Commit graph

13 commits

Author SHA1 Message Date
ArthurHoaro
72fbbcd679 Security: fix multiple XSS vulnerabilities + fix search tags with special chars
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.

Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
2020-10-06 17:30:18 +02:00
ArthurHoaro
818b3193ff Explicitly define base and asset path in templates
With the new routes, all pages are not all at the same folder level anymore
(e.g. /shaare and /shaare/123), so we can't just use './' everywhere.
The most consistent way to handle this is to prefix all path with the proper variable,
and handle the actual path in controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
3772298ee7 Few optimizations and code readability for tag cloud controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
c266a89d0f Process tag cloud page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
03340c18ea Slim router: handle add tag route 2020-07-23 21:19:21 +02:00
Kevin Masson
82e7b56f29 Add autofocus on tag cloud filter input
Fix #1413
2020-02-10 13:53:44 +01:00
Luce Carević
d1bcf28db3 fix a11y 2019-07-13 18:56:43 +02:00
ArthurHoaro
cb974e4747 Accessibility: specify the HTML lang attribute
The lang is based on the user defined one. If the language is automatic, no language will be specified.

Fixes #1216
2019-02-09 14:29:35 +01:00
ArthurHoaro
9d0fc86250 Add classes to default template to avoid using IDs in SCSS 2018-05-10 13:26:11 +02:00
ArthurHoaro
055ce4bd19 Fix alignement and better clarity for 'List all links with those tags' button
Fix CSS class typo and display the link as a button

Fixes #999
2017-11-08 19:21:00 +01:00
ArthurHoaro
d14555a3df Fix security issue reported by @chbi
Vulnerability introduced by 6ccd0b218f - release with Shaarli v0.9.1.
2017-10-07 11:27:44 +02:00
Lucas Cimon
49cc8e5d74 Tagcloud/list improvments 2017-06-09 10:58:12 +02:00
ArthurHoaro
5893529cf4 Move tagcloud template file to tag.cloud 2017-05-25 15:05:24 +02:00
Renamed from tpl/default/tagcloud.html (Browse further)