Commit Graph

183 Commits

Author SHA1 Message Date
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
2020-09-14 19:46:52 +03:00
Andrew Dolgov d01ad09800 eslint-related fixes; move a few things from global context to App 2020-06-05 07:44:57 +03:00
Andrew Dolgov c8cc845d5b when removing favicon, reset its auto-refresh timer 2020-05-22 15:06:52 +03:00
Andrew Dolgov bcbc5ccc78 batchSubscribe: use validationtextarea 2020-02-28 14:03:29 +03:00
Andrew Dolgov 60288f02e8 1. feedtree: show counters for marked articles if view-mode == marked
2. hide/show relevant counter nodes using css
3. cleanup some counter-related code
4. compile default css into light theme to prevent cache-related issues
2020-02-20 14:14:45 +03:00
Andrew Dolgov 6080cca9ca scrap counter cache system; rework counters to sum() booleans instead 2020-01-24 14:25:31 +03:00
Andrew Dolgov 12a542977e makefeedtree: properly calculate feed total amount in no-categories mode 2019-08-21 19:32:27 +03:00
Andrew Dolgov 4fa9aee4e7 move several more global functions to more appropriate classes 2019-06-20 08:14:06 +03:00
Andrew Dolgov 6d746453c7 get_feeds_from_html: remove XML preamble hack
move several related helper functions to Feeds class
2019-06-20 07:51:48 +03:00
Andrew Dolgov 4b74491b8b feed tree: set placeholder feed unread value to -1 2019-05-06 09:32:08 +03:00
Michael Kuhn e38fcd6dea Fix button focus issues
This change introduces derived classes for ComboButton, DropDownButton
and Select that make sure that buttons do not remain focused after their
menus are closed. This allows using hotkeys after closing them.
2019-04-14 12:01:52 +02:00
Michael Kuhn 4a2a90c980 Fix focus issues with hotkeys
Since making use of keypress in addition to keydown, hotkeys did not
work in certain scenarios, including clicking on the feed tree expanders
or empty spaces of the toolbar.

This issue is caused by dijit.Tree and dijit.Toolbar implementing the
_KeyNavMixin, which explicitly stops propagation of keypress events.

