|
|
e90b9cc9c4
|
Release new version 1.24.1
|
2020-10-17 12:53:00 +02:00 |
|
|
|
ede3d7938d
|
Add language meta info and minor restructuring of code
|
2020-10-17 11:58:39 +02:00 |
|
|
|
c3e316d412
|
Various minor optimizations
|
2020-10-15 20:46:04 +02:00 |
|
|
|
919876480d
|
Merge pull request #81 from cypherbits/remove-request-use
For dangerous and only-POST routes check if it is POST request.
|
2020-10-15 17:13:48 +02:00 |
|
|
|
c71e17103f
|
Fix chrome flashing white on frame reload
|
2020-10-15 09:43:06 +02:00 |
|
|
|
8d84e45c3c
|
Add promise not to use any features
|
2020-10-15 09:42:29 +02:00 |
|
|
|
d37fc14483
|
Updated copyright
|
2020-10-15 08:26:47 +02:00 |
|
|
|
815d9f203e
|
Improved CSP rules
|
2020-10-14 13:38:30 +02:00 |
|
|
|
cca830d9db
|
Fixed syntax error
|
2020-09-20 21:50:37 +02:00 |
|
|
|
de04614155
|
Merge pull request #77 from cypherbits/work1
Little fixes
|
2020-09-15 20:59:20 +02:00 |
|
|
|
025709508b
|
Fix guest room bypass #73
|
2020-09-15 19:37:45 +02:00 |
|
|
|
34fce5f7ab
|
Merge pull request #75 from cypherbits/master
Fix link filters, image embeds, and redirects.
|
2020-09-15 18:57:01 +02:00 |
|
|
|
b7ff7c9eb7
|
For dangerous and only-POST routes check if it is POST request.
|
2020-08-05 19:15:37 +02:00 |
|
|
|
b1c7242752
|
Little fixes
|
2020-08-02 17:54:47 +02:00 |
|
|
|
51fb54e0aa
|
Oops...
|
2020-08-01 22:40:42 +02:00 |
|
|
|
e5e3b478dc
|
Fix link filters, image embeds, and redirects.
|
2020-08-01 21:14:39 +02:00 |
|
|
|
463d66e11e
|
Include Turikish translation
|
2020-08-01 20:48:57 +02:00 |
|
|
|
cc6d36e7ce
|
Merge pull request #66 from cypherbits/php-version-check
If encryption is enabled, check the PHP version is at least 7.2
|
2020-06-11 10:39:14 +02:00 |
|
|
|
972f1a62c1
|
Fix indentation in chat.php
|
2020-05-17 14:14:44 +02:00 |
|
|
|
9ab4622b67
|
If encryption is enabled, check the PHP version is at least 7.2
|
2020-05-11 18:24:25 +02:00 |
|
|
|
43a6adfa1c
|
Fix undefined index notice
|
2020-05-07 21:47:49 +02:00 |
|
|
|
035cfa6aa4
|
Harden all cookies
|
2020-05-07 20:50:20 +02:00 |
|
|
|
e9a1d61027
|
Allow data URI for img and media in CSP
|
2020-05-07 20:38:17 +02:00 |
|
|
|
a4d2484e24
|
Merge pull request #63 from cypherbits/fix-security-header
Fix Content-Security-Policy header.
|
2020-05-07 20:29:27 +02:00 |
|
|
|
ac46e658bd
|
Merge pull request #64 from cypherbits/faster-encryption-load
If admin defined keys with the right length, do not compute the keys.
|
2020-05-07 20:28:35 +02:00 |
|
|
|
5aeca202ca
|
fix
|
2020-05-03 17:41:56 +02:00 |
|
|
|
c2cd0258f1
|
If admin defined keys with the right length, do not compute the keys.
|
2020-05-03 15:18:41 +02:00 |
|
|
|
0f97ddd573
|
Fix Content-Security-Policy header.
|
2020-05-03 15:08:30 +02:00 |
|
|
|
81b8b78df0
|
Fix XSS in session variables.
|
2020-05-03 11:13:52 +02:00 |
|
|
|
581aede13f
|
Session cookies security hardening.
|
2020-05-02 21:53:19 +02:00 |
|
|
|
e149c9f97d
|
Fix reflected XSS vulnerability
|
2020-05-02 19:42:34 +02:00 |
|
|
|
1887d42a78
|
Merge pull request #58 from cypherbits/new-encryption
New generation AES256-GCM encryption by libsodium. PHP >= 7.2 needed
|
2020-05-02 18:32:50 +02:00 |
|
|
|
95fd504249
|
Merge pull request #60 from cypherbits/header_security
Add more security headers
|
2020-05-02 18:28:44 +02:00 |
|
|
|
c728d6d447
|
Merge pull request #59 from cypherbits/link_privacy
Add chat link privacy with noreferrer and noopener
|
2020-05-02 18:27:57 +02:00 |
|
|
|
95c1faf1d9
|
Correctly calculate frameset hight for non-upload enabled users
|
2020-05-02 18:23:35 +02:00 |
|
|
|
c5e55e8bc0
|
add more security headers
|
2020-05-02 18:11:35 +02:00 |
|
|
|
1cdf6cbf55
|
add chat link privacy with noreferrer and noopener
|
2020-05-02 17:25:09 +02:00 |
|
|
|
7adf9732ef
|
fix...
|
2020-05-02 13:53:17 +02:00 |
|
|
|
f0659466c1
|
openssl to libsodium
|
2020-05-02 13:30:29 +02:00 |
|
|
|
0963acafcf
|
New generation AES256-GCM encryption by libsodium. PHP >= 7.3 needed.
|
2020-05-02 12:16:36 +02:00 |
|
|
|
03f9a86515
|
Allow making file upload member-only and added required tag to captcha input
|
2020-02-29 14:26:48 +01:00 |
|
|
|
cfd54b09be
|
Add filtermodkick setting to db if missing
|
2019-02-24 13:17:01 +01:00 |
|
|
|
16b81337b1
|
Merge pull request #52 from virtualghetto/filtermodkick-fix
fix filtermodkick setting
|
2019-02-24 13:08:47 +01:00 |
|
|
|
2cd5d18511
|
Merge pull request #50 from virtualghetto/next-gen-hotlink
Next-Gen Onion Hotlink
|
2019-02-24 13:02:41 +01:00 |
|
|
|
5589999b0f
|
fix filtermodkick setting
filtermodkick should be defined in the settings array instead of reg.
|
2019-02-16 18:42:56 +00:00 |
|
|
|
4d0b828879
|
Restore encrypted notes
send_backup() decrypts the notes if MSGENCRYPTED is enabled.
So, re-encrypt the notes on restore.
|
2019-02-03 15:45:18 +00:00 |
|
|
|
268328f82c
|
Next-Gen Onion Hotlink
|
2018-11-07 15:50:51 +00:00 |
|
|
|
a63901fc76
|
Fix php notice + update copyright year
|
2018-04-22 15:02:09 +02:00 |
|
|
|
36a8727d2f
|
Added Czech translation
|
2018-04-15 12:30:36 +02:00 |
|
|
|
5cfe783649
|
Better check whether messaging is really allowed when validating new messages
|
2017-10-05 20:40:26 +02:00 |
|
