| Age | Commit message (Collapse) | Author |
|---|
|
Before, when the user was not logged in, pages where translated with the '_' user language.
Now, they are translated with the user preferred language if there is one supported by FreshRSS or with the system default language.
|
|
|
|
* Add dir info to gen.php & install.php!
* Add `make rtl` command
Using rtlcss because it has actually has a command-line application!
|
|
For an extension, I needed to call a script from an external domain.
Unfortunately, the CSP headers didn't allow this domain and I had to
patch manually the FreshRSS FrontController for my extension. It's
obviously not a long-term solution since it has nothing to do in the
core of FRSS, and I don't want to apply this patch manually at each
update.
With this patch, I allow changing the CSP header from inside the
controller actions. It allows extensions to modify headers. It's also an
opportunity to remove a bit of code from the FrontController. I wasn't
happy with the previous implementation anyhow.
Reference: https://github.com/flusio/xExtension-Flus/commit/ed12d56#diff-ff12e33ed31b23bda327499fa6e84eccR143
|
|
While I was looking at the number of articles of my users, I discovered
some of them had none, while having a bunch of feeds though. I took a
look at the logs generated by `app/actualize_script.php` and discovered
that the script stopped strangely (in this example, "OK" for denise is
expected, and more users too):
```
FreshRSS[1681]: FreshRSS Start feeds actualization...
Starting feed actualization at 2019-11-29T16:37:19+00:00
Actualize alice...
Actualize denise...
Results:
alice OK
denise
```
After digging a bit, I quickly realized the script stopped always on
users who didn't validate their emails. And indeed, we trigger a
`Minz_Request::forward(..., true)` for these users, in the `FreshRSS`
class. This function calls the `exit` function, which stops the script.
This patch only allows the feed#actualize action to be executed for
unverified users in order to avoid an early-`exit`. This is a quick-win
solution, but I don't think it's a good one on the long term. I'll
propose an alternative in another patch, later.
|
|
* fix: Make sure $disable_aside is initialized
There was a warning for an uninitialized variable, hidden in production
but visible in development mode.
* fix: Allow to delete account when email isn't validated
|
|
* Add an email field to the profile page
I reuse the `mail_login` from the configuration. I'm not sure if it's
useful today (I would say it was used when Persona login was available).
A good improvement would be to rename `mail_login` into `email` so it
would be more intuitive to use.
* Add boolean to the conf to force email validation
This commit only adds a configuration item.
* Add email during registration if email must be validated
* Set email token to validate when email changes
* Block access to FreshRSS if email is not validated
* Send email when address is changed
* Allow to resend the validation email
* Allow the user to change its email while blocked
* Document the email validation feature
* fixup! Allow the user to change its email while blocked
* tec: Autoload PHPMailer lib
* Validate email address format
* Add feedback on validation email resend action
* Allow to logout when user is blocked
* fix: Change default email "from"
* Reorganize i18n keys
* Complete all the locales with default english
* Hide sidebar (profile page) if email is not validated
* Check email requirements on registration
* Allow admin to specify email when creating users
* Don't check email format if value is empty
* Remove trailing comma in userController
Co-Authored-By: Alexandre Alapetite <alexandre@alapetite.fr>
* Set PHPMailer validator to html5 before sending email
* fixup! Remove trailing comma in userController
|
|
Hooks allow to:
- add items in menus
- perform new actions at the end of FreshRSS initialization
|
|
* Fix user self registration
Fix https://github.com/FreshRSS/FreshRSS/issues/2381
* CSRF for admin
|
|
* Rework CSRF interaction with sessions
Fix https://github.com/FreshRSS/FreshRSS/issues/2288
Improve security in some edge cases
Maybe relevant for
https://github.com/FreshRSS/FreshRSS/issues/2125#issuecomment-474992671
* Forgotten mime type
|
|
It's been probably long enough since
https://github.com/FreshRSS/FreshRSS/pull/1099
|
|
* Less jQuery
Follow-up of https://github.com/FreshRSS/FreshRSS/pull/2199
* Even less jQuery + global view unread title fix
* Even less jQuery
* Yet even less jQuery
* Even less jQuery
* Reduce some events
* Even less jQuery
* jQuery gone from main view
+Fixed English i18n
* Fix feed folded view
* Remove Firefox 64 workaround
Remove workaround for Gecko bug 1514498 in Firefox 64, fixed in Firefox
65
* Split to extra.js
Avoid loading unneeded JavaScript code for the main view.
+ several adjustements
* Improve CSS transition fold category
* Rewrite shortcuts
Remove library. Much faster, shorter, one listener instead of many.
Control of the shortcut context.
Fix https://github.com/FreshRSS/FreshRSS/issues/2215
* Remove debug
* Minor syntax
* Filter out unwanted shortcut modifiers
* Menu overflow fix
* Typo
* Fix unfolding in mobile view
* Remove jQuery from category.js
* Remove jQuery from Global view
|
|
* Remove next prefetch
This approach was only efficient in the specific case when no change was
made (no mark-as-read, favourites, tags), and useless in the other
situations.
Removed to reduce server load.
