Andrew Dolgov
8080c525fd
- backend: require CSRF token to be passed via POST
...
- do not leak CSRF token via GET request in feed debugger
- rework Article/redirect to use POST
2020-09-15 16:12:53 +03:00
Andrew Dolgov
c3d14e1fa5
- fix multiple vulnerabilities in af_proxy_http
...
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov
a922b3cc6d
order_to_override_query: allow HOOK_HEADLINES_CUSTOM_SORT_OVERRIDE plugins to override built-in sorting
2020-09-11 07:48:22 +03:00
Andrew Dolgov
ddf9227dc4
pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc
2020-08-13 12:23:27 +03:00
Andrew Dolgov
dfa65e9374
move order_by to SQL override logic into a separate function
2020-08-13 11:52:32 +03:00
Andrew Dolgov
48be005774
instead of taking batch timestamp and score (?) into account, make oldest first sorting work consistently with newest first - i.e. rely on feed-provided timestamp
2020-08-11 13:29:09 +03:00
Andrew Dolgov
d01ad09800
eslint-related fixes; move a few things from global context to App
2020-06-05 07:44:57 +03:00
Andrew Dolgov
44b1f0fcc0
search: add support for label:XXX search keyword
...
Labels: enforce case-insensitive lookups when creating/looking for labels
2020-04-04 14:34:08 +03:00
Andrew Dolgov
5f30061c92
properly calculate marked counters for feeds in nested categories
2020-02-20 15:54:40 +03:00
Andrew Dolgov
0e9e1ad112
getCategoryUnread: return correct unread count for labels category
2020-01-25 12:53:10 +03:00
Andrew Dolgov
cdd2b6fd22
getCategoryChildrenUnread: fix typo
2020-01-25 10:00:22 +03:00
Andrew Dolgov
a6ced36189
getCategoryCounters: properly calculate counters for child subcategory entries
...
getCategoryUnread: cleanup
2020-01-25 09:57:28 +03:00
Andrew Dolgov
a64b8a7fdb
getCategoryUnread: don't return unread counters for Special category because it doesn't make a lot of sense to do so
2020-01-24 15:54:01 +03:00
Andrew Dolgov
6080cca9ca
scrap counter cache system; rework counters to sum() booleans instead
2020-01-24 14:25:31 +03:00
Andrew Dolgov
3b29e865b0
support night mode in feed debugger
2020-01-19 10:56:49 +03:00
Andrew Dolgov
9c0235ab66
show current unread counter on headlines toolbar if sidebar is hidden
2019-12-12 07:37:28 +03:00
Andrew Dolgov
565547f5a1
php 7.4 deprecation-related fixes
2019-12-06 07:27:22 +03:00
Andrew Dolgov
06393750c7
headline grouping:
...
1. block grouping for specific feeds where it doesn't make a lot of sense to do so or flat list fits better (archived, recently read)
2. block per-week grouping for feeds where feed-first grouping makes more sense (fresh, starred, published)
2019-08-30 10:16:38 +03:00
Andrew Dolgov
133c2b482b
move rewrite_cached_urls to DiskCache::rewriteUrls()
2019-08-13 12:46:57 +03:00
Andrew Dolgov
088fcf8131
move more globals to more appropriate places
...
set libxml to always use internal errors
2019-06-20 08:40:02 +03:00
Andrew Dolgov
4fa9aee4e7
move several more global functions to more appropriate classes
2019-06-20 08:14:06 +03:00
Andrew Dolgov
6d746453c7
get_feeds_from_html: remove XML preamble hack
...
move several related helper functions to Feeds class
2019-06-20 07:51:48 +03:00
Andrew Dolgov
270b39a337
queryFeedHeadlines: support start_ts when browsing by tag
2019-06-18 13:10:32 +03:00
Andrew Dolgov
905f038610
search dialog: display active query if searching already
2019-05-20 07:59:53 +03:00
Andrew Dolgov
09f520eda2
fix search query test statement stopping valid modifiers like unread: from working
2019-05-20 07:12:43 +03:00
Andrew Dolgov
de713035fd
when subscribing, check for valid html content type before checking if requested document has HTML doctype/start element
2019-05-16 10:07:22 +03:00
Andrew Dolgov
84d43a1b44
catchup_feed: invoke HOOK_SEARCH if necessary
2019-05-07 06:57:28 +03:00
Andrew Dolgov
ccc0315ef0
better tsquery support:
...
1. report query syntax errors properly
2. fall back to implicit &-joining only if no joiners are detected in user query, otherwise permit full tsquery syntax
2019-04-30 14:39:08 +03:00
Andrew Dolgov
1cd9b3c866
prevent a fatal error on an invalid tsquery syntax
2019-04-29 21:15:49 +03:00
Michael Kuhn
e38fcd6dea
Fix button focus issues
...
This change introduces derived classes for ComboButton, DropDownButton
and Select that make sure that buttons do not remain focused after their
menus are closed. This allows using hotkeys after closing them.
