stian/gallery3
1
0
Fork 0
mirror of https://github.com/Pathduck/gallery3.git synced 2026-06-06 11:39:12 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,660 Commits 4 Branches 0 Tags
ecc0d89cd4c7e8f0b0ba42588d3ee24062fdb1d2
Commit Graph

1958 Commits

Author SHA1 Message Date
Bharat Mediratta
ecc0d89cd4 Fix up incorrectly applied html::mark_clean(). Resolves #698, thanks fperwth! 2009-09-01 20:34:19 -07:00
Bharat Mediratta
b14b9e0d7b Allow anything to be made an album cover, except for direct children 
of the root album (which has no visible album cover, so no point in
offering that option).  This fully resolves #705.
 2009-09-01 20:23:44 -07:00
Bharat Mediratta
2ec11c5c4d Merge branch 'master' of git@github.com:gallery/gallery3 2009-09-01 20:17:57 -07:00
Bharat Mediratta
03c5c11775 Allow the RSS feed page size to be customizeable, up to 100 items (to 
mitigate DoS attacks).

Have PicLens request a 100-item page to mitigate the bug where it
refuses to load the 2nd page.

Mitigates #23.
 2009-09-01 20:13:23 -07:00
Andy Staudacher
95ea310aff Remove unused l10n message 2009-09-01 14:39:08 -07:00
Andy Staudacher
1d30691452 Add missing mark_clean() for t() calls with %attr parameter. 2009-09-01 12:14:23 -07:00
Andy Staudacher
b50d7f0d69 Fix bug #522 - Handle "save settings" correctly in the "share translations" form. 2009-09-01 11:11:22 -07:00
Andy Staudacher
295fc0c14c Merge commit 'upstream/master' 2009-09-01 01:30:45 -07:00
Andy Staudacher
fe37483aca Update XSS scanner golden file 2009-09-01 01:29:42 -07:00
Andy Staudacher
53711225ac XSS / style fixes for newly detected issues (after fixing XSS scanner) 2009-09-01 01:28:52 -07:00
Andy Staudacher
94c201f265 XSS escape in form helper and forge where missing. 2009-09-01 01:17:39 -07:00
Andy Staudacher
ff1979e12e Fix XSS in tags JS 2009-09-01 01:12:02 -07:00
Andy Staudacher
d2cea7905e Remove debugging code 2009-09-01 00:53:17 -07:00
Andy Staudacher
c0d4937e43 Fix bug in XSS scanner for <script> block @ position 0 of inline_html 2009-09-01 00:52:21 -07:00
Bharat Mediratta
dfb2e3dd02 Add an icon to the context menu option. 2009-08-31 23:27:46 -07:00
Chad Kieffer
39ca803af7 Set CSS cursor to hand for jQuery UI ui-state-hover elements. Fixes all but progress bar cursor. #669 2009-08-31 23:51:27 -06:00
Chad Kieffer
7331e2e77c Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 23:16:35 -06:00
Chad Kieffer
19e49bea06 Don't include Make this the album's cover in context menu's for albums. #705 2009-08-31 23:07:17 -06:00
Andy Staudacher
285e2b9cbe Update XSS test golden file 2009-08-31 21:57:15 -07:00
Chad Kieffer
7b2c03c2b9 Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 22:56:11 -06:00
Andy Staudacher
5ca13fe5e8 Merge commit 'upstream/master' 2009-08-31 21:53:17 -07:00
Andy Staudacher
2bc73e2e36 Fix XSS vectors in HTML attributes (mostly t() calls) 2009-08-31 21:51:57 -07:00
Chad Kieffer
559f9a4b9d Add icons to context menu for albums. I'm open to other options, if folks think there's something better in the jQuery UI themeroller set. 2009-08-31 22:51:36 -06:00
Andy Staudacher
8c3a2db380 Fix typo in description 2009-08-31 21:28:37 -07:00
Andy Staudacher
50c8b96405 Add XSS check for HTML attributes 2009-08-31 21:17:35 -07:00
Bharat Mediratta
81073aeb5b Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-31 21:11:57 -07:00
Bharat Mediratta
c887170555 Stay on the same page when editing albums/movies/photos. Fixes ticket 2009-08-31 21:10:22 -07:00
Bharat Mediratta
0513713fde Add 'organize album' to the context menu. 2009-08-31 21:05:21 -07:00
Andy Staudacher
48050aca41 Add XSS check to ensure that html::js_string() is not preceded by a quote. 2009-08-31 19:53:53 -07:00
Andy Staudacher
8312eb116e XSS review fixes (mostly adding missing html::mark_clean()) calls. 2009-08-31 02:12:01 -07:00
Andy Staudacher
26f6d8192f Adding XSS test for href="javascript: and onclick="..." 2009-08-31 01:11:50 -07:00
Andy Staudacher
ddb84c84e1 Rename mark_safe() to mark_clean() 2009-08-31 00:42:18 -07:00
Andy Staudacher
6d26b0dd6e Merge commit 'upstream/master' 2009-08-31 00:32:41 -07:00
Andy Staudacher
2bf9b8ee55 Fix double -> single quotes (::js_string returns a double-quotes delimited string) 2009-08-30 23:11:13 -07:00
Andy Staudacher
afb0111fe6 Updating golden XSS-test data file 2009-08-30 21:36:14 -07:00
Andy Staudacher
bd52a85f98 (mostly harmless) XSS fix in server add 2009-08-30 21:34:55 -07:00
Andy Staudacher
fc294c2777 XSS fixes in admin_comments.html.php 2009-08-30 21:26:23 -07:00
Andy Staudacher
0a0c7a78e6 Check for href="<?= $foo ?>" (malicious "javascript:..." string) 2009-08-30 21:25:21 -07:00
Andy Staudacher
3aef420d48 Updating XSS golden file 2009-08-30 18:37:01 -07:00
Andy Staudacher
e7f5e0a9a3 Merge commit 'upstream/master' 
Conflicts:

	modules/gallery/views/l10n_client.html.php
	modules/organize/views/organize_tree.html.php
	modules/server_add/helpers/server_add_event.php
 2009-08-30 18:27:40 -07:00
Andy Staudacher
df38a890a6 Tabs to spaces cleanup 2009-08-30 18:07:13 -07:00
Chad Kieffer
80ae2fe4bf Finish this pass at the Admin Maintenance view. Re-introduce status icons, put Cancel All, Delete All buttons in the action heading cell. 2009-08-30 23:51:31 -06:00
Bharat Mediratta
1747335bde Merge branch 'master' of git@github.com:/gallery/gallery3 2009-08-30 17:13:59 -07:00
Chad Kieffer
ce733e0f48 Merge branch 'master' of git@github.com:gallery/gallery3 2009-08-30 22:33:12 -06:00
Chad Kieffer
93b542ccd8 Apply hover effect to buttons in progress indicator dialog. 2009-08-30 22:32:23 -06:00
Bharat Mediratta
c10b5cc69c Minor refactoring. 2009-08-30 17:00:33 -07:00
Bharat Mediratta
7015948357 Merge branch 'master' of git@github.com:/gallery/gallery3 2009-08-30 16:20:52 -07:00
Bharat Mediratta
74e204b557 Don't mark colors !important. 2009-08-30 16:17:53 -07:00
Bharat Mediratta
0dba5857fa Make comments consistent. 2009-08-30 16:16:39 -07:00
Bharat Mediratta
4593297533 Remove extra padding line 2009-08-30 16:15:54 -07:00