Commit Graph

502 Commits

Author SHA1 Message Date
Andrew Dolgov 1f79d614c4 fix OTP QR code not displayed because of CSRF token passed as a query
parameter
use type-strict comparison when validating CSRF token on the backend
2020-09-17 08:43:39 +03:00
Andrew Dolgov 33fdde249e pass CSRF token to opml import and feed icon replace dialogs 2020-09-16 06:43:55 +03:00
Andrew Dolgov 4a074111b5 user preferences: forbid < and > characters when changing passwords (were silently stripped on save because of clean()) 2020-09-14 20:53:00 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov fa653f5a43 prefs: show disabled filters properly on mysql 2020-07-01 09:49:53 +03:00
Andrew Dolgov 2996a3942f prefs: show root of filter tree as enabled so it's not grayed out 2020-07-01 09:48:27 +03:00
Andrew Dolgov d01ad09800 eslint-related fixes; move a few things from global context to App 2020-06-05 07:44:57 +03:00
Andrew Dolgov c8cc845d5b when removing favicon, reset its auto-refresh timer 2020-05-22 15:06:52 +03:00
Andrew Dolgov 1f2a721905 allow overriding built-in templates via templates.local 2020-03-13 14:40:35 +03:00
Andrew Dolgov bcbc5ccc78 batchSubscribe: use validationtextarea 2020-02-28 14:03:29 +03:00
Andrew Dolgov f24ece85a6 add validationtextarea control, use it for filter match editor 2020-02-28 13:53:45 +03:00
Andrew Dolgov 8645f36c5b filter test dialog: pass contents via xhr POST 2020-02-28 12:16:54 +03:00
Andrew Dolgov 4ab3854aed don't generate default.css, replace with themes/light.css as a default root CSS file 2020-02-22 16:22:44 +03:00
Andrew Dolgov 60288f02e8 1. feedtree: show counters for marked articles if view-mode == marked
2. hide/show relevant counter nodes using css
3. cleanup some counter-related code
4. compile default css into light theme to prevent cache-related issues
2020-02-20 14:14:45 +03:00
Andrew Dolgov 5b6d9cee29 prefs layout fixes:
1. prevent layout breakage when using an authenticator which doesn't allow changing passwords
2. show explanatory messages when OTP or password changing is not available
3. allow app (API) passwords when using any auth module
2020-02-18 11:51:04 +03:00
Andrew Dolgov 6080cca9ca scrap counter cache system; rework counters to sum() booleans instead 2020-01-24 14:25:31 +03:00
Andrew Dolgov df464e3d0d update app password notice 2019-12-17 14:58:31 +03:00
Andrew Dolgov 76dd74e0d9 add a hidden tweakable which forbids changing passwords 2019-12-06 17:45:22 +03:00
Andrew Dolgov ac95ab4a65 user css dialog: allow saving and applying CSS without closing the dialog 2019-12-06 14:02:30 +03:00
Andrew Dolgov 63ce7ea705 add a plugin page warning for plugins using HOOK_FEED_FETCHED, etc 2019-11-14 07:01:45 +03:00
Andrew Dolgov f75fb6bd75 Merge branch 'master' of git.fakecake.org:tt-rss 2019-11-01 15:40:15 +03:00
Andrew Dolgov 266a805bfe line endings + remove : from headings 2019-11-01 15:40:08 +03:00
Andrew Dolgov 05dffcff6f OTP stuff: update notice wording a bit 2019-11-01 15:27:24 +03:00
Andrew Dolgov 812a6c9f16 auth_internal: fix indents 2019-11-01 15:25:40 +03:00
Andrew Dolgov 249130e58d implement app password checking / management UI 2019-11-01 15:03:57 +03:00
Andrew Dolgov 88cd9e586e add placeholder UI plumbing for app passwords 2019-11-01 12:23:11 +03:00
Andrew Dolgov 904ecc31e2 allow using OTP without GD 2019-11-01 10:32:58 +03:00
Andrew Dolgov 2820f41a4b add notification for OTP being disabled 2019-10-09 09:10:43 +03:00
Andrew Dolgov ef514bc4bd add notifications for mail and password changes
update and shorten some other message templates
2019-10-09 09:04:51 +03:00
Andrew Dolgov 12a542977e makefeedtree: properly calculate feed total amount in no-categories mode 2019-08-21 19:32:27 +03:00
Andrew Dolgov 6825aaff55 update SSL certificate wiki link 2019-08-02 08:03:20 +03:00
Andrew Dolgov e8523733b0 filter dialog: add inline regexp checker 2019-07-12 12:40:42 +03:00
Andrew Dolgov 86a014f23b add placeholder Filters.filterDlgCheckRegExp 2019-07-12 10:47:18 +03:00
Andrew Dolgov 088fcf8131 move more globals to more appropriate places
set libxml to always use internal errors
2019-06-20 08:40:02 +03:00
Andrew Dolgov 4fa9aee4e7 move several more global functions to more appropriate classes 2019-06-20 08:14:06 +03:00
Andrew Dolgov 6d746453c7 get_feeds_from_html: remove XML preamble hack
move several related helper functions to Feeds class
2019-06-20 07:51:48 +03:00
Andrew Dolgov d36b64d8a7 event log: simplify styles, prevent horizontal scrolling
sql logger: clip context length to 8kb
2019-05-31 10:31:43 +03:00
Andrew Dolgov 4b74491b8b feed tree: set placeholder feed unread value to -1 2019-05-06 09:32:08 +03:00
Michael Kuhn e38fcd6dea Fix button focus issues
This change introduces derived classes for ComboButton, DropDownButton
and Select that make sure that buttons do not remain focused after their
menus are closed. This allows using hotkeys after closing them.