This change contains two main fixes plus a smaller hotfix:
1. It overrides _onContainerKeydown and _onContainerKeypress for
   fox.FeedTree (which inherits from dijit.Tree).
2. It adds fox.Toolbar, which overrides _onContainerKeydown,
   _onContainerKeypress and focus. This fixes hotkeys being swallowed
   and the first focusable child receiving focus when clicking on an
   empty space of the toolbar.
3. It adds the same handling of keydown and keypress to the prefs hotkey
   handler as is done in the main hotkey handler.
2019-04-13 22:34:57 +02:00
Andrew Dolgov ed22473272 feed editor: use DEFAULT_SEARCH_LANGUAGE as a default per-feed dropdown value 2019-04-10 13:08:32 +03:00
Andrew Dolgov 019f4578bc fix feed icon upload not working, rework form to use FormData/ajax 2019-03-14 09:08:44 +03:00
Andrew Dolgov 241d646fba batch subscribe: stop dialog from being submitted twice 2019-03-10 09:20:46 +03:00
Andrew Dolgov 19f162dbe3 css: insensitive -> text-muted 2019-03-08 10:11:57 +03:00
Andrew Dolgov 371325a899 remove feed editor private checkbox 2019-03-06 20:07:23 +03:00
Andrew Dolgov 38e01270d8 archived feeds: expire old entries (schema bump) 2019-03-06 19:06:05 +03:00
Andrew Dolgov 1f2c769c5a editfeed: mark save button 2019-03-05 19:41:44 +03:00
fox e72243edfd Merge branch 'master' of DLange/tt-rss into master 2019-02-23 04:54:57 +00:00
Andrew Dolgov dab81ff7d0 feed editor: fix missing <section> breaking checkbox fieldsets 2019-02-22 12:19:37 +03:00
DLange a539baece2 Fix warning after icon has successfully been moved. 2019-02-22 08:53:18 +01:00
Andrew Dolgov a0636ccc90 Revert "Fix warning after icon has successfully been moved."
This reverts commit 8b73b9812d.
2019-02-22 10:50:28 +03:00
Andrew Dolgov e535a063ca Merge branch 'master' of git.tt-rss.org:fox/tt-rss 2019-02-22 10:49:06 +03:00
Andrew Dolgov 335147e572 dialogs: use semantic markup instead of dlgsec stuff
continue unifying quoting style for html strings
2019-02-22 10:48:56 +03:00
DLange 8b73b9812d Fix warning after icon has successfully been moved. 2019-02-22 07:25:09 +01:00
Andrew Dolgov 4e253add8c UI: add some more info links to relevant wiki pages; minor layout updates 2019-02-21 16:21:16 +03:00
Andrew Dolgov c78425b386 feed edit dialog: add interval label 2019-02-21 14:05:40 +03:00
Andrew Dolgov 1dbfbcfae1 batchSubscribe: use common markup 2019-02-21 13:57:18 +03:00
Andrew Dolgov 580f8c0883 enlarge feed title 2019-02-20 15:13:47 +03:00
Andrew Dolgov f8836ec080 search dialog fixes
pgsql: get FTS languages list from the database
2019-02-20 15:12:37 +03:00
Andrew Dolgov 4d9141d762 simplify dlgSec-related markup 2019-02-20 14:37:59 +03:00
Andrew Dolgov a68b150601 remove separate classes for various panels, unify under .panel
remove a few other unnecessary css classes/ids
2018-12-07 14:03:33 +03:00
Andrew Dolgov 0b8cbc9156 remove some bitmaps and rework stuff using it to use iconfont instead 2018-12-06 15:22:52 +03:00
Andrew Dolgov 814e49f8f7 add icons to accordion panels in preferences
fix typo in pref-prefs closing panel tag
2018-12-06 08:56:28 +03:00
Andrew Dolgov 6befff30d7 updates for flat theme (mostly disable old dijit overrides) 2018-12-04 19:03:42 +03:00
Andrew Dolgov 31e79317b3 normalize various font sizes and families between prefs & main UI
change some dialogs layout a bit to maybe become more readable
2018-12-04 15:22:22 +03:00
Andrew Dolgov 4d4034091a prefs: Prefs global -> Helpers 2018-12-03 12:46:00 +03:00
Andrew Dolgov b3bc638a9f refactor OPML export/import code to be less horrible 2018-12-03 12:26:49 +03:00
Andrew Dolgov 5ead558e43 move Utils to AppBase where it belongs 2018-12-02 22:08:18 +03:00
Andrew Dolgov eeb49d375c uploadIconHandler -> CommonDialogs 2018-12-02 20:57:51 +03:00
Andrew Dolgov d9c5c93cef move some more stuff out of common.js
rework client-side cookie functions a bit
limit dojo cachebust based on server scripts modification time
remove param_escape()
2018-12-02 20:07:57 +03:00
Andrew Dolgov b9869dbc01 prefs: remove some more stuff from global context (user management, etc) 2018-12-02 16:17:36 +03:00
Andrew Dolgov 58e54282d3 prefs: move more global functions into matching classes 2018-12-02 15:30:07 +03:00
Andrew Dolgov f26d404890 prefs: move other tree-related functions to respective trees 2018-12-02 12:03:28 +03:00
Andrew Dolgov 60cd467694 embed some pref-feed helper functions into the tree 2018-12-02 11:50:53 +03:00
Andrew Dolgov e23b6e397d prefs: store active tab for reload, remove most old table row functions 2018-12-02 11:25:32 +03:00
Andrew Dolgov 874560db54 remove obsolete row selection functions
move getUrlParam() to Utils
2018-12-02 10:33:58 +03:00
Andrew Dolgov 0a18d0b1ed Feeds: shorten some method names
finally rename "view as rss"
2018-12-02 08:57:22 +03:00
Andrew Dolgov 1e2d4410d3 move some more shared stuff to CommonDialogs, Filters, and Utils 2018-12-01 22:39:29 +03:00