Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | do not escape tags here since it will destroy additional query params | Mario | 2022-08-21 | 1 | -1/+1 |
| | |||||
* | Activity: check for other forms of as:Public, Search: make sure to run ↵ | Mario | 2022-08-21 | 2 | -8/+10 |
| | | | | htmlspecialchars_decode on the AP url so that previously encoded chars will be decoded again | ||||
* | check against null | Mario Vavti | 2022-08-07 | 1 | -2/+2 |
| | |||||
* | update widget description | Mario Vavti | 2022-08-05 | 1 | -1/+1 |
| | |||||
* | only decode attachment and iconfig for nonresponse activities | Mario Vavti | 2022-08-04 | 1 | -9/+9 |
| | |||||
* | fix lang tests if result is ambigous | Mario | 2022-07-26 | 1 | -10/+26 |
| | |||||
* | add "falsey" test | Mario | 2022-07-26 | 2 | -2/+22 |
| | |||||
* | check if the webpages app is installed | Mario | 2022-07-18 | 1 | -0/+5 |
| | |||||
* | HQ dashboard - missing files | Mario | 2022-07-16 | 1 | -0/+246 |
| | |||||
* | HQ dashboard - initial checkin | Mario | 2022-07-15 | 3 | -61/+69 |
| | |||||
* | oembed: implement a max oembed size which defaults to 1MB and do not try to ↵ | Mario | 2022-06-03 | 3 | -3/+3 |
| | | | | oembed text previews | ||||
* | prevent php error and add some doco | Mario | 2022-05-25 | 1 | -1/+5 |
| | |||||
* | bump php version requirement | Mario | 2022-05-25 | 2 | -13/+7 |
| | |||||
* | categories widgets cleanup | Mario | 2022-05-24 | 1 | -23/+9 |
| | |||||
* | streamline inbound attachment handling and fix regression from issue #1679 | Mario | 2022-05-23 | 1 | -22/+74 |
| | |||||
* | update to remove core apps (wiki, cards, articles) which have been moved to ↵ | Mario | 2022-05-19 | 1 | -0/+23 |
| | | | | addons | ||||
* | add a hidden config for the hs2019 http sig algo | Mario | 2022-05-19 | 1 | -2/+5 |
| | |||||
* | rendering fixes | Mario | 2022-05-19 | 1 | -12/+12 |
| | |||||
* | implement starring of pubstream items | Mario | 2022-05-18 | 2 | -12/+27 |
| | |||||
* | make sure we use source.content when rendering events to correctly render ↵ | Mario | 2022-05-16 | 1 | -1/+1 |
| | | | | observer related content. fix wrong media types. | ||||
* | fix php errors | Mario | 2022-05-14 | 1 | -3/+3 |
| | |||||
* | do not set allowed to true if verb is ACTIVITY_SHARE and slightly changed ↵ | Mario | 2022-05-13 | 1 | -3/+7 |
| | | | | logic for conv fetches | ||||
* | do not stringify integer value | Mario | 2022-05-11 | 1 | -1/+1 |
| | |||||
* | update queries in mod search - fixes #1677 | Mario | 2022-05-11 | 2 | -27/+24 |
| | |||||
* | deal with pleroma reactions | Mario | 2022-05-10 | 1 | -0/+8 |
| | |||||
* | use rev instead of _updated and the unix timestamp is less likely to cause ↵ | Mario | 2022-05-09 | 1 | -1/+1 |
| | | | | issues in the future | ||||
* | add the update date to the icon url. some platforms will not update if the ↵ | Mario | 2022-05-07 | 1 | -1/+1 |
| | | | | icon url remains static | ||||
* | more cleanup | Mario | 2022-05-06 | 2 | -12/+5 |
| | |||||
* | some cleanup after moving articles and cards to addons | Mario | 2022-05-06 | 3 | -85/+3 |
| | |||||
* | fix core issue #1676 and a liked/disliked/commented confusion | Mario | 2022-05-06 | 2 | -9/+40 |
| | |||||
* | move wiki to addons | Mario | 2022-05-06 | 6 | -2094/+0 |
| | |||||
* | move articles to addon | Mario | 2022-05-04 | 2 | -370/+0 |
| | |||||
* | move cards to addon | Mario | 2022-05-04 | 4 | -356/+11 |
| | |||||
* | hubloc in AS has been moved from data to meta a while ago | Mario Vavti | 2022-04-26 | 1 | -2/+2 |
| | |||||
* | whitespace | Mario Vavti | 2022-04-25 | 1 | -1/+1 |
| | |||||
* | if we have not been provided a profile id set the profile id to the default ↵ | Mario Vavti | 2022-04-25 | 1 | -0/+4 |
| | | | | profile - fixes #1671 | ||||
* | fix regression with incoming poll answers from activitypub | Mario Vavti | 2022-04-23 | 1 | -1/+1 |
| | |||||
* | move AP addressing to pubcrawl | Mario Vavti | 2022-04-07 | 1 | -122/+14 |
| | | | (cherry picked from commit 1390e1db399c06cb76e191437eb5be24dd95a5c7) | ||||
* | fixes in regard to hub re-installs: dismiss deleted hublocs, make sure we ↵ | Mario | 2022-04-01 | 3 | -11/+11 |
| | | | | use the latest hubloc entry for addressing, in Queue::deliver() prefer primaries since their info is probably more accurate | ||||
* | make sure to set comments_closed to the created date if nocomment is set | Mario Vavti | 2022-03-23 | 1 | -1/+1 |
| | |||||
* | streamline comment policy with downstream | Mario | 2022-03-23 | 1 | -14/+4 |
| | |||||
* | Merge branch 'security-fixes-lfi-xss-open-redirect' into 'dev' | Mario | 2022-03-23 | 10 | -47/+47 |
|\ | | | | | | | | | Security fixes See merge request hubzilla/core!2017 | ||||
| * | CVE-2022-27256: Open redirect via rpath query param. | Harald Eilertsen | 2022-03-20 | 10 | -27/+27 |
| | | | | | | | | | | | | | | | | Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 | ||||
| * | CVE-2022-27258: XSS via rpath query param. | Harald Eilertsen | 2022-03-20 | 10 | -20/+20 |
| | | | | | | | | | | | | | | | | | | | | Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666 | ||||
* | | add the signing algo to zotinfo, and store it in import_xchan() if present | Mario | 2022-03-20 | 2 | -0/+9 |
|/ | |||||
* | make sure an announce does not overwrite an item we already have and make ↵ | Mario | 2022-03-11 | 1 | -0/+7 |
| | | | | sure it will be a toplevel post | ||||
* | whitespace | Mario | 2022-03-10 | 1 | -35/+35 |
| | |||||
* | support for hs2019 | Mario | 2022-03-10 | 2 | -16/+61 |
| | |||||
* | move attachments to the top | Mario | 2022-03-05 | 1 | -5/+5 |
| | |||||
* | fix regression | Mario | 2022-03-04 | 1 | -2/+2 |
| |