valvin
/
ttrss
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
ttrss/include
History
Andrew Dolgov c3d14e1fa5 - fix multiple vulnerabilities in af_proxy_http 
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized
- fetch_file_contents: validate all URLs before requesting them
- validate URLs: explicitly whitelist http and https scheme, forbid everything else
- DiskCache/cached_url: only serve whitelisted content types (images, video)
- simplify filename/URL handling code, remove and consolidate some less-used functions
 		2020-09-14 19:46:52 +03:00
..
autoload.php autoloader: check if class name is namespaced before trying to split it 2018-07-18 13:25:18 +03:00
colors.php php 7.4 deprecation-related fixes 2019-12-06 07:27:22 +03:00
controls.php implement automatic night mode detection using MQL 2019-12-12 20:09:43 +03:00
db-prefs.php remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
db.php remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
errorhandler.php remove some redundant php closing tags 2017-04-26 20:24:18 +03:00
functions.php - fix multiple vulnerabilities in af_proxy_http 2020-09-14 19:46:52 +03:00
login_form.php login form: add workarounds for chrome password manager 2020-01-25 17:00:51 +03:00
sanity_check.php Update wiki and forums links in error message. 2020-07-13 09:06:59 -05:00
sanity_config.php sanity config: fix typo 2018-11-22 22:15:27 +03:00
sessions.php remove version.php and VERSION global constant, do version-related things in a slightly less ridiculous way 2019-12-18 14:27:40 +03:00