Andrew Dolgov
ec5687a62b
logout user: commit destroyed session
2018-10-14 22:50:45 +03:00
Andrew Dolgov
d2e1e60ecc
1. per-feed option STRIP_IMAGES should now also affect other media tags
...
2. video/audio elements were not replaced with text links properly in
low bandwidth mode
2018-09-07 09:55:43 +03:00
Andrew Dolgov
f3068c6397
send_local_file: touch() sent files to reset their expiration cooldown
2018-08-23 13:43:31 +03:00
Andrew Dolgov
02bb26a93f
rewrite_cached_urls: support video posters
2018-08-20 14:13:14 +03:00
Andrew Dolgov
a1b8651949
Revert "add (hidden) _NGINX_XACCEL_PREFIX which uses nginx X-Accel-Redirect to serve static files faster"
...
This reverts commit c5c3a0a2a8
.
2018-08-20 12:48:23 +03:00
Andrew Dolgov
2aef804f4b
split transparent rewriting of locally cached media URLs to execute after both sanitize() and HOOK_RENDER_ARTICLE to allow plugins work on original source URLs consistently
2018-08-20 12:12:32 +03:00
Andrew Dolgov
c5c3a0a2a8
add (hidden) _NGINX_XACCEL_PREFIX which uses nginx X-Accel-Redirect to serve static files faster
2018-08-20 09:14:10 +03:00
Andrew Dolgov
88adf3da1b
send_local_file: add application/octet-stream hack
...
cached_url: return original requested filename to save as
2018-08-16 12:16:51 +03:00
Andrew Dolgov
a9105e2a61
move JShrink Minifier to vendor/
2018-06-20 15:04:59 +03:00
Andrew Dolgov
68d9c412ea
fetch_file_contents: allow setting http Accept header
2018-05-25 14:25:08 +03:00
Andrew Dolgov
f0dbfedc81
increase buffersize to 16384 bytes
...
(also some trailing whitespace got clipped)
2018-05-23 10:40:28 +03:00
Alexander Yaburov
74a98a6ff2
increased CURLOPT_BUFFERSIZE from 128 to 256
2018-05-23 10:02:03 +05:00
Andrew Dolgov
b14f6d58b4
implement hard limits on downloaded data size for general fetching and cache plugins: MAX_DOWNLOAD_FILE_SIZE & MAX_CACHE_FILE_SIZE
2018-05-20 11:08:33 +03:00
foobar
2008ec4ed7
change filter rule regexp type to text
2018-04-14 14:11:29 +02:00
JustAMacUser
905ff10dc9
Allow abbr tag when sanitizing.
2018-02-27 16:06:10 +00:00
Andrew Dolgov
e7c9bc60ec
fix previous wrt if-modified-since being added to context options headers
2018-02-25 14:22:46 +03:00
Metallizzer
dd597297cb
Обновить 'include/functions.php'
...
The "Connection: close" header is added to the context_options
2018-02-25 10:03:09 +00:00
Andrew Dolgov
3d7db21602
Merge branch 'master' of git.fakecake.org:tt-rss
2018-02-12 09:37:31 +03:00
Andrew Dolgov
8babb8e75a
sanitize: disallow width and height attributes for images
2018-02-11 16:47:19 +03:00
fox
1aeb282be1
Merge branch 'save-effective-url' of JustAMacUser/tt-rss into master
2018-02-11 08:57:12 +00:00
JustAMacUser
7ae05ed790
Have fetch_file_contents() save the effective URL.
2018-02-11 07:56:28 +00:00
Andrew Dolgov
2eaf2a1f36
tag_is_valid: simplify code
2018-02-11 10:26:33 +03:00
Andrew Dolgov
7f4a404566
include: convert some spaces to tabs
2018-01-30 10:44:31 +03:00
martin scharm
32dc9ec854
undocumenting the proxy settings [see #36 ]
...
in response to https://git.tt-rss.org/git/tt-rss/pulls/36#issuecomment-119
2018-01-18 08:48:53 +01:00
martin scharm
213c01d459
some proxies require `request_fulluri` set to true [see #36 ]
...
at least polipo won't work for plain HTTP URLs (HTTPS strangely also works without `request_fulluri`..?)
see https://git.tt-rss.org/git/tt-rss/pulls/36
2018-01-17 12:28:47 +01:00
martin scharm
ea55f2e11c
Add proper support for proxies
...
