Commit Graph

126 Commits

Author SHA1 Message Date
Andrew Dolgov 70adfd4a74 * sanitize: never rewrite relative links to our own prefix
* use Config::get_self_url() instead of get_self_url_prefix() in a bunch
of places
2021-03-02 08:16:41 +03:00
Andrew Dolgov c01b6e43fd add pluginhost->get_array() shorthand 2021-02-26 15:33:59 +03:00
Andrew Dolgov 42173386b3 dirname(__FILE__) -> __DIR__ 2021-02-22 17:38:46 +03:00
Andrew Dolgov be4e7b1340 fix several issues reported by phpstan 2021-02-22 14:41:09 +03:00
Andrew Dolgov 33fff26869 reinstate HOOK_RENDER_ENCLOSURE 2021-02-22 10:00:50 +03:00
Andrew Dolgov fc0ebf0891 move bookmarklet-related methods out of public.php into the plugin 2021-02-19 20:21:36 +03:00
Andrew Dolgov e4609c18ef * add (disabled) shortcut syntax for plugin methods
* add controls shortcut for pluginhandler tags
 * add similar shortcut for frontend
 * allow plugins to selectively exclude their methods from CSRF checking
2021-02-17 21:44:21 +03:00
Andrew Dolgov 273ada7353 * implement shortcut syntax for exposed plugin methods
* move shared article rendering code to share plugin
2021-02-17 09:59:14 +03:00
Andrew Dolgov 257efb43c6 article: unify naming 2021-02-15 15:52:28 +03:00
Andrew Dolgov a5819569f2 pluginhost: a few more warnings and type hints 2021-02-09 10:20:58 +03:00
Andrew Dolgov d91eae9c7e pluginhost: add some type hints 2021-02-08 21:38:09 +03:00
Andrew Dolgov 6e57fd77af db: add type hints 2021-02-08 21:11:56 +03:00
Andrew Dolgov a14873d5b4 more hooks, also add type hint for PluginHost::getInstance() 2021-02-08 21:06:14 +03:00
Andrew Dolgov ca4c93c6b9 pluginhost: note hook function prototypes 2021-02-08 20:20:24 +03:00
Andrew Dolgov a341a838b1 pluginhost: deny hook registration to plugins which lack relevant implementation methods 2021-02-08 19:16:53 +03:00
Andrew Dolgov 3b52cea811 move some old-style handlers to new callback ones 2021-02-08 16:14:48 +03:00
Andrew Dolgov 1eb1629d9e pluginhost: rework run_hooks() to be shorter, add callback variant; implement exception handling for both 2021-02-08 14:24:45 +03:00
Andrew Dolgov 20b56b5b23 pluginhost: catch errors while loading plugin source code 2021-02-08 12:14:12 +03:00
Andrew Dolgov 4165834f80 pluginhost: catch fatal errors in plugin init 2021-02-08 12:10:25 +03:00
Andrew Dolgov c94f1b6ff8 fix some more warnings reported by phpstan 2021-02-06 17:38:24 +03:00
Andrew Dolgov 403dca154c initial WIP for php8; bump php version requirement to 7.0 2021-02-05 23:41:32 +03:00
Andrew Dolgov 25520e9784 Select... dropdown: replace dijit Select with DropDownButton, simplify layout
PluginHost: add HOOK_HEADLINE_TOOLBAR_SELECT_MENU_ITEM
Headlines.onActionChanged: removed
2021-01-17 11:27:07 +03:00
Andrew Dolgov ee4b7bebe8 pluginhost: load_data: check schema last 2021-01-15 08:35:05 +03:00
Andrew Dolgov 40f38fc87f pluginhost: load plugin data automatically (also marks load_data method as private) 2021-01-15 08:32:06 +03:00
Andrew Dolgov 6811d0bde2 use self:: in some places to invoke static methods from the same class 2020-09-22 14:54:15 +03:00
Andrew Dolgov a4525d31b2 replace FALSE with false so that static analyzer shuts up about it 2020-09-17 19:02:27 +03:00