2019-04-14 12:01:52 +02:00
Michael Kuhn 4a2a90c980 Fix focus issues with hotkeys
Since making use of keypress in addition to keydown, hotkeys did not
work in certain scenarios, including clicking on the feed tree expanders
or empty spaces of the toolbar.

This issue is caused by dijit.Tree and dijit.Toolbar implementing the
_KeyNavMixin, which explicitly stops propagation of keypress events.

This change contains two main fixes plus a smaller hotfix:
1. It overrides _onContainerKeydown and _onContainerKeypress for
   fox.FeedTree (which inherits from dijit.Tree).
2. It adds fox.Toolbar, which overrides _onContainerKeydown,
   _onContainerKeypress and focus. This fixes hotkeys being swallowed
   and the first focusable child receiving focus when clicking on an
   empty space of the toolbar.
3. It adds the same handling of keydown and keypress to the prefs hotkey
   handler as is done in the main hotkey handler.
2019-04-13 22:34:57 +02:00
Andrew Dolgov ed22473272 feed editor: use DEFAULT_SEARCH_LANGUAGE as a default per-feed dropdown value 2019-04-10 13:08:32 +03:00
Andrew Dolgov c936cc3a1f use DEFAULT_SEARCH_LANGUAGE to generate tsvector index if per-feed language is not specified, also use it as default value on search form for convenience 2019-04-10 13:03:26 +03:00
Andrew Dolgov 019f4578bc fix feed icon upload not working, rework form to use FormData/ajax 2019-03-14 09:08:44 +03:00
Andrew Dolgov 241d646fba batch subscribe: stop dialog from being submitted twice 2019-03-10 09:20:46 +03:00
Andrew Dolgov 19f162dbe3 css: insensitive -> text-muted 2019-03-08 10:11:57 +03:00
Andrew Dolgov 371325a899 remove feed editor private checkbox 2019-03-06 20:07:23 +03:00
Andrew Dolgov 38e01270d8 archived feeds: expire old entries (schema bump) 2019-03-06 19:06:05 +03:00
Andrew Dolgov 16a9bdc387 make_password: generate longer passwords by default, use better random function if available 2019-03-05 20:16:50 +03:00
Andrew Dolgov ef6d2b8a4e update notifications to make them more visible
cleanup some minor stuff in pref-users
2019-03-05 20:09:06 +03:00
Andrew Dolgov 1f2c769c5a editfeed: mark save button 2019-03-05 19:41:44 +03:00
Andrew Dolgov b9309b1822 filters: show inverse status in list 2019-03-05 08:52:45 +03:00
Andrew Dolgov a130da2d1a add layout hack to unify heights of plugin fieldsets 2019-02-26 15:03:33 +03:00
Andrew Dolgov 8819272db1 prefs-set -> prefs 2019-02-25 19:22:20 +03:00
Andrew Dolgov cbd119c7a3 pref-prefs: fix markup 2019-02-25 19:11:17 +03:00
Andrew Dolgov 52d77dee62 plugin list: update layout 2019-02-25 17:15:05 +03:00
Andrew Dolgov 7724aa9b7c pref-users: fix typo which stopped search from working; quote style stuff 2019-02-23 08:01:29 +03:00
fox e72243edfd Merge branch 'master' of DLange/tt-rss into master 2019-02-23 04:54:57 +00:00
Andrew Dolgov dab81ff7d0 feed editor: fix missing <section> breaking checkbox fieldsets 2019-02-22 12:19:37 +03:00
DLange a539baece2 Fix warning after icon has successfully been moved. 2019-02-22 08:53:18 +01:00
Andrew Dolgov a0636ccc90 Revert "Fix warning after icon has successfully been moved."
This reverts commit 8b73b9812d.
