ArthurHoaro
9ff17ae20e
Add markdown_escape setting
...
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
2017-03-04 09:38:12 +01:00
VirtualTam
74198dcdf6
Merge pull request #785 from ArthurHoaro/hotfix/markdown-html
...
Add markdown_escape setting
2017-03-04 09:29:29 +01:00
ArthurHoaro
e037610115
Add markdown_escape setting
...
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.
More info:
* the setting is set to true by default
* it is set to false for anyone who already have the plugin enabled
(avoid breaking existing entries)
* improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
* mention the setting in the plugin README
2017-02-28 19:16:54 +01:00
ArthurHoaro
5978588578
Merge pull request #754 from ArthurHoaro/webdesign2
...
New default template
2017-02-27 20:24:28 +01:00
ArthurHoaro
7dcbfde5ff
Set the vintage theme by default for the time being
2017-02-27 20:20:53 +01:00
ArthurHoaro
7040169069
Multiple minor improvements and bugfixes regarding the new templates:
...
* Add API settings in `configure.html`
* Fix textarea autoresize
* Load user.css from data folder
* Move fold/expand all button to the right and fix an issue with already folded items
* Reset datetime display to international datetime
* Temporarilly remove JS login panel (need improvement and integration with the plugin system)
* Body background is slightly lighter
* Fix an issue where thumbnails were hidden by description
* Fix an issue where private orange bar wasn't displayed with thumbnails
* Remove the gradient bar behind titles
* Fix empty bookmarklet name in Firefox
2017-02-27 20:01:54 +01:00
ArthurHoaro
430ff07102
Upgrade awesomplete + fix multiple autocompletion fields
2017-02-27 20:01:54 +01:00
ArthurHoaro
246d72e143
Fix markdown plugin color overriding
2017-02-27 20:01:54 +01:00
ArthurHoaro
147f4df843
Improve plugin_admin.js to support multiple ordered rows
2017-02-27 20:01:54 +01:00
ArthurHoaro
402b034648
Introduce the new default Shaarli template
2017-02-27 20:01:54 +01:00
ArthurHoaro
009ce93581
Move default template to vintage folder
2017-02-27 20:01:54 +01:00
ArthurHoaro
9e5a37cc7f
Merge pull request #783 from Sbgodin/spaceInBookmarklets
...
Removes spaces before bookmarklet's name
2017-02-24 12:21:49 +01:00
Christophe HENRY
b848615c52
Removes spaces before and after bookmarklet's name
...
Carriage returns turns into space in some cases. The name of the
bookmarklet, once in the browser bookmarks, is surrounded by spaces.
2017-02-22 20:01:40 +01:00
ArthurHoaro
b9eb50c099
Merge pull request #728 from ArthurHoaro/api/getLink
...
REST API: implements getLink by ID service
2017-02-19 16:48:59 +01:00
ArthurHoaro
16e3d006e9
REST API: implements getLink by ID service
...
See http://shaarli.github.io/api-documentation/#links-link-get
2017-02-19 16:45:59 +01:00
ArthurHoaro
65e56cbe49
Merge pull request #769 from ArthurHoaro/api/getlinks-visibility
...
REST API - getLinks: support the visibility parameter
2017-02-13 08:41:12 +01:00
ArthurHoaro
5f3f19f1c0
Merge pull request #776 from ArthurHoaro/hotfix/linkdb-update
...
Fixes #775 : LinkDB do not access LinkDB before ID system migration
2017-02-04 15:24:49 +01:00
ArthurHoaro
c03455af11
Fixes #775 : LinkDB do not access LinkDB before ID system migration
...
To access LinkDB items with its ArrayAccess implementation, the IDs must be consistent, which isn't the case before `updateMethodDatastoreIds()` execution. v0.6.4 method `updateMethodRenameDashTags()` was accessing it, so an upgrade <0.6.4 to >0.8.x was failing.
This just move the minor update `RenameDashTags` after the IDs update.
2017-02-04 12:01:48 +01:00
ArthurHoaro
6f566b69ba
Merge pull request #771 from ArthurHoaro/master
...
v0.8.3 version bump in master
2017-01-20 17:04:51 +01:00
ArthurHoaro
03cadbe220
Bump version to v0.8.3
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2017-01-20 16:58:47 +01:00
ArthurHoaro
90d4ed9850
Changelog v0.8.3
2017-01-20 16:58:29 +01:00
ArthurHoaro
63bddaad4b
Bump version to v0.8.3
...
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2017-01-20 16:47:36 +01:00
ArthurHoaro
faf8bdda50
Changelog v0.8.3
2017-01-20 16:44:52 +01:00
ArthurHoaro
848939b7ba
Fixes can login function call in loginform.html
...
Fixes #711
2017-01-20 16:41:33 +01:00
ArthurHoaro
c37a6f820b
REST API - getLinks: support the visibility parameter
2017-01-17 18:53:18 +01:00
ArthurHoaro
89dcbe5277
Merge pull request #768 from ArthurHoaro/feature/get-public-links
...
