Commit graph

18 commits

Author SHA1 Message Date
ArthurHoaro
3cb4e8a44c Improve Manage tags page
Fixes #1125
2020-10-16 20:03:25 +02:00
ArthurHoaro
72fbbcd679 Security: fix multiple XSS vulnerabilities + fix search tags with special chars
XSS vulnerabilities fixed in editlink, linklist, tag.cloud and tag.list.

Also fixed tag search with special characters: urlencode function needs to be applied on raw data, before espaping, otherwise the rendered URL is wrong.
2020-10-06 17:30:18 +02:00
ArthurHoaro
9192a48be3 Fix ESLint after dependency upgrade 2020-09-22 18:14:18 +02:00
ArthurHoaro
cd10bc23e7 Export: refresh CRSF token after submit
This allow users to submit the form multiple times, because there is no actual browser redirection to the page.

Fixes #1532
2020-09-01 11:01:21 +02:00
ArthurHoaro
301c7ab1a0 Better support for notes permalink 2020-07-28 20:46:11 +02:00
ArthurHoaro
764d34a7d3 Process token retrieve through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
7b8a6f2858 Process change visibility action through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
9c75f87793 Use multi-level routes for existing controllers instead of 1 level everywhere
Also prefix most admin routes with /admin/
2020-07-23 21:19:21 +02:00
ArthurHoaro
818b3193ff Explicitly define base and asset path in templates
With the new routes, all pages are not all at the same folder level anymore
(e.g. /shaare and /shaare/123), so we can't just use './' everywhere.
The most consistent way to handle this is to prefix all path with the proper variable,
and handle the actual path in controllers.
2020-07-23 21:19:21 +02:00
ArthurHoaro
8eac2e5488 Process manage tags page through Slim controller 2020-07-23 21:19:21 +02:00
ArthurHoaro
bee33239ed Fix all relative link to work with new URL 2020-07-23 21:19:21 +02:00
ArthurHoaro
8d03f705eb Bulk action: set visibility
Added 2 buttons when link checkboxes are checked to set them either public or private.

Related to #572 #1160
2019-02-09 17:59:53 +01:00
ArthurHoaro
a062416918
Merge pull request #1208 from ArthurHoaro/feature/select-all
Add a button to toggle all checkboxes of displayed links
2018-10-06 13:30:29 +02:00
ArthurHoaro
4fa9a3c5d8 Fix a JS bug preventing AJAX tag deletion to work
Fixes #1214
2018-08-16 17:25:47 +02:00
ArthurHoaro
fc574e6454 Add a button to toggle all checkboxes of displayed links
Related to #1160
2018-08-13 13:13:26 +02:00
ArthurHoaro
e87f57c758 Remove Firefox Social API shaare
Firefox Social support has been dropped in Firefox 57.

Related to #1023
2018-07-28 11:26:12 +02:00
ArthurHoaro
a33c565365 Webpack / Rewrite all JS to ES6 Syntax 2018-03-28 19:01:17 +02:00
ArthurHoaro
b3375c7f86 Webpack / Remove frontend dependencies from tpl/ & inc/ and move them to assets/ 2018-03-28 19:01:17 +02:00