Commit Graph

11 Commits

Author SHA1 Message Date
Andrew Dolgov 949e2ab4d2 properly sanitize video poster attribute 2021-09-24 08:40:06 +03:00
Andrew Dolgov e9c062a189 UrlHelper::rewrite_relative():
- support invoking specifying owner URL element/attribute
 - restrict mailto/magnet/tel schemes for A href
 - allow some data: base64 image types for IMG src

Sanitizer::sanitize():

 - when checking href and src attributes, pass element tagname and attribute to rewrite_relative()
2021-06-18 11:20:57 +03:00
Andrew Dolgov 70adfd4a74 * sanitize: never rewrite relative links to our own prefix
* use Config::get_self_url() instead of get_self_url_prefix() in a bunch
of places
2021-03-02 08:16:41 +03:00
Andrew Dolgov 7ef72fe0dc move startup checks to Config, set a bunch of @deprecated annotations 2021-03-01 10:20:21 +03:00
Andrew Dolgov c96172fa04 use constants in get_pref()/set_pref() 2021-02-25 14:49:58 +03:00
Andrew Dolgov 3b52cea811 move some old-style handlers to new callback ones 2021-02-08 16:14:48 +03:00
Andrew Dolgov b6e1a5c91a fix several warnings reported by phpstan 2021-02-06 17:19:07 +03:00
Andrew Dolgov 10392ecc28 event log: add pagination 2021-02-06 10:10:54 +03:00
Andrew Dolgov 9fdeb58fd3 check a few more php8 warnings 2021-02-06 09:51:28 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov 74568df4ff remove a lot of stuff from global context (functions.php), add a few helper classes instead 2020-09-22 09:04:33 +03:00