FreshRSS (Customized)/app/Controllers/authController.php, branch 1.14.0

FreshRSS (Customized)/app/Controllers/authController.php, branch 1.14.0 Customized version of FreshRSS, a self-hosted RSS feed aggregator https://git.rdnlsmith.com/fresh-rss-custom/atom?h=1.14.0 2019-03-22T18:05:38+00:00 Rework CSRF interaction with sessions (#2290) 2019-03-22T18:05:38+00:00 Alexandre Alapetite alexandre@alapetite.fr 2019-03-22T18:05:38+00:00 urn:sha1:ebd8c31c0272f135b1b55f0480d1c8c3875935fe * Rework CSRF interaction with sessions Fix https://github.com/FreshRSS/FreshRSS/issues/2288 Improve security in some edge cases Maybe relevant for https://github.com/FreshRSS/FreshRSS/issues/2125#issuecomment-474992671 * Forgotten mime type Less jQuery (#2234) 2019-02-13T14:06:28+00:00 Alexandre Alapetite alexandre@alapetite.fr 2019-02-13T14:06:28+00:00 urn:sha1:2374374ba972eb4cca84d7f71b1900f806c2b914 * Less jQuery Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2199 * Even less jQuery + global view unread title fix * Even less jQuery * Yet even less jQuery * Even less jQuery * Reduce some events * Even less jQuery * jQuery gone from main view +Fixed English i18n * Fix feed folded view * Remove Firefox 64 workaround Remove workaround for Gecko bug 1514498 in Firefox 64, fixed in Firefox 65 * Split to extra.js Avoid loading unneeded JavaScript code for the main view. + several adjustements * Improve CSS transition fold category * Rewrite shortcuts Remove library. Much faster, shorter, one listener instead of many. Control of the shortcut context. Fix https://github.com/FreshRSS/FreshRSS/issues/2215 * Remove debug * Minor syntax * Filter out unwanted shortcut modifiers * Menu overflow fix * Typo * Fix unfolding in mobile view * Remove jQuery from category.js * Remove jQuery from Global view HTTP authenfication fixes (#2204) 2019-01-02T20:43:05+00:00 Alexandre Alapetite alexandre@alapetite.fr 2019-01-02T20:43:05+00:00 urn:sha1:945cf832ad2c20c10704282d03326d8495d0ca4b * Security fixes when HTTP user does not exist in FreshRSS * Accept HTTP header X-WebAuth-User for delegated HTTP Authentication (e.g. Træfik) * Document delegated HTTP authentication from https://github.com/FreshRSS/FreshRSS/pull/2202 Multi-user token 2017-04-08T22:25:04+00:00 Alexandre Alapetite alexandre@alapetite.fr 2017-04-08T22:25:04+00:00 urn:sha1:0ce43be9de5bf676ceffa2e419941863f98fa970 https://github.com/FreshRSS/FreshRSS/issues/1390 https://github.com/FreshRSS/FreshRSS/issues/366 Option for cookie duration 2016-12-24T15:33:28+00:00 Alexandre Alapetite alexandre.alapetite@alexandra.dk 2016-12-24T15:33:28+00:00 urn:sha1:332a4dec8690b658bcb878a20056aea33c673f69 https://github.com/FreshRSS/FreshRSS/issues/1384 Remove Mozilla Persona login 2016-07-31T12:58:19+00:00 Alexandre Alapetite alexandre@alapetite.fr 2016-07-31T12:58:19+00:00 urn:sha1:c1548e732d7472c40473b3d99858059333a05eae https://github.com/FreshRSS/FreshRSS/issues/1052 Return after 403 2015-10-25T18:31:41+00:00 Alexandre Alapetite alexandre@alapetite.fr 2015-10-25T18:31:41+00:00 urn:sha1:ad1f0cb96b3eefdeac5031e59c8810fc9427b6e2 https://github.com/FreshRSS/FreshRSS/pull/1016 https://github.com/FreshRSS/FreshRSS/issues/1015 HTTP 403 for invalid login 2015-10-25T12:24:48+00:00 Alexandre Alapetite alexandre@alapetite.fr 2015-10-25T12:24:48+00:00 urn:sha1:7bb28c3f2b77b109451e2514e83fa99789fee35e https://github.com/FreshRSS/FreshRSS/issues/1015 And does not leak if user exists or not Add title to the account creation page 2015-07-22T21:06:46+00:00 Marien Fressinaud dev@marienfressinaud.fr 2015-07-22T21:06:46+00:00 urn:sha1:f0a1b26584787e173c8c9cd1a5fea27bb3044f1c See https://github.com/FreshRSS/FreshRSS/issues/679 Hide registration form if max registration reached 2015-07-22T12:00:08+00:00 Marien Fressinaud dev@marienfressinaud.fr 2015-07-22T12:00:08+00:00 urn:sha1:f560c44a003ca69644f8e7262dca2f8f7e6932d5 See https://github.com/FreshRSS/FreshRSS/issues/679