There are situations where you want tt-rss to use a proxy (e.g.
because of network restrictions, or privacy concerns).
tt-rss already comes with an undocumented `_CURL_HTTP_PROXY`
variable (see eg https://binfalse.de/2015/05/06/ttrss-with-proxy/ ),
however that won't have an effect when, for example, php-curl is
not installed, see
c30f5e1811/include/functions.php (L377)
In this case it would use the `file_get_contents` with a stream
context without a proxy definition:
c30f5e1811/include/functions.php (L487)
Here I propose to properly support proxies, and I introduced a
`PROXY` variable, that is respected in both scenarios, with and
without curl installed.
2018-01-14 00:30:22 +01:00
Andrew Dolgov
9274109c19
search_to_sql: quote fallback search language
2017-12-30 16:27:05 +03:00
JustAMacUser
56c2216295
Add missing quotes to array_map.
2017-12-30 01:00:56 -05:00
Andrew Dolgov
bed2d6e054
force-cast some variables used in queries to integer
...
do not display SQL query in headlines debug mode
2017-12-17 16:24:13 +03:00
Andrew Dolgov
7651b6e2cd
sanitize: disable referrer via referrerpolicy for img elements
2017-12-13 20:07:10 +03:00
Andrew Dolgov
76fc7a2d9c
bool_to_sql_bool: for some reason PDO really likes integers for boolean columns
...
incidentally this fixes OPML filter import
2017-12-06 00:12:28 +03:00
Andrew Dolgov
c4a08e4ff0
remove mentions of deprecated.js
2017-12-05 07:09:01 +03:00
Andrew Dolgov
e6532439d6
force strip_tags() on all user input unless explicitly allowed
2017-12-03 23:35:38 +03:00
Andrew Dolgov
fa3bcfa379
queryfeedheadlines: there's no need to quote order_by/override_order
...
else: feedicon cache busting etc
2017-12-03 22:49:57 +03:00
Andrew Dolgov
7c0eb1b621
add defaultPasswordWarning nag dialog
2017-12-03 20:46:27 +03:00
Andrew Dolgov
bfebf57c5f
get_theme_path: fallback to css/default.css if default theme is selected
2017-12-03 14:17:25 +03:00
Andrew Dolgov
2cf93c046c
pref-users: fix sorting the table
2017-12-03 13:54:31 +03:00
Andrew Dolgov
8ff3cbb32e
filters: remove sql_bool_to_bool()
...
checkbox_to_sql_bool: return ints (???)
2017-12-03 09:26:11 +03:00
Andrew Dolgov
ed5cd6eae5
get_feed_access_key: param type bullshit
2017-12-03 00:25:12 +03:00
Andrew Dolgov
7d960ce7e9
auth_internal: use PDO + other fixes
2017-12-03 00:18:08 +03:00
Andrew Dolgov
4ee398a41e
Merge branch 'master' of git.fakecake.org:tt-rss into pdo-experimental
2017-12-02 23:13:49 +03:00
Andrew Dolgov
1e78803c44
search_to_sql: leftover tsquery query fix for pgsql
2017-12-02 23:11:28 +03:00
Andrew Dolgov
a2d77092fe
search_to_sql: quoting fix
2017-12-02 22:58:59 +03:00
Andrew Dolgov
0002e598f8
sql_bool_to_bool: backwards compat fix
2017-12-02 22:39:34 +03:00
Andrew Dolgov
e4befe6bf4
fix label cache being double escaped on save
...
remove some old-style escaping
2017-12-02 15:47:53 +03:00
Andrew Dolgov
ef83c69404
more boolean fixes
2017-12-02 14:13:16 +03:00
Andrew Dolgov
da9ea57d1c
checkbox to sql bool related changes, some more boolean fixes
2017-12-02 14:07:48 +03:00
Andrew Dolgov
7ccb4e91ff
boolean handling changes which probably won't break everything
2017-12-02 14:02:01 +03:00
Andrew Dolgov
c949a9282e
OPML: use PDO; minor fixes
2017-12-02 01:08:30 +03:00
Andrew Dolgov
fbe7cb0a48
rpc: switch to PDO
2017-12-01 23:49:14 +03:00