Commit graph

1802 commits

Author SHA1 Message Date
VirtualTam
8b48e36594
Merge pull request #1059 from virtualtam/fix/htaccess-git
htaccess: prevent accessing resources not managed by SCM
2018-02-05 18:21:59 +01:00
VirtualTam
cabf1b6bec htaccess: prevent accessing resources not managed by SCM
See:
- https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/
- https://stackoverflow.com/questions/2530372/how-do-i-disable-directory-browsing
- https://httpd.apache.org/docs/current/mod/mod_rewrite.html

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-02-05 18:18:52 +01:00
VirtualTam
91f17fc92a
Merge pull request #1008 from virtualtam/refactor/authentication
Refactor login / ban management
2018-02-05 18:16:32 +01:00
VirtualTam
44acf70681 Refactor login / ban authentication steps
Relates to https://github.com/shaarli/Shaarli/issues/324

Added:
- Add the `LoginManager` class to manage logins and bans

Changed:
- Refactor IP ban management
- Simplify logic
- Avoid using globals, inject dependencies

Fixed:
- Use `ban_duration` instead of `ban_after` when setting a new ban

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-02-05 18:12:09 +01:00
ArthurHoaro
a381c373b3
Merge pull request #1074 from kalvn/feature/dailymarkdown
Executes daily hooks before creating columns.
2018-02-02 19:23:26 +01:00
ArthurHoaro
bc3ce7ec2a
Merge pull request #1038 from ArthurHoaro/feature/public-only-filter
Add a filter to only display public links
2018-02-02 19:22:37 +01:00
ArthurHoaro
17b4baedec
Merge pull request #1003 from ArthurHoaro/ci/php7.2
Drop PHP 5.5 compatibility and run Travis UT against PHP 7.2
2018-02-02 19:20:11 +01:00
ArthurHoaro
28df9fa4f7 INTL_IDNA_VARIANT_2003 is deprecated
See https://wiki.php.net/rfc/deprecate-and-remove-intl_idna_variant_2003
2018-02-02 19:15:47 +01:00
ArthurHoaro
5617dcf9d2 Drop PHP 5.5 compatibility and upgrade PHPUnit to v5.x
PHPUnit 4.x contains deprecated PHP functions in PHP 7.2.
2018-02-02 19:15:47 +01:00
ArthurHoaro
402f58e0ba CI: run UT against PHP 7.2 (currently in Release Candidate) 2018-02-02 19:15:10 +01:00
ArthurHoaro
91813a3634 Badge 2018-02-02 19:07:31 +01:00
ArthurHoaro
a3b9b8c4ff
Merge pull request #1076 from ArthurHoaro/changelog-v0.9.5
CHANGELOG + AUTHORS (v0.9.5)
2018-02-02 19:02:51 +01:00
ArthurHoaro
715ad9bd6b CHANGELOG + AUTHORS 2018-02-02 18:59:55 +01:00
ArthurHoaro
40e816e379
Merge pull request #1070 from ArthurHoaro/hotfix/lc-messages-warning
Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
2018-02-02 18:51:53 +01:00
kalvn
50142efd1b Executes daily hooks before creating columns. 2018-02-01 13:16:58 +01:00
ArthurHoaro
499bd43c37
Merge pull request #1069 from ArthurHoaro/feature/dependencies
Update dependencies and include latest version netscape-bookmark-parser
2018-01-31 16:15:23 +01:00
ArthurHoaro
b7c412d4d0 Use LC_COLLATE instead of LC_MESSAGES if php-intl is not installed
As stated in the docs:

> LC_MESSAGES for system responses (available if PHP was compiled with libintl)

