Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-01-24 13:39:46 +00:00
Code Issues Projects Releases Packages Wiki Activity
39245 commits 2 branches 67 tags 252 MiB
Commit graph

3569 commits

Author SHA1 Message Date
Michael
5df1ead001 Issue 13953: Fix warning during postupdate 2024-03-01 08:41:12 +00:00
Michael
20fd25258a Accidentally changes are reverted 2024-02-24 11:35:32 +00:00
Michael
00bb538fd0 Merge branch '2024.03-rc' of https://github.com/friendica/friendica into 2024.03-rc 2024-02-24 11:01:44 +00:00
Michael
12bdbaaba8 OEmbed: Complete cleanup 2024-02-24 11:01:34 +00:00
Hypolite Petovan
5c5d7eb04f
Fix several vulnerabilities (#13927) 
* Escape HTML in the location field of a calendar event post

- This allowed script tags to be interpreted in the post display of an event.

* Add form security token check to /admin/phpinfo module

- This prevents basic XSS attacks against /admin/phpinfo

* Add form security token check to /babel module

- This prevents basic XSS attacks against /babel

* Prevent pass-through for attachments

- This addresses a straightforward Reflected XSS vulnerability if a malicious HTML/Javascript file is attached to a post through upload

* Prevent overwriting cid on event edit

- This allowed to share an event as any other user after zeroing the cid field of an existing event
 2024-02-22 06:53:52 +01:00
Michael Vogel
71384e6f39
Issue 13909: Filter channels by network (#13924) 2024-02-20 07:11:26 +01:00
Michael
892e0a5623 Check for activity pub mime types 2024-02-19 07:11:56 +00:00
Michael Vogel
bcec6c5ab2
Issue #13899: Fix error on postupdate (#13915) 2024-02-18 20:09:56 +01:00
Michael
0d2ea97eb1 Fix comtact-relation follower calculation 2024-02-17 21:32:17 +00:00
Michael Vogel
14e5b06029
Image handling reworked, new image formats added (#13900) 
* Image handling reworked, new image formats added

* Updated messages.po

* The dot is now part of the file extension

* Added WebP in install documentation

* Handle unhandled mime types

* Fixed animated picture detected
 2024-02-17 07:45:41 +01:00
Michael Vogel
fad55e0948
Prevent users from following relay accounts (#13894) 2024-02-13 06:50:46 +01:00
Hypolite Petovan
686d0b6dbb
Merge pull request #13892 from annando/no-preview-on-sensitive 
Don't display preview images for links, when the post is marked as sensitive
 2024-02-12 22:30:31 -05:00
Michael
e2cbe0983a Don't display preview images for links, when the post is marked as sensitive 2024-02-12 06:01:07 +00:00
Michael
061f43788c Sanitize links before storing them 2024-02-12 05:21:13 +00:00
Michael
fe00a3893d urlencode for tags / fix smiley replacement 2024-02-12 04:46:20 +00:00
Michael Vogel
52825cb4c4
User setting to disable blurring of sensitive pictures (#13883) 2024-02-10 09:50:49 +01:00
Michael
0a6dff0618 Sensitive previews are now blurred 2024-02-06 16:15:58 +00:00
Michael
0153c2a027 Merge remote-tracking branch 'upstream/develop' into issue-13845 2024-02-06 09:47:38 +00:00
Michael
d5bf306884 We now use xonstants 2024-02-06 06:34:16 +00:00
Michael
4cd2fde6f2 Two new search options "media:card" and "media:post" 2024-02-05 22:21:58 +00:00
Michael
c0cd0dc74d "sensitive" added to fierld list 2024-02-05 12:21:57 +00:00
Michael
15df9990da Issue 13845: Support "sensitive" attribute 2024-02-04 21:45:30 +00:00
Michael
fc05daefb5 "media" is added to the search text 2024-02-02 10:46:20 +00:00
Michael
7faa42882b language field renamed to "language" 2024-02-02 07:05:39 +00:00
Michael
fc22a3e83f Unify searchindex table with engagement table 2024-02-01 23:08:53 +00:00
Michael
e60f3e1a99 Channel relay reshares are now private follwers posts 2024-02-01 15:59:04 +00:00
Michael
d29d7c40cd Alternatives are added to the documentation 2024-01-30 11:55:36 +00:00
Michael
1e3cfca58d search term alternatives added 2024-01-30 11:14:41 +00:00
Michael
3fe4991fcf Filter user defined channels by size 2024-01-30 10:05:05 +00:00
Michael
7432e47f7a Fix code standards 2024-01-29 18:07:53 +00:00
Michael
cda1b91b77 Update searchindex on reshare 2024-01-29 12:32:21 +00:00
Michael
7c43b41f0b Searchtext functionality added 2024-01-29 11:02:13 +00:00
Michael
9bd8d974b3 Account type relay / fix missing baseurl for own contacts 2024-01-29 06:28:43 +00:00
Michael
d2702dfe9c Use centralized functions for tag string handling 2024-01-28 06:32:55 +00:00
Michael Vogel
e1381cfc5c
Update src/Model/Post/Counts.php 
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
 2024-01-25 22:16:38 +01:00
Michael
dcb6fa32a1 Fixes "Counts::update(): Argument #3 ($vid) must be of type int, null given" 2024-01-25 13:20:50 +00:00
Michael
7b638617f1 Merge remote-tracking branch 'upstream/develop' into search 2024-01-22 14:09:29 +00:00
Michael
ad6976a407 Changed leftover "getBody" to "getBodyString" 2024-01-22 07:38:05 +00:00
Michael
39e1f2c0fc Code standards 2024-01-21 17:05:18 +00:00
Michael
6389133575 Expiry post search index entries 2024-01-21 16:24:59 +00:00
Michael
919f97c9a0 Postupdate added 2024-01-17 21:10:33 +00:00
Michael
e9f7ea0afa New search keyword "language" 2024-01-17 20:25:49 +00:00
Michael
ee9a68e40c New table "post-searchindex" 2024-01-17 19:46:22 +00:00
Michael
23b247d1c3 Merge remote-tracking branch 'upstream/develop' into channel-relay 2024-01-15 19:41:26 +00:00
Hypolite Petovan
dd534919d7
Merge pull request #13831 from friendica/warning 
Fix warning concerning a missing "created" field
 2024-01-15 14:17:06 -05:00
Michael
f6335590c5 Improve query 2024-01-15 17:00:32 +00:00
Michael
f83f61f7ac "ANY_VALUE" is removed 2024-01-15 16:45:24 +00:00
Hypolite Petovan
a0dec23f2d
Merge pull request #13832 from mexon/console-set-password 
Update use of PasswordExposed API
 2024-01-15 07:43:23 -05:00
Michael
9075d7f37d Constant for undeterminded language 2024-01-15 06:20:49 +00:00
Michael
7a13d8b8ac Merge remote-tracking branch 'upstream/develop' into channel-relay 2024-01-15 06:14:55 +00:00