: remove unneeded output
Andrew Dolgov [Sun, 22 Jan 2017 16:57:16 +0000 (19:57 +0300)]
attach headline menu objects to correct DOM nodes in combined mode
Andrew Dolgov [Sun, 22 Jan 2017 16:38:07 +0000 (19:38 +0300)]
parse_counters: cache previous reply and skip processing of unchanged rows (better implementation)
Andrew Dolgov [Sun, 22 Jan 2017 16:29:14 +0000 (19:29 +0300)]
parse_counters: cache previous reply and skip processing of unchanged rows
Andrew Dolgov [Sun, 22 Jan 2017 16:20:23 +0000 (19:20 +0300)]
reuse menu objects while appending headline rows
Andrew Dolgov [Sun, 22 Jan 2017 14:46:11 +0000 (17:46 +0300)]
collapse_feedlist: also toggle splitter
Andrew Dolgov [Sun, 22 Jan 2017 10:55:36 +0000 (13:55 +0300)]
bump VERSION_STATIC due to Dojo changes
Andrew Dolgov [Sun, 22 Jan 2017 10:43:32 +0000 (13:43 +0300)]
dojoConfig: use cacheBust
Andrew Dolgov [Sun, 22 Jan 2017 10:21:41 +0000 (13:21 +0300)]
feedtree: fix for long feed titles making counters invisible
Andrew Dolgov [Sun, 22 Jan 2017 08:03:45 +0000 (11:03 +0300)]
Merge branch 'af-comics-gocomics-feed' into 'master'
Update af_comics plugin to support GoComics.
Updates the af_comics plugin to support new GoComics site, which dropped native RSS feeds.
See merge request !42
Andrew Dolgov [Sun, 22 Jan 2017 07:19:11 +0000 (10:19 +0300)]
Merge branch 'master' of git.tt-rss.org:fox/tt-rss
Andrew Dolgov [Sun, 22 Jan 2017 07:18:43 +0000 (10:18 +0300)]
force ngettext() count argument type to string
JustAMacUser [Sun, 22 Jan 2017 07:14:02 +0000 (02:14 -0500)]
Update af_comics to handle new GoComics site.
JustAMacUser [Sun, 22 Jan 2017 07:12:09 +0000 (02:12 -0500)]
Added support to fetch_file_contents() to explicitly set CURLOPT_FOLLOWLOCATION.
Andrew Dolgov [Sun, 22 Jan 2017 06:47:20 +0000 (09:47 +0300)]
Merge branch 'settimeout-strings' into 'master'
Replace all setTimeout strings with functions
This fixes a cross-site scripting vulnerability.
See merge request !41
Anders Kaseorg [Fri, 20 Jan 2017 18:13:31 +0000 (13:13 -0500)]
Replace all setTimeout strings with functions
This fixes a cross-site scripting vulnerability.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Andrew Dolgov [Sat, 21 Jan 2017 20:06:35 +0000 (23:06 +0300)]
Merge branch 'lib-upgrades' into 'master'
Third-party library upgrades
* lib: Upgrade php-gettext from 1.0.11 to 1.0.12
* lib: Upgrade accept-to-gettext.php from 2003-08-14 to 2007-04-01
* lib: Upgrade JShrink from 0.5.1 to 1.1.0
* lib: Upgrade mobile-detect from svn r44 (2012-05-03) to 2.8.24 (2016-11-11)
* lib: Upgrade php-publisher from ??? to
a5d6a0e (2016-11-15)
* lib: Upgrade php-subscriber from ??? to
1213f89 (2016-11-15)
* lib: Upgrade script.aculo.us from 1.8.3 to 1.9.0
* lib: Upgrade timezones.txt from 2010k/l/m/n/2011a to 2016j
See merge request !40
Andrew Dolgov [Sat, 21 Jan 2017 20:02:22 +0000 (23:02 +0300)]
Merge branch 'prototype-1.7.3' into 'master'
lib: Upgrade Prototype from 1.7 to 1.7.3
Are you sure you want these as separate merge requests? The rest of the upgrades are much less invasive than Dojo, with essentially no changes outside of `lib`. I would of course leave them as separate commits in any case, but I had assumed they would be more convenient to test in one batch.
See merge request !39
Anders Kaseorg [Fri, 20 Jan 2017 21:46:13 +0000 (16:46 -0500)]
lib: Upgrade timezones.txt from 2010k/l/m/n/2011a to 2016j
https://www.iana.org/time-zones
The local change adding Automatic was preserved; the local change
removing Zulu was not.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 21:13:30 +0000 (16:13 -0500)]
lib: Upgrade script.aculo.us from 1.8.3 to 1.9.0
https://script.aculo.us/
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 20:59:48 +0000 (15:59 -0500)]
lib: Upgrade php-subscriber from ??? to
1213f89 (2016-11-15)
https://github.com/pubsubhubbub/php-subscriber
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 20:58:12 +0000 (15:58 -0500)]
lib: Upgrade php-publisher from ??? to
a5d6a0e (2016-11-15)
https://github.com/pubsubhubbub/php-publisher
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 20:32:07 +0000 (15:32 -0500)]
lib: Upgrade mobile-detect from svn r44 (2012-05-03) to 2.8.24 (2016-11-11)
https://github.com/serbanghita/Mobile-Detect
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 20:18:46 +0000 (15:18 -0500)]
lib: Upgrade JShrink from 0.5.1 to 1.1.0
https://github.com/tedivm/JShrink
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 20:03:04 +0000 (15:03 -0500)]
lib: Upgrade accept-to-gettext.php from 2003-08-14 to 2007-04-01
http://grep.be/data/accept-to-gettext.inc
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Anders Kaseorg [Fri, 20 Jan 2017 19:49:24 +0000 (14:49 -0500)]
lib: Upgrade php-gettext from 1.0.11 to 1.0.12
https://launchpad.net/php-gettext
The local change to rename the gettext_reader function to
__construct (commit
00b6b66827c5ce0c103399f2742581fa90d50a97 ) has been
preserved.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Andrew Dolgov [Sat, 21 Jan 2017 20:00:05 +0000 (23:00 +0300)]
addendum to the previous
Andrew Dolgov [Sat, 21 Jan 2017 19:58:32 +0000 (22:58 +0300)]
assorted CSS fixes related to Dojo upgrade
Andrew Dolgov [Sat, 21 Jan 2017 19:39:41 +0000 (22:39 +0300)]
set .loadingExpando height to a correct value
Anders Kaseorg [Fri, 20 Jan 2017 18:49:03 +0000 (13:49 -0500)]
lib: Upgrade Prototype from 1.7 to 1.7.3
http://prototypejs.org/
The local change from ‘on’ to ‘p_on’ for Dojo compatibility has been
preserved.
Signed-off-by: Anders Kaseorg <andersk@mit.edu>
Andrew Dolgov [Sat, 21 Jan 2017 19:33:23 +0000 (22:33 +0300)]
prefs: auto expand feed tree
Andrew Dolgov [Sat, 21 Jan 2017 19:30:20 +0000 (22:30 +0300)]
fix loading indicator position/size for tree leafs
Andrew Dolgov [Sat, 21 Jan 2017 19:21:46 +0000 (22:21 +0300)]
force-enable persist for feedTree
Andrew Dolgov [Sat, 21 Jan 2017 18:59:17 +0000 (21:59 +0300)]
Merge branch 'dojo-1.12.1'
Conflicts:
js/prefs.js
Andrew Dolgov [Sat, 21 Jan 2017 18:49:10 +0000 (21:49 +0300)]
prefs: add updateSelectedPrompt shim called by toggleSelectedRow()