Fixes #1067
2018-01-31 12:39:17 +01:00
ArthurHoaro
44c818cebd Update dependencies and include latest version netscape-bookmark-parser 2018-01-31 12:23:43 +01:00
ArthurHoaro
2cbf4acdde
Merge pull request #1063 from ArthurHoaro/hotfix/legacy-warnings
Fix warnings when upgrading from legacy SebSauvage version
2018-01-31 12:18:31 +01:00
ArthurHoaro
5d924cba64 Update badges 2018-01-30 19:11:17 +01:00
ArthurHoaro
0fa18d4c5d
Merge pull request #1065 from ArthurHoaro/release-v9.0.4
pre release v0.9.4
2018-01-30 18:51:52 +01:00
ArthurHoaro
b49a25d33c Update AUTHORS 2018-01-30 18:49:51 +01:00
ArthurHoaro
f211618f20 Update CHANGELOG 2018-01-30 18:49:22 +01:00
ArthurHoaro
cb4ddbe4e7 Fix warnings when upgrading from legacy SebSauvage version
Fixes #1040
2018-01-25 19:55:31 +01:00
ArthurHoaro
d2f6d909e5 Public/private filter: use two separate buttons
#1038
2018-01-24 18:46:31 +01:00
ArthurHoaro
d449f79a0d
Merge pull request #977 from ArthurHoaro/feature/dl-filter
Extract the title/charset during page download, and check content type
2018-01-23 18:41:38 +01:00
nodiscc
5f8c3f532e
Merge pull request #1058 from FranckKe/patch-1
doc: bookmarklet: fix link to issue 196
2018-01-18 20:49:29 +01:00
nodiscc
bc55e94795
Merge pull request #1057 from shaarli/doc-derefind
doc: import: add link to derefind conversion tool
2018-01-18 20:49:20 +01:00
nodiscc
26c5b1bca6
Merge pull request #1049 from shaarli/doc-docker-arm
doc: add arm32v7 docker build documentation
2018-01-18 20:48:46 +01:00
Franck Kerbiriou
dafb386524
Fix link to issue 196 2018-01-18 14:10:48 +01:00
nodiscc
a52d39dafb
doc: import: add link to derefind conversion tool
As mentioned on gitter
2018-01-17 21:47:13 +01:00
nodiscc
5cb4c0d5bd
doc: fix link to dockerfiles 2018-01-13 11:48:42 +01:00
VirtualTam
5c6c82db19
Merge pull request #1055 from virtualtam/changelog
Update CHANGELOG for the next v0.9.x
2018-01-13 11:31:07 +01:00
nodiscc
a3f83c15f4
doc: docker: add links to docker build and qemu documentation 2018-01-12 23:06:30 +01:00
nodiscc
bf4faba9ca
doc: docker: remove armhf tags, add link to Dockerfiles 2018-01-12 23:00:20 +01:00
VirtualTam
9b6df5c91c Update CHANGELOG for the next v0.9.x
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-10 20:43:18 +01:00
nodiscc
3056afac2d
Merge pull request #1054 from shaarli/doc-mbstring-webhosts
doc: Server Requirements: php-mbstring: add 'hosting providers'
2018-01-09 23:15:29 +01:00
VirtualTam
310f17203d
Merge pull request #1050 from virtualtam/changelog/cve
Reference CVE-2018-5249 in CHANGELOG
2018-01-09 21:15:34 +01:00
nodiscc
42884868a3
doc: Server Requirements: php-mbstring: add 'hosting providers' 2018-01-09 20:13:05 +01:00
VirtualTam
8d9d4cc1ee Reference CVE-2018-5249 in CHANGELOG
Relates to https://github.com/shaarli/Shaarli/pull/1046

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-06 15:31:56 +01:00
ArthurHoaro
c8f7ba36ce
Merge pull request #1043 from immanuelfodor/improvement/shaarli-markdown-toolbar
Adding 3rd party plugin 'markdown-toolbar' to docs
2018-01-06 11:27:53 +01:00
nodiscc
b7ca2eb2f6 doc: add armhf docker images 2018-01-05 19:41:24 +01:00
VirtualTam
fdb4fee433
Merge pull request #1047 from virtualtam/changelog
Update changelog, documentation and authors
2018-01-04 19:00:48 +01:00
VirtualTam
2fadf88068 Update AUTHORS and contributor mailmap
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-04 18:52:52 +01:00
VirtualTam
f452d3c4df Update CHANGELOG, README badges and installation instructions
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-04 18:49:05 +01:00
VirtualTam
17dee65651
Merge pull request #1046 from virtualtam/security/login-xss
Fix XSS vulnerability
2018-01-04 18:04:34 +01:00
VirtualTam
65c002ca18 Fix XSS vulnerability
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2018-01-04 15:53:48 +01:00
Immánuel!
b6b53143fc Feature: Docker armhf support (#1041)
Docker: add Alpine Linux ARM HF latest and master images

See:
- http://www.armhf.com/
- https://wiki.alpinelinux.org/wiki/Alpine_on_ARM
- https://hub.docker.com/r/lsiobase/alpine.armhf/
2018-01-04 12:38:38 +01:00
ArthurHoaro
fcbc67edf0
Merge pull request #1044 from ArthurHoaro/hotfix/plugins-parameter-button
Fix an issue preventing the Save button to appear for plugin parameters
2018-01-01 15:46:04 +01:00
ArthurHoaro
d799554259 Fix an issue preventing the Save button to appear for plugin parameters
is a special variable in RainTPL used in loops
2018-01-01 15:40:51 +01:00