mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-02 05:41:01 +00:00
Code Issues Projects Releases Wiki Activity
8263 commits 12 branches 99 tags 184 MiB
Commit graph

2583 commits

Author SHA1 Message Date
Nicolas Lœuillet 708bb261d0
Update quickstart content 2023-06-19 13:59:34 +02:00
Nicolas Lœuillet fedd6c9eda
Remove hardcoded string 2023-06-19 10:08:51 +02:00
Nicolas Lœuillet 28db6c22eb
Fix duplicate tags creation when assigning search results to tag 
Fixes #6330
 2023-06-17 15:19:59 +02:00
Simounet 619499d455
[Boyscout] Settings: Reduced width for the default mark as read container 2023-06-16 14:28:57 +02:00
Simounet 97a87235a1
Setting to show / hide articles thumbnails styling 2023-06-16 14:28:57 +02:00
Nicolas Lœuillet 7eddea6ff7
Added test 2023-06-16 14:27:27 +02:00
Nicolas Lœuillet 19322142c3
Fixed testsuite 2023-06-16 14:27:26 +02:00
Nicolas Lœuillet 46521e48e5
PHP CS fix 2023-06-16 14:27:26 +02:00
Nicolas Lœuillet a94d7503c2
Added new setting to show / hide articles thumbnails 2023-06-16 14:27:15 +02:00
Nicolas Lœuillet 54b3977a3c Update main contributors 2023-06-16 11:40:33 +02:00
Simounet 78f66c72fc
Remove annotation text on entry without any 2023-06-15 23:17:30 +02:00
Simounet 18943d191f
[Boyscout] Useless title on tags removed 2023-06-15 23:14:02 +02:00
Simounet 5d1abde36d
Entry view tags styled udpated 2023-06-15 23:13:45 +02:00
Nicolas Lœuillet ae975fdba0
Update translation key 2023-06-15 17:06:31 +02:00
Nicolas Lœuillet 439e906c44
Merge pull request #6619 from Simounet/fix/6618-mass-action-not-submitting 
Fix #6618 mass action buttons not submitting anything
 2023-06-15 15:00:42 +02:00
Simounet 09af754a33
Fix #6618 mass action buttons not submitting anything 2023-06-15 14:52:59 +02:00
Simounet fcb880fbd1
Empty space on the top bar used for more add url toggle clickable target 2023-06-14 21:54:57 +02:00
Nicolas Lœuillet 96cf34f730 Added flash message when we try to add to much tags 2023-06-13 13:06:35 +02:00
Simounet fe740f4a69
Fix RSS feed_route not set 2023-06-12 19:05:38 +02:00
Simounet 3c7457801f
index class added to body 2023-06-12 18:15:39 +02:00
Simounet e5b72f3123
Fix Stylelint errors 2023-06-12 18:15:38 +02:00
Kevin Decherf 3e02a8aaf5
Merge pull request #6547 from Simounet/feat/mass-action-ui 
Feat/mass action UI
 2023-06-01 22:20:05 +02:00
Jérémy Benoist bea10aacbe
Merge pull request #6562 from Simounet/fix/downloadimages-redirect-following 
Fix DownloadImages not following redirections
 2023-05-31 15:04:02 +02:00
Simounet 548b610a17
Fix images downloading with numeric HTML entity 2023-05-30 13:38:50 +02:00
Simounet 2f944aa74a
Fix DownloadImages not following redirections 2023-05-30 12:41:00 +02:00
Simounet 81f58df7b8
Mass action tag layout updated 2023-05-26 21:14:32 +02:00
Simounet f9143c4255
[Boyscout] Elements in need of entries hidden if no entry available 2023-05-25 22:22:48 +02:00
Simounet d0aad7b96d
Mass actions available on cards view 
fixup! Mass action toggle button added
 2023-05-25 22:04:44 +02:00
Simounet 384918cda9
Mass action toggle button added 2023-05-25 21:56:09 +02:00
Simounet eae4d5a142
[Boyscout] Feed link HTML facto 2023-05-25 21:56:08 +02:00
Martin Trigaux 26a4030e87 [FIX] round reading time in export 
Before this commit, the exported entry (pdf, epub,...) could look like:

Estimated reading time:
2.6666666666667 min

Now it will be:
Estimated reading time
3 min
 2023-05-24 17:07:44 +02:00
Jeremy Benoist 4dd380b7dd
Fix test following 2.5 merge into master 2023-04-24 14:46:40 +02:00
Jeremy Benoist 66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Casper Meijn 5a5148707c Fix API allowed_registration 
Two configuration options need to be enabled to allow user registration via the API:
1) fosuser_registration, which indicates whether registration is allowed at all (frontend and API)
2) api_user_registration, which indicates whether registration is allowed via the API
 2023-03-28 20:12:55 +02:00
Jérémy 1003e8f074
Deleted translation using Weblate (English (United States)) 2023-03-27 12:10:09 +02:00
Jérémy Benoist 268372dbbd
Merge pull request #6289 from wallabag/2.5/fix-csrf-user-deletion 
Fix CSRF on user deletion
 2023-02-07 21:52:51 +01:00
Jérémy Benoist 4e023bddc3
Merge pull request #6288 from wallabag/2.5/xss-username-share-page 
Fix XSS on username on share page
 2023-02-07 21:43:04 +01:00
Jeremy Benoist f1b3d5cdd7
Fix CSRF on user deletion 2023-02-07 21:41:52 +01:00
Jeremy Benoist 242e3feac9
Fix adding tag to entries from other people 
I've also limited tag length to 20 chars (and limit adding more than 5 tags at once)
 2023-02-07 21:25:57 +01:00
Jeremy Benoist bd4c71682e
Fix XSS on username on share page 2023-02-07 19:58:06 +01:00
Jeremy Benoist b795622f06
Prepare 2.5.3 2023-02-01 09:51:02 +01:00
Jérémy Benoist 5ac6b6bff9
Merge pull request from GHSA-mrqx-mjc4-vfh3 
AnnotationController: fix improper authorization vulnerability
 2023-02-01 09:32:22 +01:00
Kevin Decherf 3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Wynton Franklin baddc525bb fix for config links 2023-01-23 18:19:49 -04:00
Kevin Decherf 0fdd9aa991 ExportController: fix improper authorization vulnerability 
We fix the improper authorization by duplicating the check done by
the private method EntryController::checkUserAction().

We also replace the ParamConverter used to get the requested Entry with
an explicit call to EntryRepository in order to prevent a resource
enumeration through response discrepancy. Thus, we get the same
exception whether the requested resource does not exist or is not owned
by the requester.

Fixes GHSA-qwx8-mxxx-mg96

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-20 15:09:38 +01:00
Kevin Decherf 2f2cfa2c2a Add prefix for tag slugs 
This should be considered as a temporary fix, we may deprecate tag
slugs in the future.

Fixes #6048

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-11 23:20:13 +01:00
Jérémy Benoist 7625e36b5a
Merge pull request #6182 from caspermeijn/openapi3 
Update annotations to OpenApi 3
 2023-01-02 10:39:56 +01:00
Casper Meijn 4f9c7a92a1 Update annotations to OpenApi 3 
Most of the API annotations are directly converted. The changes in meaning are:
- Parameters "in body" is not supported anymore. These are changed to "in query" or to a request body (depending on the code).
 2022-12-23 14:54:55 +01:00
Jérémy Benoist f04e48fc23
Merge pull request #6171 from wallabag/fix/json-array-dbal-type 
Properly handle `json_array` type removal
 2022-12-22 16:29:53 +01:00
Jeremy Benoist cdd2185063
Properly handle json_array type removal 
The `json_array` type was removed from DBAL v3, we should handle it using a migration to avoid error.
I've also added the remove type because we need it during migration.
 2022-12-21 11:02:51 +01:00