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov ddf9227dc4 pluginhost: allow overriding default sort modes via HOOK_HEADLINES_CUSTOM_SORT_MAP etc 2020-08-13 12:23:27 +03:00
Andrew Dolgov 6573541873 * add HOOK_ENCLOSURE_IMPORTED
* pass feed id to HOOK_FEED_PARSED
2020-04-29 11:33:39 +03:00
Andrew Dolgov 208e02c47d PluginHost/save_data: use separate PDO connection to prevent issues with nested transactions 2020-03-10 08:14:00 +03:00
Andrew Dolgov d15f0349bf remove hardcoded iframe domain whitelist, make iframe script whitelisting configurable by plugins (HOOK_IFRAME_WHITELISTED) 2019-11-27 11:52:51 +03:00
jc 8fd11fd53a Add const HOOK_FEED_TREE 2019-10-07 13:46:31 +00:00
jc a243979aaf Add const HOOK_FEED_TREE 2019-10-07 13:44:57 +00:00
Andrew Dolgov 3e4701116d af_readability: add missing file 2019-08-16 15:29:24 +03:00
Andrew Dolgov 865c54abcb fix get_method_url() to use correct method parameter 2019-08-15 20:27:21 +03:00
Andrew Dolgov 10c63ed582 pluginhost: add helper methods to get private/public pluginmethod endpoint URLs 2019-08-15 20:23:45 +03:00
Andrew Dolgov 7f8946f14e pluginhost: implement priority-based system for running hooks 2019-08-15 15:34:09 +03:00
Andrew Dolgov 9d852e052c add HOOK_ARTICLE_IMAGE for Article::get_article_image() 2019-08-15 09:04:42 +03:00
Andrew Dolgov fdb6066bf6 * HOOK_ENCLOSURE_ENTRY: pass article_id to handler
* DiskCache: multiple fixes; support isWritable() for cache entries, set content-disposition for send()
* public/cached_url: allow selecting files from sub-caches other than images
* plugins/Cache_Starred_Images: rework to use DiskCache, can be enabled per-user, properly handles article enclosures, etc
2019-08-13 16:40:21 +03:00
Andrew Dolgov 6955b2e02d plugins: add HOOK_GET_FULL_TEXT which may be used to provide full text extraction to core code and other plugins, instead of trying to invoke af_readability specifically 2019-04-17 08:32:35 +03:00
Andrew Dolgov 614a4b3b4a pluginhost: remove plugin gettext helpers (moved to plugin base class) 2019-03-05 10:26:23 +03:00
Andrew Dolgov c1175070a2 add P_sprintf 2019-03-05 10:01:08 +03:00
Andrew Dolgov 72fcc81919 support per-plugin locale directories 2019-03-01 14:25:24 +03:00
Andrew Dolgov 95f63e121a note that HOOK_FORMAT_ARTICLE_CDM is dead for now 2018-12-07 18:35:50 +03:00
Andrew Dolgov a01c33d654 add HOOK_FILTER_TRIGGERED (for filter debugging) 2018-12-06 19:15:00 +03:00
Andrew Dolgov c10a43069e debug logging system rework:
* support various logging levels per-message
 * remove hacks like debug_suppress, DAEMON_EXTENDED_DEBUG, etc
 * _debug() is kept as a compatibility shim for plugins
2018-11-30 08:34:29 +03:00
Andrew Dolgov 57932e1837 remove PHPMailer and related directives from config.php-dist; add pluggable Mailer class 2018-11-22 14:45:14 +03:00
Andrew Dolgov 3a0292303e php: remove trailing whitespaces 2018-11-03 15:08:43 +03:00
Andrew Dolgov 32c0c07cc1 pluginhost: implement basic autoloader for classes bundled with plugins (uses vendor/ layout) 2018-08-07 14:36:45 +03:00
Andrew Dolgov 6fb5f17be6 pluginhost: always return an array in get_all() 2017-12-17 19:06:18 +03:00