| Age | Commit message (Collapse) | Author |
|---|
|
fix https://github.com/FreshRSS/Extensions/issues/370
Regression from https://github.com/FreshRSS/FreshRSS/pull/7857
|
|
* Add option for CSP frame-ancestors
https://github.com/FreshRSS/FreshRSS/discussions/7856
* Revert contentSelectorPreviewAction
* Same for f.php and api
* Fix double init in f.php
* No sandbox for API page
|
|
1. `include`, `include_once`, `require` and `require_once` are expressions not functions, parentheses are not necessary.
2. to move up the directory tree, it's better to use the `dirname` function instead of relying on `/..`.
|
|
* Closes and fixes error from #7885
* `no-cache.txt` is now respected in `f.php`, `ext.php` and `serve` action in `extensionController`
* And in all other places that weren't checking for `no-cache.txt` (some extensions maybe)
|
|
* Puts CSP everywhere in `p/api`
* including the HTML query page ❗
* Also in `p/ext.php`
* Puts `X-Content-Type-Options: nosniff` everywhere
* Fixes custom icon configuration not showing `blob:` icon in statsController (idle feeds)
* Also removes `style-src 'unsafe-inline'` since it doesn't seem to be needed
* Improves CSP of `p/f.php`
* Add `sandbox` directive
|
|
* Fix file serving for symlinked extensions from ext.php
* Don't resolve symlink when deleting extension
* Minor syntax
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
fix https://github.com/FreshRSS/FreshRSS/issues/7498
Regression from https://github.com/FreshRSS/FreshRSS/pull/7495
|
|
* Secure serving of user files from extensions
fix https://github.com/FreshRSS/FreshRSS/issues/4930
* More fixes
* Typo
|
|
* Fix ext.php: Restrict valid paths in ext.php for extensions
Rework https://github.com/FreshRSS/FreshRSS/pull/7474
* Fix wrong variable
|
|
* Restrict valid paths in ext.php for extensions
* Disallow absolute paths as well
|
|
* Referrer-Policy: same-origin
* same-origin for our own images
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* revert
Fix code indentation
Fix code
Upgrade code to php 8.1
* fix remarques
* code review
* code review
* code review
* Apply suggestions from code review
* code review
* Fixes
* Many remainging updates of array syntax
* Lost case 'reading-list'
* Uneeded PHPDoc
---------
Co-authored-by: Luc Sanchez <l.sanchez-prestataire@alptis.fr>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Upgrade to PHP 8.1
As discussed in https://github.com/FreshRSS/FreshRSS/discussions/5474
https://www.php.net/releases/8.0/en.php
https://www.php.net/releases/8.1/en.php
Upgrade to available native type declarations
https://php.net/language.types.declarations
Upgrade to https://phpunit.de/announcements/phpunit-10.html which requires PHP 8.1+ (good timing, as version 9 was not maintained anymore)
Upgrade `:oldest` Docker dev image to oldest Alpine version supporting PHP 8.1: Alpine 3.16, which includes PHP 8.1.22.
* Include 6736
https://github.com/FreshRSS/FreshRSS/pull/6736
|
|
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Modernize code to php7.4
* Consistency
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
* Pass PHPStan level 8
And prepare for PHPStan level 9 https://phpstan.org/user-guide/rule-levels
* Revert wrong replace in comment
* Fix PHPStan level 8
* Update PHPStan and other dev dependencies
* Remove obsolete comment
* noVariableVariables and towards bleedingEdge
https://github.com/phpstan/phpstan-strict-rules
https://phpstan.org/blog/what-is-bleeding-edge
* More bleedingEdge
* A bit more PHPStan level 9
* More PHPStan level 9
* Prepare for booleansInConditions
Ignore int and null
* Revert wrong line
* More fixes
* Fix keep_max_n_unread
* Stricter attribute functions
* Stricter callHooks and more PHPStan level 9
* More typing
* A tiny more
|
|
* Little's optimisations and booleans in conditions
* Apply strict type
* Apply strict type
* Apply strict type
* Fix multiple bugs with PHP 8.2 and 8.3
* Many declares missing, more errors fixed
* Apply strict type
* Another approach
* Stronger typing for Minz_Session
* Fix case of SQLite
---------
Co-authored-by: Luc <sanchezluc+freshrss@gmail.com>
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
|
|
And app/FreshRSS.php
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4112
|
|
Related to https://github.com/FreshRSS/FreshRSS/pull/4991
Required a few changes in code to pass the tests
|
|
Details later.
Due to https://github.com/FreshRSS/FreshRSS/pull/3433 (1.18.0)
|
|
#fix https://github.com/FreshRSS/FreshRSS/discussions/4494
|
|
Contributes to https://github.com/FreshRSS/FreshRSS/issues/4103
https://phpstan.org/writing-php-code/phpdoc-types
|
|
Fix some wrong variables found by https://github.com/FreshRSS/FreshRSS/issues/4016
|
|
* Update Travis line length
* Also check whitespace in CSS files
* Fix line length ext.php
* More syntax, string templates
* Fix exclude-pattern
* Test JS files as well
|
|
Extension user files can be stored easily in the user folder instead of the static folder.
|
|
Before, it was possible to retrieve only the files from extensions. Thus
making core extension files unreachable.
Now, the selected file is search through all extensions folders.
|
|
|
|
* New core-extensions to allow Docker volumes for third-party extensions
#Fix https://github.com/FreshRSS/FreshRSS/issues/2650
Split our extensions directory into two:
1) Core extensions shipped with FreshRSS in ./lib/core-extensions/
2) Third-party extensions modified by end-users in ./extensions/ which
can easily be mounted as a Docker volume
* Example of Docker Compose with extensions
* Back-compatibility + fix array merge bug
|
|
|
|
https://github.com/FreshRSS/FreshRSS/issues/994
https://github.com/FreshRSS/FreshRSS/issues/2287
|
|
This handles the case where the extensions directory might be a symlink
|
|
For uniformity, and to avoid having PHP searching in include_path.
http://php.net/manual/function.include.php
https://github.com/FreshRSS/FreshRSS/pull/1715
https://github.com/FreshRSS/FreshRSS/pull/1711#issuecomment-350581350
|
|
Now, ext.php can only serve file under a EXTENSIONS_PATH/ext_dir/static/ directory.
A 400 Bad Request error will be returned for other files.
See https://github.com/FreshRSS/FreshRSS/issues/252
And https://github.com/FreshRSS/FreshRSS/commit/f9b037742a0aeb49cab86782d1a59913c2de47b
|
|
Add an extension->getFileUrl() method to facilitate url generation
|
|
https://github.com/marienfressinaud/FreshRSS/issues/252
|
|
https://github.com/marienfressinaud/FreshRSS/issues/252
I have been using this extension system for a little while, in
particular to include custom CSS and/or JavaScript (inclusion of PHP
code is not done yet).
There is very little code and it does not impact performances.
I hurry to post it before
https://github.com/marienfressinaud/FreshRSS/issues/655
|
Alexandre Alapetite
Alexis Degrugillier
Inverle
maTh
Luc SANCHEZ
Marien Fressinaud
Girish Ramakrishnan