2019-04-14 12:01:52 +02:00
Andrew Dolgov
c936cc3a1f
use DEFAULT_SEARCH_LANGUAGE to generate tsvector index if per-feed language is not specified, also use it as default value on search form for convenience
2019-04-10 13:03:26 +03:00
Andrew Dolgov
19f162dbe3
css: insensitive -> text-muted
2019-03-08 10:11:57 +03:00
Andrew Dolgov
0b74db5ad7
remove feedbrowser (other feeds)
2019-03-06 20:02:06 +03:00
Andrew Dolgov
54c1b5c611
fill in some missing doctypes; use short doctype where it wasn't
2019-02-23 13:49:40 +03:00
Andrew Dolgov
a366da90a6
add label.inline
2019-02-22 12:13:41 +03:00
Andrew Dolgov
335147e572
dialogs: use semantic markup instead of dlgsec stuff
...
continue unifying quoting style for html strings
2019-02-22 10:48:56 +03:00
Andrew Dolgov
4e253add8c
UI: add some more info links to relevant wiki pages; minor layout updates
2019-02-21 16:21:16 +03:00
Andrew Dolgov
26e57604c0
simplify layout of search and subscribe dialogs
2019-02-21 13:22:31 +03:00
Andrew Dolgov
f8836ec080
search dialog fixes
...
pgsql: get FTS languages list from the database
2019-02-20 15:12:37 +03:00
Andrew Dolgov
4d9141d762
simplify dlgSec-related markup
2019-02-20 14:37:59 +03:00
Andrew Dolgov
9e7bbf6809
debugger: use narrow fieldsets for checkboxes
2019-02-19 21:24:00 +03:00
Andrew Dolgov
55d2e5871a
feed debugger: dojoify controls
2019-02-19 21:00:15 +03:00
Andrew Dolgov
8cd7f31bde
utility css updates
2019-02-19 19:46:09 +03:00
Andrew Dolgov
8b26b8629f
headlines-frame: set is-vfeed attribute if result is virtual feed
2019-01-16 21:33:59 +03:00
Andrew Dolgov
4729bdb132
queryFeedHeadlines: fix published field not returned when browsing by tag
2018-12-25 16:19:42 +03:00
Andrew Dolgov
215c9f0f88
fail better if Feeds.view() data failed encoding to JSON
2018-12-24 12:28:11 +03:00
Andrew Dolgov
eda4ac2a2b
add fallback colors for headline feed titles based on feed name if favicon color is not available
2018-12-12 07:57:37 +03:00
Andrew Dolgov
f3c04fc5d8
sync modified scores via mutation observer
2018-12-11 10:30:32 +03:00
Andrew Dolgov
25ca144bb7
score: get correct classes for rows/score icons on the client
2018-12-11 10:00:54 +03:00
Andrew Dolgov
a5813bb766
mysql: use date_format() for yyiw part in queryFeedHeadlines()
2018-12-09 20:38:02 +03:00
Michael Kuhn
3484ad2aaf
Use IYYY in combination with IW
...
Otherwise, we could end up with a wrong date, see:
https://community.oracle.com/thread/997899
2018-12-09 18:28:15 +01:00
Andrew Dolgov
fa538a6c86
implement year-week sorting window if headlines buffer is grouped by feed titles
2018-12-09 13:35:37 +03:00
Andrew Dolgov
8f5b5ae09e
if not enabled, set content_preview to "" instead of null
2018-12-09 04:24:48 +03:00
Andrew Dolgov
bd66a9ef28
render article on the client using headlines data
2018-12-08 09:32:14 +03:00
Andrew Dolgov
41e967136f
format headlines list: normalize booleans for pdo mysql
2018-12-08 08:23:18 +03:00
Andrew Dolgov
811e1514a3
remove uuid from headlines JSON output
2018-12-07 22:14:32 +03:00
Andrew Dolgov
3b7a9219f6
viewfeed: cleanup unneeded stuff from server JSON output
2018-12-07 21:52:41 +03:00
Andrew Dolgov
76885fc5ad
viewfeed: general code cleanup
2018-12-07 21:22:51 +03:00
Andrew Dolgov
8f75b06835
implement feed grouping display, remove unneeded server vgrlf passing
2018-12-07 21:11:50 +03:00
Andrew Dolgov
0b84d1d0dc
viewfeed: add orig_feed object
2018-12-07 18:38:27 +03:00
Andrew Dolgov
e075e6141b
json-viewfeed updates
2018-12-07 18:24:56 +03:00
Andrew Dolgov
249c93a228
initial for js templates
2018-12-07 16:00:11 +03:00
Andrew Dolgov
e9cf8e8e35
normalize archived articles output in headlines
2018-12-06 19:00:11 +03:00
Andrew Dolgov
26c074ed7e
rework article header to use flexbox
2018-12-06 16:35:57 +03:00
Andrew Dolgov
b4c2b26822
remove collapse.png
2018-12-06 15:28:11 +03:00
Andrew Dolgov
0b8cbc9156
remove some bitmaps and rework stuff using it to use iconfont instead
2018-12-06 15:22:52 +03:00
Andrew Dolgov
d2d2cb7e7d
rework scoring display, JS processing and icons
2018-12-06 14:23:45 +03:00
Andrew Dolgov
8b2286305e
and again
2018-12-06 13:18:14 +03:00
Andrew Dolgov
1de1426114
Revert "change fresh feed icon"
...
