Commit Graph

8428 Commits

Author SHA1 Message Date
Andrew Dolgov 829d478f1b add some protection against opener attacks if external site is opened via window.open() 2017-02-08 15:07:05 +03:00
Andrew Dolgov 23c8ef7e36 parse_counters: skip subscribed-feeds id properly 2017-02-04 14:50:50 +03:00
Andrew Dolgov 9c7ebaa08c cached_image: remove unnecessary basename() 2017-02-04 12:02:17 +03:00
Andrew Dolgov 6358d70d5e reset local counter cache when feed count changes 2017-02-04 11:57:31 +03:00
Andrew Dolgov 5edd605ae1 image cache: do not try to cache data: schema urls; add caching of html5 video content (similar to cache_starred_images plugin) 2017-02-04 11:50:01 +03:00
Andrew Dolgov 0442cbb6c1 image cache: send files as content-disposition: attachment; add .png suffix to image urls 2017-02-04 11:32:24 +03:00
Andrew Dolgov 60e97d9e63 af_redditimgur: inline streamable.com videos 2017-01-29 14:36:37 +03:00
Andrew Dolgov f45a1152bb af_readability: force utf8 preamble on html document load. no idea why but it seems to work better even for not-unicode sites. 2017-01-28 14:24:48 +03:00
Andrew Dolgov 24c7e4132d subscribe dialog: do not report errors via alert()
fetch_file_contents: reset all globals on start, return error message body when not using curl
subscribe_to_feed: report if cloudflare is in the error message
2017-01-28 12:45:49 +03:00
Andrew Dolgov 80fbc1fdc4 compact.css: remove version tag 2017-01-26 22:43:57 +03:00
Andrew Dolgov 181c8285dd add compact theme with smaller font 2017-01-26 22:41:18 +03:00
Andrew Dolgov 22387de225 preferences: set themes dropdown to default if selected theme is missing 2017-01-26 22:37:22 +03:00
Andrew Dolgov 7d9aac9afa remove default.css 2017-01-25 12:18:15 +03:00
Andrew Dolgov e432b8fbe2 implement cache-busting for default theme.css
night theme: small fixes
2017-01-25 12:17:41 +03:00
Andrew Dolgov 7c04f8afeb increase content font size by 1px 2017-01-25 11:22:53 +03:00
Andrew Dolgov 553ec3c351 pass article guid to hook_render_article 2017-01-25 08:50:42 +03:00
Andrew Dolgov e304c1473b Merge branch 'fix-sanitize-dfn' into 'master'
sanitize: allow <dfn> tag

### In brief
* Add `<dfn>` tag to allowed tags list
  * `<dfn>` represents the defining instance of a term in HTML
  * More [information about `<dfn>` on the w3school's website](http://www.w3schools.com/tags/tag_dfn.asp )

### Example
This stops article content such as...
```
Indian tea harvests are divided up by <dfn>flush</dfn>.
```
...from getting turned into...
```
Indian tea harvests are divided up by .
```

See merge request !45
2017-01-25 08:43:50 +03:00
Shane Synan 311cdb27f4 sanitize: allow dfn tag
Add <dfn> tag to allowed tags list.  <dfn> represents the defining
instance of a term in HTML.
2017-01-24 18:39:17 -06:00
Andrew Dolgov e3cdbd87bc Merge branch 'more-af-comics' into 'master'
Support hyphens in GoComics URLs.



See merge request !44
2017-01-24 23:08:21 +03:00
JustAMacUser 051737e931 Support hyphens in GoComics URLs. 2017-01-24 15:06:46 -05:00
Andrew Dolgov 3b001e4330 support rel=noopener for links 2017-01-24 18:45:25 +03:00
Andrew Dolgov e934d63e0c fetch_file_contents: rework the way shim works to prevent intermittent warnings 2017-01-24 15:11:13 +03:00
Andrew Dolgov 67268b0017 sanitize: allow acronym tag 2017-01-24 11:36:43 +03:00
Andrew Dolgov d2c3e846c4 add some vertical space to diijt menu items 2017-01-23 19:21:25 +03:00
Andrew Dolgov cb3f877303 reference pubsubhubbub classes using their namespace 2017-01-23 08:20:46 +03:00
Andrew Dolgov 141df0c4cf Merge branch 'af-comics-ui' into 'master'
Added feed URL instructions for GoComics.

GoComics feed URL syntax now included on existing Prefs page for af_comics plugin.