* Remove next prefetch from JavaScript too
* Remove some preload / prefetch
While useful for the first request, those preload / prefetch hints are
slightly negative for the following requets, especially server-side,
e.g. generating one log entry in Apache, and a bit more network traffic.
* Revert mistake
* Remove comment
https://github.com/FreshRSS/FreshRSS/pull/2040#discussion_r223214915
|
|
* Explicit quotes decoding
* Explicit htmlspecialchars_decode and htmlspecialchars
|
|
From ./data/ to ./app/
Fix manual updates like
https://github.com/FreshRSS/FreshRSS/issues/1803#issuecomment-369371907
Left for later: support a ./data/shares.local.php for user-defined
shares.
|
|
$a['method'] can be undefined.
https://github.com/FreshRSS/FreshRSS/pull/1674
https://github.com/FreshRSS/FreshRSS/issues/1521
|
|
See #1521
|
|
https://github.com/FreshRSS/Extensions/issues/13
|
|
https://github.com/FreshRSS/FreshRSS/issues/1531
|
|
https://github.com/FreshRSS/FreshRSS/issues/1257#issuecomment-248111169
|
|
And set correct parent option
https://github.com/FreshRSS/FreshRSS/pull/1172
|
|
https://github.com/FreshRSS/FreshRSS/pull/1172
|
|
https://www.w3.org/TR/referrer-policy/#referrer-policy-no-referrer
https://github.com/FreshRSS/FreshRSS/issues/570
https://github.com/FreshRSS/FreshRSS/issues/955
https://github.com/FreshRSS/FreshRSS/issues/1198
https://github.com/FreshRSS/FreshRSS/issues/565
https://github.com/FreshRSS/FreshRSS/issues/554
|
|
https://github.com/FreshRSS/FreshRSS/issues/1052
|
|
|
|
|
|
|
|
Fast flush HTTP headers, push promise CSS.
Requires PHP 5.3+ due to anonymous function.
Do not load syles, scripts, and notifications for Ajax requests.
https://github.com/FreshRSS/FreshRSS/issues/1089
|
|
https://github.com/FreshRSS/FreshRSS/issues/1114
|
|
https://github.com/FreshRSS/FreshRSS/pull/1075
https://github.com/FreshRSS/FreshRSS/pull/1078
https://developer.mozilla.org/en-US/Firefox/Releases/45#Security
https://bugzilla.mozilla.org/show_bug.cgi?id=1045891
|
|
https://github.com/FreshRSS/FreshRSS/issues/1075
|
|
https://github.com/FreshRSS/FreshRSS/issues/1075
|
|
Simpler, lighter
https://github.com/FreshRSS/FreshRSS/issues/1075
|
|
E.g. for YouTube videos, etc.
https://github.com/FreshRSS/FreshRSS/issues/1075
|
|
https://github.com/FreshRSS/FreshRSS/issues/1075
|
|
https://github.com/FreshRSS/FreshRSS/issues/821
|
|
Yep, same as 8968288...
|
|
Add a lot of comments to explain how work the FRSS front controller and
the order of initializations.
Fix https://github.com/FreshRSS/FreshRSS/issues/745
|
|
Conflicts:
app/FreshRSS.php
app/Models/Configuration.php
app/views/index/index.phtml
app/views/index/normal.phtml
lib/Minz/Configuration.php
lib/Minz/Translate.php
lib/lib_rss.php
|
|
We are blocked if a setter has to update several values.
ConfigurationSetter will be updated.
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
- FreshRSS_Share is the only object we manipulate
- Add a way to register new share options easily
- Move some i18n keys from index.php to gen.php
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
- Change the way to init i18n
- Add a availableLanguages() method to Minz_Translate
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
General attribute has been removed from system config.
Now subattributes (e.g. environment, salt, title, etc.) are directly accessible.
YOU HAVE TO FIX YOUR ./data/config.php file!
- Remove the general array
- Values inside this array must be kept
- To see what it must look like, please have a look to ./data/config.default.php
(but keep your values!!).
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
- FreshRSS_Context::$conf is replaced by FreshRSS_Context::$user_conf
- Introduce FreshRSS_Context::$system_conf
- Remove FreshRSS_Configuration object
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
- Use only Minz_Configuration
- register() method to load a new configuration file
- get() to get a configuration
- new exceptions related to configuration
- fix a list configuration calls to have FRSS working
Current problems to resolve:
- How to handle configuration param verifications (i.e. check auth_type
is a value from none, http_auth, persona or form)
- We must use $conf = Minz_Configuration::get('system'); $general_conf = $conf->general;
to access global system configuration which is quite annoying. How to change that?
See https://github.com/FreshRSS/FreshRSS/issues/730
|
|
See https://github.com/FreshRSS/FreshRSS/issues/252
|
|
- system extensions can only be managed by an administrator
- system extensions are loaded for all users (even if not logged)
- user extensions are loaded for logged users only
- system extensions loading is saved in global config.php file
See https://github.com/FreshRSS/FreshRSS/issues/252
|
|
|
Alexis Degrugillier
Marien Fressinaud
Frans de Jonge
Alexandre Alapetite
romibi
