Commit graph

843 commits

Author SHA1 Message Date
ArthurHoaro
e037610115 Add markdown_escape setting
This setting allows to escape HTML in markdown rendering or not.
The goal behind it is to avoid XSS issue in shared instances.

More info:

  * the setting is set to true by default
  * it is set to false for anyone who already have the plugin enabled
  (avoid breaking existing entries)
  * improve the HTML sanitization when the setting is set to false - but don't consider it XSS proof
  * mention the setting in the plugin README
2017-02-28 19:16:54 +01:00
ArthurHoaro
5978588578 Merge pull request #754 from ArthurHoaro/webdesign2
New default template
2017-02-27 20:24:28 +01:00
ArthurHoaro
7dcbfde5ff Set the vintage theme by default for the time being 2017-02-27 20:20:53 +01:00
ArthurHoaro
7040169069 Multiple minor improvements and bugfixes regarding the new templates:
* Add API settings in `configure.html`
  * Fix textarea autoresize
  * Load user.css from data folder
  * Move fold/expand all button to the right and fix an issue with already folded items
  * Reset datetime display to international datetime
  * Temporarilly remove JS login panel (need improvement and integration with the plugin system)
  * Body background is slightly lighter
  * Fix an issue where thumbnails were hidden by description
  * Fix an issue where private orange bar wasn't displayed with thumbnails
  * Remove the gradient bar behind titles
  * Fix empty bookmarklet name in Firefox
2017-02-27 20:01:54 +01:00
ArthurHoaro
430ff07102 Upgrade awesomplete + fix multiple autocompletion fields 2017-02-27 20:01:54 +01:00
ArthurHoaro
246d72e143 Fix markdown plugin color overriding 2017-02-27 20:01:54 +01:00
ArthurHoaro
147f4df843 Improve plugin_admin.js to support multiple ordered rows 2017-02-27 20:01:54 +01:00
ArthurHoaro
402b034648 Introduce the new default Shaarli template 2017-02-27 20:01:54 +01:00
ArthurHoaro
009ce93581 Move default template to vintage folder 2017-02-27 20:01:54 +01:00
ArthurHoaro
9e5a37cc7f Merge pull request #783 from Sbgodin/spaceInBookmarklets
Removes spaces before bookmarklet's name
2017-02-24 12:21:49 +01:00
Christophe HENRY
b848615c52 Removes spaces before and after bookmarklet's name
Carriage returns turns into space in some cases. The name of the
bookmarklet, once in the browser bookmarks, is surrounded by spaces.
2017-02-22 20:01:40 +01:00
ArthurHoaro
b9eb50c099 Merge pull request #728 from ArthurHoaro/api/getLink
REST API: implements getLink by ID service
2017-02-19 16:48:59 +01:00
ArthurHoaro
16e3d006e9 REST API: implements getLink by ID service
See http://shaarli.github.io/api-documentation/#links-link-get
2017-02-19 16:45:59 +01:00
ArthurHoaro
65e56cbe49 Merge pull request #769 from ArthurHoaro/api/getlinks-visibility
REST API - getLinks: support the visibility parameter
2017-02-13 08:41:12 +01:00
ArthurHoaro
5f3f19f1c0 Merge pull request #776 from ArthurHoaro/hotfix/linkdb-update
Fixes #775: LinkDB do not access LinkDB before ID system migration
2017-02-04 15:24:49 +01:00
ArthurHoaro
c03455af11 Fixes #775: LinkDB do not access LinkDB before ID system migration
To access LinkDB items with its ArrayAccess implementation, the IDs must be consistent, which isn't the case before `updateMethodDatastoreIds()` execution. v0.6.4 method `updateMethodRenameDashTags()` was accessing it, so an upgrade <0.6.4 to >0.8.x was failing.

This just move the minor update `RenameDashTags` after the IDs update.
2017-02-04 12:01:48 +01:00
ArthurHoaro
6f566b69ba Merge pull request #771 from ArthurHoaro/master
v0.8.3 version bump in master
2017-01-20 17:04:51 +01:00
ArthurHoaro
03cadbe220 Bump version to v0.8.3
Signed-off-by: ArthurHoaro <arthur@hoa.ro>
2017-01-20 16:58:47 +01:00
ArthurHoaro
90d4ed9850 Changelog v0.8.3 2017-01-20 16:58:29 +01:00
ArthurHoaro
c37a6f820b REST API - getLinks: support the visibility parameter 2017-01-17 18:53:18 +01:00
ArthurHoaro
89dcbe5277 Merge pull request #768 from ArthurHoaro/feature/get-public-links
Update LinkFilter to be able to filter only public links
2017-01-17 09:55:25 +01:00
ArthurHoaro
679b6b40db Merge pull request #767 from ArthurHoaro/feature/delete-tag-redirect
Stay on the changetag page after tag deletion
2017-01-17 09:54:25 +01:00
ArthurHoaro
078fcb56ad Merge pull request #766 from ArthurHoaro/hotfix/deletion-redirect
Fix redirection after link deletion
2017-01-17 09:53:55 +01:00
ArthurHoaro
7f96d9ec21 Update LinkFilter to be able to filter only public links
No update regarding the UI or the API for now

