aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Settings/Network.php
Commit message (Collapse)AuthorAgeFilesLines
* Several issues discovered by PHPStanHarald Eilertsen7 days1-4/+1
|
* CVE-2022-27256: Open redirect via rpath query param.Harald Eilertsen2022-03-201-3/+3
| | | | | | | | Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
* CVE-2022-27258: XSS via rpath query param.Harald Eilertsen2022-03-201-1/+1
| | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
* move from build_sync_packet() to Libsync::build_sync_packet()Mario2020-04-091-1/+2
|
* rename grid to network (for consistency) and activity to stream (as seen in ↵Mario Vavti2018-10-061-1/+1
| | | | osada) because it makes much more sense.
* move *_divmore_height setting to the module extra_settings, and fix issue ↵Mario Vavti2018-10-041-2/+26
| | | | where feature settings were not synced if rpath was provided
* provide settings for mod photo and make it slightly simpler to create new ↵Mario2018-09-231-6/+11
| | | | module settings
* keep the features in the central array but sort them by module nameMario2018-09-231-77/+4
|
* provide a return path from settings pagesMario Vavti2018-09-211-0/+2
|
* remove connection filter from network settingsMario Vavti2018-09-201-8/+0
|
* move connection filtering setting from network to connections, provide a ↵Mario Vavti2018-09-201-12/+2
| | | | link to settings in the navbar if present for a module and some code optimisation
* remove superfluous commaMario Vavti2018-09-171-1/+1
|
* remove unused variableMario Vavti2018-09-171-1/+0
|
* seperate settings for mod networkMario Vavti2018-09-171-0/+128