See merge request !43
2017-01-22 21:57:31 +03:00
JustAMacUser a25c3c2998 Added feed URL instructions for GoComics. 2017-01-22 13:52:25 -05:00
Andrew Dolgov ad326dbf78 unpackVisibleHeadlines: do not iterate over all RROWs all the time 2017-01-22 20:57:16 +03:00
Andrew Dolgov 70c5b2bfcc feed tree: only run animation for appearing unread counters to prevent clashes with aux counter updating and animations ending up in wrong state 2017-01-22 20:20:35 +03:00
Andrew Dolgov 3bc1b53772 initHeadlinesMenu: remove unneeded output 2017-01-22 19:58:17 +03:00
Andrew Dolgov 974c6eb523 attach headline menu objects to correct DOM nodes in combined mode 2017-01-22 19:57:16 +03:00
Andrew Dolgov d5f74019ac parse_counters: cache previous reply and skip processing of unchanged rows (better implementation) 2017-01-22 19:38:07 +03:00
Andrew Dolgov a4e04c498f parse_counters: cache previous reply and skip processing of unchanged rows 2017-01-22 19:29:14 +03:00
Andrew Dolgov e1f7b05b52 reuse menu objects while appending headline rows 2017-01-22 19:20:23 +03:00
Andrew Dolgov b1a80693b1 collapse_feedlist: also toggle splitter 2017-01-22 17:46:11 +03:00
Andrew Dolgov a86255572a bump VERSION_STATIC due to Dojo changes 2017-01-22 13:55:36 +03:00
Andrew Dolgov 6f84bf7b0a dojoConfig: use cacheBust 2017-01-22 13:43:32 +03:00
Andrew Dolgov 24a82359b2 feedtree: fix for long feed titles making counters invisible 2017-01-22 13:21:41 +03:00
Andrew Dolgov fa287f6b11 Merge branch 'af-comics-gocomics-feed' into 'master'
Update af_comics plugin to support GoComics.

Updates the af_comics plugin to support new GoComics site, which dropped native RSS feeds.

See merge request !42
2017-01-22 11:03:45 +03:00
Andrew Dolgov 4441fc6f3b Merge branch 'master' of git.tt-rss.org:fox/tt-rss 2017-01-22 10:19:11 +03:00
Andrew Dolgov 967f0619c7 force ngettext() count argument type to string 2017-01-22 10:18:43 +03:00
JustAMacUser 5800d3d505 Update af_comics to handle new GoComics site. 2017-01-22 02:14:02 -05:00
JustAMacUser fabfb9fc2a Added support to fetch_file_contents() to explicitly set CURLOPT_FOLLOWLOCATION. 2017-01-22 02:12:09 -05:00
Andrew Dolgov 7262c1726f Merge branch 'settimeout-strings' into 'master'
Replace all setTimeout strings with functions

This fixes a cross-site scripting vulnerability.

See merge request !41
2017-01-22 09:47:20 +03:00
Anders Kaseorg 88946d331a Replace all setTimeout strings with functions
This fixes a cross-site scripting vulnerability.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2017-01-21 16:52:27 -05:00
Andrew Dolgov 0047f2578f Merge branch 'lib-upgrades' into 'master'
Third-party library upgrades

* lib: Upgrade php-gettext from 1.0.11 to 1.0.12
* lib: Upgrade accept-to-gettext.php from 2003-08-14 to 2007-04-01
* lib: Upgrade JShrink from 0.5.1 to 1.1.0
* lib: Upgrade mobile-detect from svn r44 (2012-05-03) to 2.8.24 (2016-11-11)
* lib: Upgrade php-publisher from ??? to a5d6a0e (2016-11-15)
* lib: Upgrade php-subscriber from ??? to 1213f89 (2016-11-15)
* lib: Upgrade script.aculo.us from 1.8.3 to 1.9.0
* lib: Upgrade timezones.txt from 2010k/l/m/n/2011a to 2016j

See merge request !40
2017-01-21 23:06:35 +03:00
Andrew Dolgov 6be7fe00ae Merge branch 'prototype-1.7.3' into 'master'
lib: Upgrade Prototype from 1.7 to 1.7.3

Are you sure you want these as separate merge requests?  The rest of the upgrades are much less invasive than Dojo, with essentially no changes outside of `lib`.  I would of course leave them as separate commits in any case, but I had assumed they would be more convenient to test in one batch.

See merge request !39
2017-01-21 23:02:22 +03:00
Anders Kaseorg 566e8574fb lib: Upgrade timezones.txt from 2010k/l/m/n/2011a to 2016j
https://www.iana.org/time-zones

The local change adding Automatic was preserved; the local change
removing Zulu was not.

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2017-01-21 15:01:14 -05:00
Anders Kaseorg 4ad37eda21 lib: Upgrade script.aculo.us from 1.8.3 to 1.9.0
https://script.aculo.us/

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2017-01-21 15:01:14 -05:00
Anders Kaseorg becd215a75 lib: Upgrade php-subscriber from ??? to 1213f89 (2016-11-15)
https://github.com/pubsubhubbub/php-subscriber

Signed-off-by: Anders Kaseorg <andersk@mit.edu>
2017-01-21 15:01:14 -05:00