Update LinkFilter to be able to filter only public links
2017-01-17 09:55:25 +01:00
ArthurHoaro
679b6b40db
Merge pull request #767 from ArthurHoaro/feature/delete-tag-redirect
...
Stay on the changetag page after tag deletion
2017-01-17 09:54:25 +01:00
ArthurHoaro
078fcb56ad
Merge pull request #766 from ArthurHoaro/hotfix/deletion-redirect
...
Fix redirection after link deletion
2017-01-17 09:53:55 +01:00
ArthurHoaro
7f96d9ec21
Update LinkFilter to be able to filter only public links
...
No update regarding the UI or the API for now
Fixes #758
2017-01-16 13:57:11 +01:00
ArthurHoaro
b87442f216
Stay on the changetag page after tag deletion
...
+ fix changetag CSS alignement
relates to #756
2017-01-16 13:16:03 +01:00
ArthurHoaro
95e5add4be
Fix redirection after link deletion
...
relates to #756
2017-01-16 13:07:53 +01:00
ArthurHoaro
d029cf67f8
Merge pull request #765 from ArthurHoaro/master
...
Cherry-pick version bump from v0.8 branch
2017-01-16 12:57:56 +01:00
ArthurHoaro
ae7f6b9d09
Bump version to v0.8.2
2017-01-16 12:53:08 +01:00
ArthurHoaro
fcb0d86b90
v0.8.2 Changelog
2017-01-16 12:52:56 +01:00
ArthurHoaro
4d9fd16ddf
Merge pull request #761 from ArthurHoaro/hotfix/referrer-warning
...
Prevent warning if HTTP_REFERER isn't set
2017-01-16 12:40:00 +01:00
ArthurHoaro
514185e14b
Merge pull request #760 from ArthurHoaro/plugins/addlink-css-404
...
Remove CSS call for addlink toolbar plugin
2017-01-16 12:39:24 +01:00
ArthurHoaro
d7d240f136
Merge pull request #759 from ArthurHoaro/hotfix/dup-tags
...
Prevent tag duplicate when renaming
2017-01-16 12:39:01 +01:00
VirtualTam
36dcf997e4
Update Changelog
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-16 11:35:59 +01:00
VirtualTam
3947bbb043
Bump expected minimal PHP version to 5.5
...
Relates to https://github.com/shaarli/Shaarli/issues/599
Relates to db6b09b69ee265a7d775924fcff9c61aaaabf1cb
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-16 11:35:46 +01:00
ArthurHoaro
8bbf02e0db
Prevent warning if HTTP_REFERER isn't set
...
Fixes #723
2017-01-15 17:58:19 +01:00
ArthurHoaro
053673cb71
Remove CSS call for addlink toolbar plugin
...
Fixes #724
2017-01-15 17:50:16 +01:00
ArthurHoaro
d6327389fc
Prevent tag duplicate when renaming
...
Fixes #757
2017-01-15 17:46:24 +01:00
ArthurHoaro
9977c418d6
Merge pull request #727 from ArthurHoaro/api/getlinks
...
REST API: implement getLinks service
2017-01-15 16:49:50 +01:00
ArthurHoaro
5fbab3edb3
Merge pull request #746 from ArthurHoaro/hotfix/delete-button
...
Fix delete button in editlink
2017-01-15 14:01:47 +01:00
ArthurHoaro
c3b00963fe
REST API: implement getLinks service
...
See http://shaarli.github.io/api-documentation/#links-links-collection-get
2017-01-15 13:55:22 +01:00
VirtualTam
63ef549749
API: expect JWT in the Authorization header
...
Relates to https://github.com/shaarli/Shaarli/pull/731
Added:
- require the presence of the 'Authorization' header
Changed:
- use the HTTP Bearer Token authorization schema
See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-15 13:41:04 +01:00
ArthurHoaro
37ab940599
Merge pull request #753 from ArthurHoaro/usercss
...
Move user.css to data folder
2017-01-14 17:56:28 +01:00
ArthurHoaro
7282418baa
Move user.css to data folder
2017-01-14 16:43:32 +01:00
VirtualTam
3ee5c69777
Add an AUTHORS file, simplify COPYING, bump year to 2017
...
Added:
- AUTHORS file listing Shaarli contributors
- mailmap information to group a Git author's different aliases
- Makefile target to list contributors from Git commit data
Changed:
- Simplify COPYING by using a single "Shaarli Community" entry
- Bump year to 2017
See:
- man git-shortlog
- https://www.kernel.org/pub/software/scm/git/docs/git-shortlog.html#_mapping_authors
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-07 14:49:39 +01:00
VirtualTam
ee6f4b64a9
Cleanup: use safe boolean comparisons
...
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-07 14:37:40 +01:00