Fixes #758
2017-01-16 13:57:11 +01:00
ArthurHoaro
b87442f216 Stay on the changetag page after tag deletion
+ fix changetag CSS alignement

relates to #756
2017-01-16 13:16:03 +01:00
ArthurHoaro
95e5add4be Fix redirection after link deletion
relates to #756
2017-01-16 13:07:53 +01:00
ArthurHoaro
d029cf67f8 Merge pull request #765 from ArthurHoaro/master
Cherry-pick version bump from v0.8 branch
2017-01-16 12:57:56 +01:00
ArthurHoaro
ae7f6b9d09 Bump version to v0.8.2 2017-01-16 12:53:08 +01:00
ArthurHoaro
fcb0d86b90 v0.8.2 Changelog 2017-01-16 12:52:56 +01:00
ArthurHoaro
4d9fd16ddf Merge pull request #761 from ArthurHoaro/hotfix/referrer-warning
Prevent warning if HTTP_REFERER isn't set
2017-01-16 12:40:00 +01:00
ArthurHoaro
514185e14b Merge pull request #760 from ArthurHoaro/plugins/addlink-css-404
Remove CSS call for addlink toolbar plugin
2017-01-16 12:39:24 +01:00
ArthurHoaro
d7d240f136 Merge pull request #759 from ArthurHoaro/hotfix/dup-tags
Prevent tag duplicate when renaming
2017-01-16 12:39:01 +01:00
VirtualTam
36dcf997e4 Update Changelog
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-16 11:35:59 +01:00
VirtualTam
3947bbb043 Bump expected minimal PHP version to 5.5
Relates to https://github.com/shaarli/Shaarli/issues/599
Relates to db6b09b69ee265a7d775924fcff9c61aaaabf1cb

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-16 11:35:46 +01:00
ArthurHoaro
8bbf02e0db Prevent warning if HTTP_REFERER isn't set
Fixes #723
2017-01-15 17:58:19 +01:00
ArthurHoaro
053673cb71 Remove CSS call for addlink toolbar plugin
Fixes #724
2017-01-15 17:50:16 +01:00
ArthurHoaro
d6327389fc Prevent tag duplicate when renaming
Fixes #757
2017-01-15 17:46:24 +01:00
ArthurHoaro
9977c418d6 Merge pull request #727 from ArthurHoaro/api/getlinks
REST API: implement getLinks service
2017-01-15 16:49:50 +01:00
ArthurHoaro
5fbab3edb3 Merge pull request #746 from ArthurHoaro/hotfix/delete-button
Fix delete button in editlink
2017-01-15 14:01:47 +01:00
ArthurHoaro
c3b00963fe REST API: implement getLinks service
See http://shaarli.github.io/api-documentation/#links-links-collection-get
2017-01-15 13:55:22 +01:00
VirtualTam
63ef549749 API: expect JWT in the Authorization header
Relates to https://github.com/shaarli/Shaarli/pull/731

Added:
- require the presence of the 'Authorization' header

Changed:
- use the HTTP Bearer Token authorization schema

See:
- https://jwt.io/introduction/#how-do-json-web-tokens-work-
- https://tools.ietf.org/html/rfc6750
- http://security.stackexchange.com/q/108662

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-15 13:41:04 +01:00
ArthurHoaro
37ab940599 Merge pull request #753 from ArthurHoaro/usercss
Move user.css to data folder
2017-01-14 17:56:28 +01:00
ArthurHoaro
7282418baa Move user.css to data folder 2017-01-14 16:43:32 +01:00
VirtualTam
3ee5c69777 Add an AUTHORS file, simplify COPYING, bump year to 2017
Added:
- AUTHORS file listing Shaarli contributors
- mailmap information to group a Git author's different aliases
- Makefile target to list contributors from Git commit data

Changed:
- Simplify COPYING by using a single "Shaarli Community" entry
- Bump year to 2017

See:
- man git-shortlog
- https://www.kernel.org/pub/software/scm/git/docs/git-shortlog.html#_mapping_authors

Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-07 14:49:39 +01:00
VirtualTam
ee6f4b64a9 Cleanup: use safe boolean comparisons
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-07 14:37:40 +01:00
ArthurHoaro
066333c03c Fix delete button in editlink
This one was forgotten in #682
2017-01-07 11:15:30 +01:00
Arthur
7418f7cb60 Merge pull request #732 from ArthurHoaro/feature/theme-manager
Theme manager: improvements
2017-01-06 11:40:54 +01:00
VirtualTam
93b1fe54fb Cleanup: explicit method visibility
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-05 19:52:04 +01:00
VirtualTam
724f1e3229 Cleanup: remove unused variables
Signed-off-by: VirtualTam <virtualtam@flibidi.net>
2017-01-05 19:51:50 +01:00
ArthurHoaro
01c6e32a02 Fix permalink image alignement in daily page 2017-01-05 16:16:27 +01:00