mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-06-23 15:40:48 +00:00
Code Issues Projects Releases Wiki Activity
9227 commits 12 branches 99 tags 146 MiB
Commit graph

681 commits

Author SHA1 Message Date
Kevin Decherf 5240684be9 ConfigController: move OTP endpoints to POST method only 
Fixes GHSA-56fm-hfp3-x3w3

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-09-30 00:49:58 +02:00
Jeremy Benoist c6ff0bc691
Remove remaining MOBI stuff 2023-08-23 08:49:56 +02:00
Nicolas Lœuillet b1752b619d Add display article configurator (font family, font size, line height and max width) 2023-08-22 13:02:50 +02:00
Nicolas Lœuillet 741db06447
Merge pull request #6761 from wallabag/add-shaarli-import 
Add Shaarli and Pocket HTML imports
 2023-08-22 10:18:17 +02:00
Nicolas Lœuillet 2af48b8174 Add Shaarli and Pocket HTML imports 2023-08-22 08:02:07 +02:00
Yassine Guedidi 8ef6a14652 Resolve self depreciation 2023-08-22 01:43:00 +02:00
Yassine Guedidi 1ce5164e70 Make testSaveIsArchivedAfterPatch and testSaveIsStarredAfterPatch consistent 2023-08-22 00:03:36 +02:00
Yassine Guedidi a3b64611f8 Fix testSaveIsStarredAfterPatch 2023-08-22 00:03:36 +02:00
Nicolas Lœuillet 981d6a47da
Merge pull request #6793 from wallabag/fix-4414 
Fix search when search term has useless space
 2023-08-21 20:19:16 +02:00
Nicolas Lœuillet 4b338afa40
Merge pull request #6771 from wallabag/add-annotations-in-search 
Add articles which have annotations with search term in results
 2023-08-21 20:19:00 +02:00
Nicolas Lœuillet 1c2190fd68
Merge pull request #6769 from wallabag/add-not-parsed-boolean 
Add `isNotParsed` field on Entry entity
 2023-08-21 20:18:44 +02:00
Nicolas Lœuillet 407dd48ed0
Merge pull request #6767 from wallabag/remove-demo 
Remove (useless) demo mode
 2023-08-21 20:18:18 +02:00
Nicolas Lœuillet 397ad455e6
Merge pull request #6655 from wallabag/add-command-to-update-picture-url 
Add command to clean pictures path when changing instance URL
 2023-08-21 20:17:40 +02:00
Nicolas Lœuillet 88c9df9b80 Add command to clean pictures path when changing instance URL 2023-08-21 13:17:13 +02:00
Nicolas Lœuillet cbcfa69c05 Remove (useless) demo mode 
Fix #6671
 2023-08-21 13:16:56 +02:00
Nicolas Lœuillet 20578f0b8e Add isNotParsed field on Entry entity 
Fix #4350
 2023-08-21 13:16:42 +02:00
Nicolas Lœuillet 18e1106f76 Add articles which have annotations with search term in results 
Fix #3635
 2023-08-21 13:16:36 +02:00
Nicolas Lœuillet 6ff00315d0 Fix search when search term has useless space 2023-08-21 13:16:14 +02:00
Yassine Guedidi 0f17a8cf8a PHPStan level 3 2023-08-21 12:03:38 +02:00
Nicolas Lœuillet ffcc5c9062
Merge pull request from GHSA-gjvc-55fw-v6vq 
Replace GET way to POST way to delete API client
 2023-08-21 11:08:47 +02:00
Nicolas Lœuillet 78b0b55c40
Merge pull request from GHSA-p8gp-899c-jvq9 
Replace GET way to POST way to reset data user
 2023-08-21 11:08:24 +02:00
Nicolas Lœuillet 383dcc5c45
Merge pull request #6119 from Spoons/feat_referer_to_session_redirect 
Fix: Use Session instead of Referrer for Redirection
 2023-08-21 10:32:03 +02:00
Nicolas Lœuillet c3d1f92278 Replace GET way to POST way to delete API client 2023-08-09 21:54:40 +02:00
