Knah Tsaeb
3c20b1071e
[upd] clean up id and proper css in paging template
2015-07-03 14:32:04 +02:00
Knah Tsaeb
0b7c7fc069
[add] new theme and adapte linklist template
2015-07-03 13:48:53 +02:00
Knah Tsaeb
88f2ebadca
[upd] refactor login form
2015-07-03 10:22:39 +02:00
Knah Tsaeb
62c55f9c8c
[upd] replace js focus by html5 autofocus
2015-07-03 10:08:37 +02:00
Knah Tsaeb
c5eeb78c3c
[chg] cleanup html structure
2015-07-03 10:02:58 +02:00
Knah Tsaeb
8afd5016af
[chg] remove language="JavaScript"
2015-07-03 09:50:53 +02:00
Knah Tsaeb
799c92d786
[add] new configuration page
...
[fix] disable thumbnails keep left space in myShaarli theme
2015-07-01 12:20:41 +02:00
Knah Tsaeb
d541bf3514
[chg] better html structure
2015-06-29 15:19:32 +02:00
Knah Tsaeb
a044da320e
[fix] forgot includes.html
2015-06-29 14:51:09 +02:00
Knah Tsaeb
ff50f9c69e
[chg] start proper fork of original Shaarli
2015-06-26 17:29:17 +02:00
Knah Tsaeb
9047fb2fd5
[chg] remove javascript autofocus prefer html5
2015-06-26 15:33:17 +02:00
Knah Tsaeb
1f28497fff
[add] option for define contact link
2015-06-26 15:23:10 +02:00
Knah Tsaeb
cd635a0857
[add] Firefox social API by Marsup d33c5d4c3b
2015-06-26 14:41:36 +02:00
Knah Tsaeb
5bc8d56ae8
[fix] small fix
2015-06-26 12:23:23 +02:00
Knah Tsaeb
75d92a11f6
[fix] duplicate id paging_current in paging
2015-05-20 12:30:54 +02:00
Knah Tsaeb
b69f64e3fa
[add] option for post original article to wallabag (nodiscc plugin)
2015-05-20 12:23:02 +02:00
Knah Tsaeb
3737a64ff3
[chg] change rename/delete tag form
2015-05-20 10:40:51 +02:00
Knah Tsaeb
2e05b32a32
[add] markdown documentation
...
[upd] better css and semantic for edit/add form
2015-05-13 12:07:03 +02:00
Qwerty
83a86d2d39
Add Archive.org integration
...
* adds an "archive" link next to permalinks, linking to the last version of the page on archive.org
2015-05-05 15:56:17 +02:00
ArthurHoaro
1687756741
shaarli/Shaarli#34 : Make update check optional
...
* Add a check box at installation (checked by default)
* Add a check box in configuration page
2015-05-05 15:36:46 +02:00
Knah Tsaeb
27c05d1885
[upd] fix all div width
2015-05-05 15:10:32 +02:00
Knah Tsaeb
a90f15a5c2
[upd] css search form
2015-05-05 14:34:29 +02:00
nodiscc
e76cb042fa
tools dialog: add a 'Add Note' bookmarklet to immediatly open a note (text post) compose window
...
* Fixes https://github.com/shaarli/Shaarli/issues/142
* Fixes https://github.com/sebsauvage/Shaarli/issues/59
2015-05-05 12:02:03 +02:00
Knah Tsaeb
f0bec991d0
Merge branch 'favicon' into myShaarli
...
Conflicts:
index.php
2015-01-30 09:37:52 +01:00
Knah Tsaeb
268682859a
[add] show favicon of site
...
[add] fetch and cache favicon
2015-01-29 16:59:59 +01:00
Knah Tsaeb
7a8068a787
[upd] update input label via
2013-11-21 17:10:47 +01:00
Knah Tsaeb
06d803e78e
[upd] change via message (@via to Origine =>)
...
[fix] via field for atom
2013-11-21 16:50:48 +01:00
Knah Tsaeb
55ade1a969
Fix bad merge
2013-09-27 10:02:20 +02:00
Knah Tsaeb
6cb22b63c5
Merge branch 'master' into myShaarli
...
