d02bf19916
[add] new logo and news favicon
2015-07-16 17:12:59 +02:00
7bae9485fd
[upd] update README and go to myShaarli 1.0.0 beta
2015-07-08 12:00:55 +02:00
3c20b1071e
[upd] clean up id and proper css in paging template
2015-07-03 14:32:04 +02:00
0b7c7fc069
[add] new theme and adapte linklist template
2015-07-03 13:48:53 +02:00
88f2ebadca
[upd] refactor login form
2015-07-03 10:22:39 +02:00
62c55f9c8c
[upd] replace js focus by html5 autofocus
2015-07-03 10:08:37 +02:00
c5eeb78c3c
[chg] cleanup html structure
2015-07-03 10:02:58 +02:00
8afd5016af
[chg] remove language="JavaScript"
2015-07-03 09:50:53 +02:00
799c92d786
[add] new configuration page
...
[fix] disable thumbnails keep left space in myShaarli theme
2015-07-01 12:20:41 +02:00
d541bf3514
[chg] better html structure
2015-06-29 15:19:32 +02:00
a044da320e
[fix] forgot includes.html
2015-06-29 14:51:09 +02:00
ff50f9c69e
[chg] start proper fork of original Shaarli
2015-06-26 17:29:17 +02:00
9047fb2fd5
[chg] remove javascript autofocus prefer html5
2015-06-26 15:33:17 +02:00
1f28497fff
[add] option for define contact link
2015-06-26 15:23:10 +02:00
cd635a0857
[add] Firefox social API by Marsup d33c5d4c3b
2015-06-26 14:41:36 +02:00
5bc8d56ae8
[fix] small fix
2015-06-26 12:23:23 +02:00
75d92a11f6
[fix] duplicate id paging_current in paging
2015-05-20 12:30:54 +02:00
b69f64e3fa
[add] option for post original article to wallabag (nodiscc plugin)
2015-05-20 12:23:02 +02:00
3737a64ff3
[chg] change rename/delete tag form
2015-05-20 10:40:51 +02:00
2e05b32a32
[add] markdown documentation
...
[upd] better css and semantic for edit/add form
2015-05-13 12:07:03 +02:00
Qwerty
83a86d2d39
Add Archive.org integration
...
* adds an "archive" link next to permalinks, linking to the last version of the page on archive.org
2015-05-05 15:56:17 +02:00
ArthurHoaro
1687756741
shaarli/Shaarli#34 : Make update check optional
...
* Add a check box at installation (checked by default)
* Add a check box in configuration page
2015-05-05 15:36:46 +02:00
27c05d1885
[upd] fix all div width
2015-05-05 15:10:32 +02:00
a90f15a5c2
[upd] css search form
2015-05-05 14:34:29 +02:00
nodiscc
e76cb042fa
tools dialog: add a 'Add Note' bookmarklet to immediatly open a note (text post) compose window
...
* Fixes https://github.com/shaarli/Shaarli/issues/142
* Fixes https://github.com/sebsauvage/Shaarli/issues/59
2015-05-05 12:02:03 +02:00
f0bec991d0
Merge branch 'favicon' into myShaarli
...
Conflicts:
index.php
2015-01-30 09:37:52 +01:00
268682859a
[add] show favicon of site
...
[add] fetch and cache favicon
2015-01-29 16:59:59 +01:00
7a8068a787
[upd] update input label via
2013-11-21 17:10:47 +01:00
06d803e78e
[upd] change via message (@via to Origine =>)
...
[fix] via field for atom
2013-11-21 16:50:48 +01:00
55ade1a969
Fix bad merge
2013-09-27 10:02:20 +02:00
6cb22b63c5
Merge branch 'master' into myShaarli
...
Conflicts:
tpl/page.header.html
tpl/picwall.html
tpl/tagcloud.html
2013-09-27 09:53:07 +02:00
6f5933d23f
Sync with SebSauvage repo
2013-09-27 09:38:01 +02:00
7e929771eb
[upd] link to homepage
2013-09-09 10:44:42 +02:00
ba36c44c5c
[add] link to contact page
2013-09-09 10:42:27 +02:00
12e74779c4
[fix] small bug (bad empty test)
2013-05-03 10:44:24 +02:00
c2d24b7827
[add] via input
2013-04-30 16:20:54 +02:00
Christophe HENRY
1db7867707
typo
2013-03-29 17:04:15 +01:00
Christophe HENRY
6888cc6f90
Adds a configuration variable "titleLink" which allows to customize the
...
link on the title.
Conflicts:
tpl/page.header.html
2013-03-29 16:56:24 +01:00
01f59ddf63
Change the tagcloud generation for better variaous size.
2013-03-29 15:51:56 +01:00
4c02d06d57
Merge remote-tracking branch 'master/master' into myShaarli
2013-03-29 15:48:58 +01:00
9550bfe181
Move inline CSS style to shaarli.css
2013-03-29 15:37:44 +01:00
dc420191df
Move inline CSS style to shaarli.css
2013-03-29 15:21:32 +01:00
e4501035c3
Merge remote-tracking branch 'origin/master' into myShaarli
2013-03-21 10:57:51 +01:00
c98a5f2205
Create a personal themes for Shaarli.
2013-03-20 12:31:27 +01:00
Sébastien SAUVAGE
99954e1290
Merge pull request #43 from dsferruzza/highlight-search-results
...
Highlight search results
2013-03-11 02:11:47 -07:00
David Sferruzza
f2acdfd14e
Move lazyload init inside the body tag
2013-03-10 19:04:48 +01:00
David Sferruzza
9da4953190
Avoid highlighting paging stuff
2013-03-10 18:26:16 +01:00
David Sferruzza
1b647ff409
Highlight search results (issue #4 )
...
Uses http://bartaz.github.com/sandbox.js/jquery.highlight.html
2013-03-10 18:24:05 +01:00
bb8f712db6
[add] https://github.com/sebsauvage/Shaarli/issues/20 New links created as private by default.
2013-03-04 10:18:39 +01:00
Sebastien SAUVAGE
feebc6d466
Corrected vulnerabilities (see report below)
...
Title : Shaarli Vulnerabilities
Author : @erwan_lr | @_WPScan_
Vendor : http://sebsauvage.net/wiki/doku.php?id=php:shaarli
Download : https://github.com/sebsauvage/Shaarli/archive/master.zip |
http://sebsauvage.net/files/shaarli_0.0.40beta.zip
Affected versions : master-705F835, 0.0.40-beta (versions below may also
be vulnerable)
Vulnerabilities : Persistent XSS & Unvalidated Redirects and Forwards
Persistent XSS :
- During the instalation or configuration modification, the title field
is vulnerable. e.g <script>alert(1)</script>
Quotes can not be used because of var_export(), but String.fromCharCode
works
- The url field of a link is vulnerable :
When there is no redirector : javascript:alert(1)
Then, the code is triggered when a user click the url of a link
Or with a classic XSS : "><script>alert(1)</script>
Unvalidated Redirects and Forwards :
A request with the param linksperpage or privateonly can be used to
redirect a user to an arbitrary referer
e.g
GET /Audit/Shaarli/master-705f835/?linksperpage=10 HTTP/1.1
Host: 127.0.0.1
Referer: https://duckduckgo.com
History :
March 2, 2013
- Vendor contacted
2013-03-03 22:15:38 +01:00
