| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | CVE-2022-27256: Open redirect via rpath query param. | Harald Eilertsen | 2022-03-20 | 1 | -3/+3 |
| | | | | | | | | | Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 | ||||
| * | CVE-2022-27258: XSS via rpath query param. | Harald Eilertsen | 2022-03-20 | 1 | -1/+1 |
| | | | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 | ||||
| * | move from build_sync_packet() to Libsync::build_sync_packet() | Mario | 2020-04-09 | 1 | -1/+2 |
| | | |||||
| * | rename grid to network (for consistency) and activity to stream (as seen in ↵ | Mario Vavti | 2018-10-06 | 1 | -1/+1 |
| | | | | | osada) because it makes much more sense. | ||||
| * | move *_divmore_height setting to the module extra_settings, and fix issue ↵ | Mario Vavti | 2018-10-04 | 1 | -2/+26 |
| | | | | | where feature settings were not synced if rpath was provided | ||||
| * | provide settings for mod photo and make it slightly simpler to create new ↵ | Mario | 2018-09-23 | 1 | -6/+11 |
| | | | | | module settings | ||||
| * | keep the features in the central array but sort them by module name | Mario | 2018-09-23 | 1 | -77/+4 |
| | | |||||
| * | provide a return path from settings pages | Mario Vavti | 2018-09-21 | 1 | -0/+2 |
| | | |||||
| * | remove connection filter from network settings | Mario Vavti | 2018-09-20 | 1 | -8/+0 |
| | | |||||
| * | move connection filtering setting from network to connections, provide a ↵ | Mario Vavti | 2018-09-20 | 1 | -12/+2 |
| | | | | | link to settings in the navbar if present for a module and some code optimisation | ||||
| * | remove superfluous comma | Mario Vavti | 2018-09-17 | 1 | -1/+1 |
| | | |||||
| * | remove unused variable | Mario Vavti | 2018-09-17 | 1 | -1/+0 |
| | | |||||
| * | seperate settings for mod network | Mario Vavti | 2018-09-17 | 1 | -0/+128 |
 |
index : volse-hubzilla.git | |
| Volse Hubzilla -- soft fork of main Hubzilla core for Volse | Harald Eilertsen |
| aboutsummaryrefslogtreecommitdiffstats |