Commit Graph

12 Commits

Author SHA1 Message Date
wn_ 5606e38bff Update signature of handler 'csrf_ignore' to include types. 2021-11-12 02:01:31 +00:00
Andrew Dolgov 8d2e3c2528 drop errors.php and simplify error handling 2021-02-23 22:26:07 +03:00
Andrew Dolgov e4609c18ef * add (disabled) shortcut syntax for plugin methods
* add controls shortcut for pluginhandler tags
 * add similar shortcut for frontend
 * allow plugins to selectively exclude their methods from CSRF checking
2021-02-17 21:44:21 +03:00
Andrew Dolgov 7be1e3ed38 pluginhandler: reject method requests without CSRF 2021-02-17 15:04:39 +03:00
Andrew Dolgov d439685895 pluginhandlers: post notice if pluginmethod is requested without CSRF token 2021-02-17 14:05:12 +03:00
Andrew Dolgov 3e4701116d af_readability: add missing file 2019-08-16 15:29:24 +03:00
Andrew Dolgov e6532439d6 force strip_tags() on all user input unless explicitly allowed 2017-12-03 23:35:38 +03:00
Andrew Dolgov ea79a0e033 remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
Andrew Dolgov 27f7b59353 add a wrapper for standard error codes returned by backend, also add explanation to the error object if possible 2015-03-30 13:02:24 +03:00
Andrew Dolgov 1ffe3391f9 make pluginhost a singleton 2013-04-18 12:27:34 +04:00
Andrew Dolgov aca71915c4 pluginhandler: better error reporting 2013-03-16 12:26:14 +04:00
Andrew Dolgov 19c7350770 experimental new plugin system 2012-12-23 14:52:18 +04:00