Nicolas Lœuillet a9893d754f Replace GET way to POST way to reset data user 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-08-09 21:39:03 +02:00
Kevin Decherf 0ccbd653fa
Merge pull request #6812 from yguedidi/make-crawler-extract-get-an-array 
Make Crawler::extract get an array
 2023-08-09 11:03:03 +02:00
Kevin Decherf 815158fefa
Merge pull request #6813 from yguedidi/replace-client-by-kernelbrowser 
Replace Client by KernelBrowser
 2023-08-08 23:36:06 +02:00
Kevin Decherf 807d473564
Merge pull request #6811 from yguedidi/replace-getresponseevent-by-requestevent 
Replace GetResponseEvent by RequestEvent
 2023-08-08 16:53:18 +02:00
Yassine Guedidi ec33ec14e5 Replace Client by KernelBrowser 2023-08-08 02:55:35 +01:00
Yassine Guedidi 093003d9af Make Crawler::extract get an array 2023-08-07 22:51:18 +01:00
Yassine Guedidi 58a0ca2622 Replace GetResponseEvent by RequestEvent 2023-08-07 22:34:47 +01:00
Michael Ciociola ced2ea4015
Merge branch 'master' into feat_referer_to_session_redirect 2023-08-06 20:14:44 +00:00
Yassine Guedidi 7d78e2ae06 Ensure the kernel is shut down before calling createClient 2023-08-06 13:48:53 +01:00
Nicolas Lœuillet 5fe5551972 Fix failing randomly test 2023-07-27 07:55:42 +02:00
Nicolas Lœuillet c75d3e6961 Remove twofactor_auth parameter 
Fix #6649
 2023-07-15 16:18:01 +02:00
Nicolas Lœuillet 6639f7da6d Fix export for same domain entries 2023-06-29 19:59:08 +02:00
Nicolas Lœuillet 28db6c22eb
Fix duplicate tags creation when assigning search results to tag 
Fixes #6330
 2023-06-17 15:19:59 +02:00
Nicolas Lœuillet 7eddea6ff7
Added test 2023-06-16 14:27:27 +02:00
Nicolas Lœuillet 19322142c3
Fixed testsuite 2023-06-16 14:27:26 +02:00
Simounet e5b72f3123
Fix Stylelint errors 2023-06-12 18:15:38 +02:00
Jérémy Benoist bea10aacbe
Merge pull request #6562 from Simounet/fix/downloadimages-redirect-following 
Fix DownloadImages not following redirections
 2023-05-31 15:04:02 +02:00
Simounet 548b610a17
Fix images downloading with numeric HTML entity 2023-05-30 13:38:50 +02:00
Simounet 2f944aa74a
Fix DownloadImages not following redirections 2023-05-30 12:41:00 +02:00
Jeremy Benoist 66b7bdd07c
Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Casper Meijn 5a5148707c Fix API allowed_registration 
Two configuration options need to be enabled to allow user registration via the API:
1) fosuser_registration, which indicates whether registration is allowed at all (frontend and API)
2) api_user_registration, which indicates whether registration is allowed via the API
 2023-03-28 20:12:55 +02:00
Jeremy Benoist a237414f9c
Skip test because of encoding issue in PHP 8.1 2023-03-24 22:57:11 +01:00
Jeremy Benoist f1b3d5cdd7
Fix CSRF on user deletion 2023-02-07 21:41:52 +01:00
Jeremy Benoist b795622f06
Prepare 2.5.3 2023-02-01 09:51:02 +01:00
Jérémy Benoist 5ac6b6bff9
Merge pull request from GHSA-mrqx-mjc4-vfh3 
AnnotationController: fix improper authorization vulnerability
 2023-02-01 09:32:22 +01:00
Kevin Decherf 3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Kevin Decherf 0fdd9aa991 ExportController: fix improper authorization vulnerability 
We fix the improper authorization by duplicating the check done by
the private method EntryController::checkUserAction().