2019-02-22 10:50:28 +03:00
Andrew Dolgov e535a063ca Merge branch 'master' of git.tt-rss.org:fox/tt-rss 2019-02-22 10:49:06 +03:00
Andrew Dolgov 335147e572 dialogs: use semantic markup instead of dlgsec stuff
continue unifying quoting style for html strings
2019-02-22 10:48:56 +03:00
DLange 8b73b9812d Fix warning after icon has successfully been moved. 2019-02-22 07:25:09 +01:00
Andrew Dolgov 7dbf63693b prefs small update 2019-02-22 06:58:06 +03:00
Andrew Dolgov c2fa0c4416 try to organize preferences better, shorten some descriptions 2019-02-21 22:08:23 +03:00
Andrew Dolgov 4e253add8c UI: add some more info links to relevant wiki pages; minor layout updates 2019-02-21 16:21:16 +03:00
Andrew Dolgov c78425b386 feed edit dialog: add interval label 2019-02-21 14:05:40 +03:00
Andrew Dolgov 1dbfbcfae1 batchSubscribe: use common markup 2019-02-21 13:57:18 +03:00
Andrew Dolgov 4db13b8a17 simplify preference layout, remove some unnecessary css classes 2019-02-21 12:35:40 +03:00
Andrew Dolgov 3880a17e57 pref-prefs: rework personal info tab, remove ugly table markup 2019-02-20 17:21:32 +03:00
Andrew Dolgov 580f8c0883 enlarge feed title 2019-02-20 15:13:47 +03:00
Andrew Dolgov f8836ec080 search dialog fixes
pgsql: get FTS languages list from the database
2019-02-20 15:12:37 +03:00
Andrew Dolgov 063b4f535a filter rule & label dialog updates 2019-02-20 14:58:09 +03:00
Andrew Dolgov 4d9141d762 simplify dlgSec-related markup 2019-02-20 14:37:59 +03:00
Andrew Dolgov 205a75dfb9 prefs: show phpinfo on system tab 2019-02-20 08:51:48 +03:00
Andrew Dolgov c11f32ac38 center and rework some utility screens 2019-02-19 14:59:29 +03:00
Andrew Dolgov 734af3357d fix user plugins not saving properly in non-default profiles 2018-12-26 22:04:35 +03:00
Andrew Dolgov 51b069a1ee display filter tree rules as a list 2018-12-19 12:08:06 +03:00
Andrew Dolgov 5f1b39f7dc filter tree: don't crash on search, also search by filter titles 2018-12-19 09:04:04 +03:00
Andrew Dolgov 8c49689fda filter test results: remove table bloat 2018-12-14 17:44:53 +03:00
Andrew Dolgov b6a021461d add night_base so that output files would generate properly, etc 2018-12-11 21:06:02 +03:00
Andrew Dolgov be49b77b14 Revert "use codeflask for user css editor"
This reverts commit daa43e0572.
2018-12-11 20:48:17 +03:00
Andrew Dolgov 66d3dcbc7d update user css info line 2018-12-11 14:31:07 +03:00
Andrew Dolgov daa43e0572 use codeflask for user css editor 2018-12-11 14:25:41 +03:00
Andrew Dolgov 93dfdb2fcd exp: tweak headline label styles 2018-12-10 21:39:12 +03:00
Andrew Dolgov 703351c79e remove theme supports-version etc checking 2018-12-09 11:37:26 +03:00
Andrew Dolgov a68b150601 remove separate classes for various panels, unify under .panel
remove a few other unnecessary css classes/ids
2018-12-07 14:03:33 +03:00
Andrew Dolgov 4fdcc923f0 prefs: reload on user theme change 2018-12-07 10:35:46 +03:00
Andrew Dolgov 3e4326e34d add ttrss_filters2.last_triggered (bump schema version) 2018-12-06 19:37:20 +03:00
Andrew Dolgov 0b8cbc9156 remove some bitmaps and rework stuff using it to use iconfont instead 2018-12-06 15:22:52 +03:00
Andrew Dolgov 15d05e8a26 night.css: do not import default less theme statically
remove themes/default.php (not needed)
compact.css: fixes
2018-12-06 14:49:33 +03:00
Andrew Dolgov 4aa11fe78d set some alt-info buttons; fix missing default submit for create filter dialog 2018-12-06 13:04:39 +03:00
Andrew Dolgov 814e49f8f7 add icons to accordion panels in preferences
fix typo in pref-prefs closing panel tag
2018-12-06 08:56:28 +03:00
Andrew Dolgov fd10614f5d labels: unfortunately we can't rely on caption to selectively clear label_cache (because of json unicode encoding) so clean it completely if label is updated 2018-12-06 08:29:32 +03:00
Andrew Dolgov 0a41c1a6e1 update label rendering (and editor) 2018-12-06 08:26:52 +03:00
Andrew Dolgov 19e24b4fe2 force cast profile id to integer when assigning to session variable 2018-12-06 07:08:54 +03:00
Andrew Dolgov a0b1664620 prefs: change user icon 2018-12-05 21:40:46 +03:00
Andrew Dolgov cad6d1d7fd various icon updates; use new icons in feed tree 2018-12-05 20:26:27 +03:00
Andrew Dolgov 8c5c762a85 some more icon styling updates + user control panel 2018-12-05 16:58:00 +03:00
Andrew Dolgov f3e6e12d46 various minor updates re: icons 2018-12-05 16:48:29 +03:00