Conflicts:
tpl/page.header.html
tpl/picwall.html
tpl/tagcloud.html
2013-09-27 09:53:07 +02:00
Knah Tsaeb
6f5933d23f
Sync with SebSauvage repo
2013-09-27 09:38:01 +02:00
Knah Tsaeb
7e929771eb
[upd] link to homepage
2013-09-09 10:44:42 +02:00
Knah Tsaeb
ba36c44c5c
[add] link to contact page
2013-09-09 10:42:27 +02:00
Knah Tsaeb
12e74779c4
[fix] small bug (bad empty test)
2013-05-03 10:44:24 +02:00
Knah Tsaeb
c2d24b7827
[add] via input
2013-04-30 16:20:54 +02:00
Christophe HENRY
1db7867707
typo
2013-03-29 17:04:15 +01:00
Christophe HENRY
6888cc6f90
Adds a configuration variable "titleLink" which allows to customize the
...
link on the title.
Conflicts:
tpl/page.header.html
2013-03-29 16:56:24 +01:00
Knah Tsaeb
01f59ddf63
Change the tagcloud generation for better variaous size.
2013-03-29 15:51:56 +01:00
Knah Tsaeb
4c02d06d57
Merge remote-tracking branch 'master/master' into myShaarli
2013-03-29 15:48:58 +01:00
Knah Tsaeb
9550bfe181
Move inline CSS style to shaarli.css
2013-03-29 15:37:44 +01:00
Knah Tsaeb
dc420191df
Move inline CSS style to shaarli.css
2013-03-29 15:21:32 +01:00
Knah Tsaeb
e4501035c3
Merge remote-tracking branch 'origin/master' into myShaarli
2013-03-21 10:57:51 +01:00
Knah Tsaeb
c98a5f2205
Create a personal themes for Shaarli.
2013-03-20 12:31:27 +01:00
Sébastien SAUVAGE
99954e1290
Merge pull request #43 from dsferruzza/highlight-search-results
...
Highlight search results
2013-03-11 02:11:47 -07:00
David Sferruzza
f2acdfd14e
Move lazyload init inside the body tag
2013-03-10 19:04:48 +01:00
David Sferruzza
9da4953190
Avoid highlighting paging stuff
2013-03-10 18:26:16 +01:00
David Sferruzza
1b647ff409
Highlight search results (issue #4 )
...
Uses http://bartaz.github.com/sandbox.js/jquery.highlight.html
2013-03-10 18:24:05 +01:00
Knah Tsaeb
bb8f712db6
[add] https://github.com/sebsauvage/Shaarli/issues/20 New links created as private by default.
2013-03-04 10:18:39 +01:00
Sebastien SAUVAGE
feebc6d466
Corrected vulnerabilities (see report below)
...
Title : Shaarli Vulnerabilities
Author : @erwan_lr | @_WPScan_
Vendor : http://sebsauvage.net/wiki/doku.php?id=php:shaarli
Download : https://github.com/sebsauvage/Shaarli/archive/master.zip |
http://sebsauvage.net/files/shaarli_0.0.40beta.zip
Affected versions : master-705F835, 0.0.40-beta (versions below may also
be vulnerable)
Vulnerabilities : Persistent XSS & Unvalidated Redirects and Forwards
Persistent XSS :
- During the instalation or configuration modification, the title field
is vulnerable. e.g <script>alert(1)</script>
Quotes can not be used because of var_export(), but String.fromCharCode
works
- The url field of a link is vulnerable :
When there is no redirector : javascript:alert(1)
Then, the code is triggered when a user click the url of a link
Or with a classic XSS : "><script>alert(1)</script>
Unvalidated Redirects and Forwards :
A request with the param linksperpage or privateonly can be used to
redirect a user to an arbitrary referer
e.g
GET /Audit/Shaarli/master-705f835/?linksperpage=10 HTTP/1.1
Host: 127.0.0.1
Referer: https://duckduckgo.com
History :
March 2, 2013
- Vendor contacted
2013-03-03 22:15:38 +01:00
Sebastien SAUVAGE
858c5c2b43
Added option to disable jQuery and heavy javascript
...
Shaarli uses light Javascript in its normal operation, and some jQuery
for some features (autocomplete in tags, QR-Code popup...).
jQuery can be slow on small computers. An option has been added in
configuration screen to disable javascript features which are hard on
CPU.
(Note that the Picture Wall is awfully heavy *without* jQuery.)
(Side note: A *LOT* of users want Shaarli to work without javasript at
all, if possible. That's why I try to use as few javascript as possible:
It keeps Shaarli pages fast.)
2013-03-01 22:21:10 +01:00
Sébastien SAUVAGE
b342b2a4c7
After clicking save/cancel on a link, scroll to the link itself.
2013-02-27 18:24:07 +01:00