This reverts commit 69da55b945
.
2018-12-06 13:16:53 +03:00
Andrew Dolgov
69da55b945
change fresh feed icon
2018-12-06 13:13:25 +03:00
Andrew Dolgov
c700345c96
trgm: use vector icon, replace recently read icon
2018-12-05 22:48:14 +03:00
Andrew Dolgov
cad6d1d7fd
various icon updates; use new icons in feed tree
2018-12-05 20:26:27 +03:00
Andrew Dolgov
a0778577ac
remove pub_{set,unset}.png usage in main code
2018-12-05 14:18:03 +03:00
Andrew Dolgov
cbd7328cb4
minor fixes to pub/mark icons etc
2018-12-05 14:11:40 +03:00
Andrew Dolgov
b65d8384c2
update headlines to use vector icons
2018-12-05 13:58:18 +03:00
Andrew Dolgov
89b213b4bb
initial for material-icons
2018-12-05 10:50:50 +03:00
Andrew Dolgov
edd348b16c
rework not-cdm headline rows to use flex-box
2018-12-05 09:08:02 +03:00
Andrew Dolgov
88c2da72d5
combined mode: use flex-box for header/footer layout
2018-12-05 08:31:13 +03:00
Andrew Dolgov
2621180b54
in three panel mode, attach context menu to the title, instead of entire headlines row
2018-12-05 07:34:16 +03:00
Andrew Dolgov
2ab097b2e5
initial work for flat modern theme
2018-12-04 22:24:31 +03:00
Andrew Dolgov
6befff30d7
updates for flat theme (mostly disable old dijit overrides)
2018-12-04 19:03:42 +03:00
Andrew Dolgov
0b8fef8262
combined unexpanded: respect 'SHOW_CONTENT_PREVIEW' preference
2018-12-04 10:47:50 +03:00
Andrew Dolgov
27b93988e7
add placeholder loading indicator to CDM entries
...
restore missing "originally from" for archived articles
2018-12-03 20:05:11 +03:00
Andrew Dolgov
e76d1fb995
plugins: mail, mailto: remove code from global context
2018-12-03 14:21:50 +03:00
wn_
6100392bd5
Fix an `onclick` (`Article.editArticleTags` --> `Article.editTags`)
2018-12-02 16:02:03 -06:00
Andrew Dolgov
5ead558e43
move Utils to AppBase where it belongs
2018-12-02 22:08:18 +03:00
Andrew Dolgov
ad1b6f0a86
bring back excerpts in unexpanded mode
2018-12-02 19:04:53 +03:00
Andrew Dolgov
874560db54
remove obsolete row selection functions
...
move getUrlParam() to Utils
2018-12-02 10:33:58 +03:00
Andrew Dolgov
0a18d0b1ed
Feeds: shorten some method names
...
finally rename "view as rss"
2018-12-02 08:57:22 +03:00
Andrew Dolgov
6e625555c9
Headlines: shorten selectArticles
2018-12-02 08:34:08 +03:00
Andrew Dolgov
3678315bea
Article, Headlines: shorten several method names
2018-12-02 08:32:13 +03:00
Andrew Dolgov
cc26be0793
migrate tt-rss.js contents to App
2018-12-01 21:51:00 +03:00
Andrew Dolgov
ab0fadf60d
fix vfeed group title CSS in not combined mode
2018-12-01 21:08:15 +03:00
Andrew Dolgov
642c37ea61
further effocts to wrap JS stuff into objects
2018-12-01 21:01:53 +03:00
Andrew Dolgov
4bed9be57d
js-ification: start on some common dialogs
2018-12-01 18:25:32 +03:00
Andrew Dolgov
97df81d8d9
even more objectification of JS
2018-12-01 17:54:16 +03:00
Andrew Dolgov
d86ddbc635
further objectification of JS code
2018-12-01 17:21:26 +03:00
Andrew Dolgov
049a37aa0e
WIP reshuffling of JS global context into separate logical objects
2018-12-01 17:05:35 +03:00
Andrew Dolgov
195180b64d
minor refactoring: normalize some function names; cleanup; etc
2018-12-01 11:18:35 +03:00
Andrew Dolgov
a2ef54cd92
toggleMark, togglePub: refactor implementation
...
shorten marked/published img CSS classes
2018-12-01 08:20:09 +03:00