diff options
author | Mario <mario@mariovavti.com> | 2019-11-15 09:55:44 +0000 |
---|---|---|
committer | Mario <mario@mariovavti.com> | 2019-11-15 11:03:38 +0100 |
commit | fd7d497cd1ba8846770425fc4dcb07c7cf5bbb85 (patch) | |
tree | 902d1da8467ce6d84337baf9377daa1ab65c18ec /Zotlabs/Module/Admin | |
parent | a974d0d52dc0f1b40316f0c30e9794b7b700e59e (diff) | |
download | volse-hubzilla-fd7d497cd1ba8846770425fc4dcb07c7cf5bbb85.tar.gz volse-hubzilla-fd7d497cd1ba8846770425fc4dcb07c7cf5bbb85.tar.bz2 volse-hubzilla-fd7d497cd1ba8846770425fc4dcb07c7cf5bbb85.zip |
make inline pdf a security option, move thumbnail security to security options from admin/site
(cherry picked from commit de9a7f0fa909792656d26d369f2ff21c57fc1e4d)
Diffstat (limited to 'Zotlabs/Module/Admin')
-rw-r--r-- | Zotlabs/Module/Admin/Security.php | 14 | ||||
-rw-r--r-- | Zotlabs/Module/Admin/Site.php | 3 |
2 files changed, 11 insertions, 6 deletions
diff --git a/Zotlabs/Module/Admin/Security.php b/Zotlabs/Module/Admin/Security.php index 80c1d85b7..16045f9ed 100644 --- a/Zotlabs/Module/Admin/Security.php +++ b/Zotlabs/Module/Admin/Security.php @@ -43,6 +43,12 @@ class Security { $be = $this->trim_array_elems(explode("\n",$_POST['embed_deny'])); set_config('system','embed_deny',$be); + + $thumbnail_security = ((x($_POST,'thumbnail_security')) ? intval($_POST['thumbnail_security']) : 0); + set_config('system', 'thumbnail_security' , $thumbnail_security); + + $inline_pdf = ((x($_POST,'inline_pdf')) ? intval($_POST['inline_pdf']) : 0); + set_config('system', 'inline_pdf' , $inline_pdf); $ts = ((x($_POST,'transport_security')) ? True : False); set_config('system','transport_security_header',$ts); @@ -86,7 +92,7 @@ class Security { $embedhelp2 = t("The recommended setting is to only allow unfiltered HTML from the following sites:"); $embedhelp3 = t("https://youtube.com/<br />https://www.youtube.com/<br />https://youtu.be/<br />https://vimeo.com/<br />https://soundcloud.com/<br />"); $embedhelp4 = t("All other embedded content will be filtered, <strong>unless</strong> embedded content from that site is explicitly blocked."); - + $t = get_markup_template('admin_security.tpl'); return replace_macros($t, array( '$title' => t('Administration'), @@ -106,7 +112,9 @@ class Security { '$embed_sslonly' => array('embed_sslonly',t('Only allow embeds from secure (SSL) websites and links.'), intval(get_config('system','embed_sslonly')),''), '$embed_allow' => array('embed_allow', t('Allow unfiltered embedded HTML content only from these domains'), $whiteembeds_str, t('One site per line. By default embedded content is filtered.')), '$embed_deny' => array('embed_deny', t('Block embedded HTML from these domains'), $blackembeds_str, ''), - + '$thumbnail_security' => [ 'thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.") ], + '$inline_pdf' => [ 'inline_pdf', t("Allow embedded (inline) PDF files"), get_config('system','inline_pdf',0), '' ], + // '$embed_coop' => array('embed_coop', t('Cooperative embed security'), $embed_coop, t('Enable to share embed security with other compatible sites/hubs')), '$submit' => t('Submit') @@ -128,4 +136,4 @@ class Security { } -}
\ No newline at end of file +} diff --git a/Zotlabs/Module/Admin/Site.php b/Zotlabs/Module/Admin/Site.php index 55c8ca928..4bb34b7b7 100644 --- a/Zotlabs/Module/Admin/Site.php +++ b/Zotlabs/Module/Admin/Site.php @@ -73,7 +73,6 @@ class Site { $feed_contacts = ((x($_POST,'feed_contacts')) ? intval($_POST['feed_contacts']) : 0); $verify_email = ((x($_POST,'verify_email')) ? 1 : 0); $imagick_path = ((x($_POST,'imagick_path')) ? trim($_POST['imagick_path']) : ''); - $thumbnail_security = ((x($_POST,'thumbnail_security')) ? intval($_POST['thumbnail_security']) : 0); $force_queue = ((intval($_POST['force_queue']) > 0) ? intval($_POST['force_queue']) : 3000); $pub_incl = escape_tags(trim($_POST['pub_incl'])); $pub_excl = escape_tags(trim($_POST['pub_excl'])); @@ -100,7 +99,6 @@ class Site { set_config('system', 'from_email', $from_email); set_config('system', 'from_email_name' , $from_email_name); set_config('system', 'imagick_convert_path' , $imagick_path); - set_config('system', 'thumbnail_security' , $thumbnail_security); set_config('system', 'default_permissions_role', $permissions_role); set_config('system', 'pubstream_incl',$pub_incl); set_config('system', 'pubstream_excl',$pub_excl); @@ -341,7 +339,6 @@ class Site { '$force_queue' => array('force_queue', t("Queue Threshold"), get_config('system','force_queue_threshold',3000), t("Always defer immediate delivery if queue contains more than this number of entries.")), '$poll_interval' => array('poll_interval', t("Poll interval"), (x(get_config('system','poll_interval'))?get_config('system','poll_interval'):2), t("Delay background polling processes by this many seconds to reduce system load. If 0, use delivery interval.")), '$imagick_path' => array('imagick_path', t("Path to ImageMagick convert program"), get_config('system','imagick_convert_path'), t("If set, use this program to generate photo thumbnails for huge images ( > 4000 pixels in either dimension), otherwise memory exhaustion may occur. Example: /usr/bin/convert")), - '$thumbnail_security' => array('thumbnail_security', t("Allow SVG thumbnails in file browser"), get_config('system','thumbnail_security',0), t("WARNING: SVG images may contain malicious code.")), '$maxloadavg' => array('maxloadavg', t("Maximum Load Average"), ((intval(get_config('system','maxloadavg')) > 0)?get_config('system','maxloadavg'):50), t("Maximum system load before delivery and poll processes are deferred - default 50.")), '$default_expire_days' => array('default_expire_days', t('Expiration period in days for imported (grid/network) content'), intval(get_config('system','default_expire_days')), t('0 for no expiration of imported content')), '$active_expire_days' => array('active_expire_days', t('Do not expire any posts which have comments less than this many days ago'), intval(get_config('system','active_expire_days',7)), ''), |