We also replace the ParamConverter used to get the requested Entry with
an explicit call to EntryRepository in order to prevent a resource
enumeration through response discrepancy. Thus, we get the same
exception whether the requested resource does not exist or is not owned
by the requester.

Fixes GHSA-qwx8-mxxx-mg96

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-20 15:09:38 +01:00
Jeremy Benoist ea189503de
Fix tests 2023-01-16 10:21:37 +01:00
Kevin Decherf 2f2cfa2c2a Add prefix for tag slugs 
This should be considered as a temporary fix, we may deprecate tag
slugs in the future.

Fixes #6048

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-11 23:20:13 +01:00
Jeremy Benoist 6aca334d53
Move to controller as a service 
Mostly using autowiring to inject deps.
The only tricky part was for import because all producer use the same class and have a different alias. So we must write them down in the service definition, autowiring doesn't work in that case.

Usually:
- if a controller has a constructor, it means injected services are at least re-used once in actions
- otherwise, service are injected per action
 2022-12-19 10:38:08 +01:00
Jeremy Benoist b3099f68c5
Update all Doctrine deps 
Also update these deps to be compatible with latest Doctrine version:
- `friendsofsymfony/oauth-server-bundle`
- `lexik/form-filter-bundle`
- `dama/doctrine-test-bundle`
 2022-12-16 10:29:42 +01:00
Jeremy Benoist 32661f380c
Replace SwiftMailer by Symfony Mailer 2022-12-16 10:03:34 +01:00
Jeremy Benoist d47c208743
Fix EventDispatcer & events 
Looks like parameter for the `->dispatch(` have been flipped (event first then event name).
Define events should now extends `Symfony\Contracts\EventDispatcher\Event`
 2022-12-15 21:47:31 +01:00
Jeremy Benoist 33267f0736
Update to FOSUserBundle 3.1 
Also remove some deprecation from Symfony.
Use `LegacyEventDispatcherProxy` to handle Symfony 4 dispatch from FOSUser
 2022-12-14 09:42:17 +01:00
Jeremy Benoist de5b138a59
Fix CS 2022-12-13 10:26:51 +01:00
Michael fbccae8a79 fix: update remove tag test to accept root relative urls 2022-12-10 11:52:18 -06:00
Jeremy Benoist e79f5c7a21
Skip MySQL test 2022-11-29 18:01:46 -08:00
Jeremy Benoist dd2f2fe340
Fix pt_BR test 2022-11-29 18:01:46 -08:00
Jeremy Benoist aa5c7f05b8
Upgrade to Symfony 4.4 
- disable autowiring for Event (because the Entry entity was injected)
- rename `getClient()` for test to `getTestClient()` to avoid error while overriding (from `BrowserKitAssertionsTrait`)
 2022-11-29 18:01:46 -08:00
Jeremy Benoist b7dba18cb2
Cleanup 2022-11-23 15:51:33 +01:00
Yassine Guedidi af6363bbbd
Fix missing call to parent setUp 2022-11-23 15:25:11 +01:00
Jeremy Benoist 1d3935fbd3
Remove LiipThemeBundle 
As baggy theme was removed and material is the only remaining theme, we don't need a theme switched anymore.
So:
- move all `*.twig` files from the material theme folder to the root
- remove useless translations
 2022-11-23 14:52:06 +01:00
Jeremy Benoist 8d3fcd4635
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-11-03 10:30:17 +01:00
Nicolas Lœuillet 680da52ea8 Fixed tests 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet 594c609a54 Fixed edit button for tagging rules 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet aedaa50887 Fixed tests 2022-11-03 09:55:24 +01:00
Nicolas Lœuillet 29308024ac Removed old, not so maintained and buggy baggy theme 2022-11-03 09:55:20 +01:00
Yassine Guedidi e32794e9d6 Remove useless command input parameter 2022-10-18 15:19:07 +02:00
Yassine Guedidi 17497275b2 Use find for remaining useless addition 2022-10-18 15:19:07 +02:00
Yassine Guedidi 6915a92047 Remove useless command addition 2022-10-18 15:19:07 +02:00
Yassine Guedidi 8f20df6559 Remove InstallCommandMock 2022-10-18 15:19:07 +02:00
Jeremy Benoist dc28d7ea0f
Add support to download SVG locally 2022-10-18 11:14:45 +02:00
Jeremy Benoist c372d68cc1
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-10-18 11:11:02 +02:00
Jeremy Benoist d4b0b62bb5
Fix unrelated failing test 
LExpansion is down ATM.
Use a website which isn't down randomly.
 2022-10-17 21:49:03 +02:00
Jeremy Benoist 7b150dcd26
Add tests 2022-10-17 21:37:08 +02:00
Jeremy Benoist 53574f05d5
Fix random failing tests 
Looks like `20minutos.es` sometimes does not return the expected language.
Switching to `elpais.com` fix the problem.
 2022-10-10 09:15:26 +02:00
JT Smith 6da76ffaae Typofixes 2022-10-03 18:31:43 -06:00
Jeremy Benoist 812b4a906f
Add nbEntries to the API tags list response 
So client will be able to do the same as in the web UI.

Also remove empty `div` from the tags template.
 2022-09-23 15:16:38 +02:00
Yassine Guedidi 98af2e25f2 Use ::class notation where possible 2022-09-01 20:54:56 +02:00
Yassine Guedidi d1d56fbe25 Import used classes 2022-09-01 19:21:45 +02:00
Yassine Guedidi eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi 156158673f Alias Config entity to ConfigEntity to not conflict with Craue Config 2022-09-01 09:07:18 +02:00
Yassine Guedidi 51884911f5 Pass logger in constructor for importers 2022-08-31 02:05:29 +02:00
Yassine Guedidi 791b674cdc Migrate remaining places 2022-08-26 17:47:46 +02:00
Yassine Guedidi 1c880883e2 Migrate ParamConverter class parameter 2022-08-26 17:47:46 +02:00
Yassine Guedidi 8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Yassine Guedidi 9549a90e76 Migrate first level template references to new notation 2022-08-25 21:09:26 +02:00
Yassine Guedidi a5f22ff835 Use FQCN as service name for Predis client 2022-08-24 23:24:25 +02:00
Yassine Guedidi 0f9c359476 Use FQCN as service name for repositories 2022-08-24 23:24:25 +02:00
Yassine Guedidi 844e8e9d22 Use FQCN as service name for helper services 2022-08-24 23:24:24 +02:00
Yassine Guedidi b7aaceeaad Use FQCN as service name for ImportChain 2022-08-24 23:24:24 +02:00
Yassine Guedidi a7addd3c13 Use FQCN as service name for Import services 2022-08-24 23:24:24 +02:00
Jeremy Benoist 131f21883d
Merge remote-tracking branch 'origin/master' into 2.6.0 2022-08-23 08:43:46 +02:00
Jérémy Benoist 2f1f6e9c51
Merge pull request #5838 from wallabag/feat/mass-action-tag 
Add support of mass action to tag entries
 2022-08-22 20:56:04 +02:00
Jeremy Benoist cd4105bbe9
Fix tests 2022-08-22 19:57:57 +02:00
Yassine Guedidi c15a3e5340 Fix DateTime case 2022-07-31 22:01:23 +01:00
Kevin Decherf 08eb190c95 Add support of mass action to tag entries 
Closes #3118

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2022-06-29 15:48:41 +02:00