Commit Graph

77 Commits

Author SHA1 Message Date
d507c507e4 handlersearch: Allow all characters by escaping FTS
Escape FTS queries by simply treating everything as string.
Though this way a user cannot use operators, it's an improvement
over how it was done before.

Closes: #7
2021-03-25 21:44:02 +01:00
2aa11fc2b2 HandlerPageView: Add misisng check whether passed revision is most recent 2021-03-16 21:05:59 +01:00
e4562809a0 handlerpageedit: Retain comment when clicking preview 2021-03-08 11:37:45 +01:00
00392e2469 Parser: Add category to tagfinder to replace it with an empty str 2021-03-02 23:36:19 +01:00
dac07d23a9 HandlerPageView: Use revision from db, not query param, as template value.
Not a vulnerability, but more correct this way.
2021-01-29 16:46:13 +01:00
0c66fdf70d Handler: queryOption: Take default sort order param. History: default descending 2020-12-31 16:15:36 +01:00
b9ff4068bd Handler: QueryOptions: Change default to more natural ascending sort 2020-12-29 23:36:07 +01:00
821d799e3e submodules: sync each with latest repo HEAD 2020-11-20 15:53:16 +01:00
a6c08a3447 Parser: reformat and remove dead code 2020-11-15 20:27:48 +01:00
cd7e99bf30 template/quitesimple: insert missing space 2020-10-12 22:13:32 +02:00
bc24035f4d submodule/cpp-httplib: update to current release 2020-09-26 17:28:57 +02:00
75f76f58eb sandbox: First version using qssb.h 2020-09-26 17:13:29 +02:00
5abaaf67d0 HandlerPageView: Prevent viewing older revisions if not allowed 2020-09-21 21:44:26 +02:00
d974d4bfb6 Update git submodules 2020-09-06 12:19:12 +02:00
721348268a template/quitesimple: footer: Don't show login and edit time in portrait mode 2020-08-23 22:03:21 +02:00
de240786c7 Update README.md: Document build with git submodules 2020-08-23 17:38:06 +02:00
192c533f1f handlerlogin: Fix typo in error message 2020-08-23 17:29:33 +02:00
84b55f6e96 gitmodules: update qssb.h repo location 2020-08-23 17:20:25 +02:00
09ac87736d utils: localtime is not threadsafe, use localtime_r 2020-04-20 16:29:34 +02:00
3b2578b7f9 utils: simplify/optimize escaping 2020-04-19 22:45:51 +02:00
e435e84bfa random: cleanup, assume getrandom libc wrapper exists 2020-04-19 17:03:06 +02:00
f73dd3b295 Makefile: remove redundancies 2020-04-19 17:03:06 +02:00
c507c200a6 add qssb.h submodule 2020-04-19 17:03:06 +02:00
b53aeadb8e don't link with boost anymore as regex is handled by std now 2020-04-19 17:02:21 +02:00
8595978560 get header-only library dependencies using git submodules 2020-03-18 22:21:03 +01:00
5df89f0491 replace boost regex with std 2020-03-18 22:00:15 +01:00
71bfa56e3b template: remove some unnecessary newlines 2019-10-31 21:43:57 +01:00
0a2a943e5b Permissions: Fix missing initialization with 0 in some cases 2019-10-02 23:36:35 +02:00
0f6d1abbd5 remove spaces etc. at end of line (no functional change) 2019-10-02 22:06:19 +02:00
559baf65da remove straying tabs on line end (no functional change) 2019-10-02 21:53:32 +02:00
1c646fa165 make html <title></title> configurable 2019-10-02 21:40:58 +02:00
7fc9c090ed sync dependencies with upstream 2019-09-30 20:20:41 +02:00
d9de46354e Handlers: set page title 2019-09-29 21:34:53 +02:00
ec10c764d5 RequestWorker: take unique ptr (fixes regression) 2019-09-29 21:34:21 +02:00
8364ace683 Introduce proper HandlerFactory and reduce dependencies of RequestWorker 2019-09-29 20:57:46 +02:00
0ccc20454b Introducing HandlerConfig class to give handlers config values they need 2019-09-29 20:27:53 +02:00
364d82a99f Begin removing several dependencies on Config object 2019-09-29 17:12:36 +02:00
327c0793d1 template: move js session refresh to single file ; use fetch API 2019-08-26 21:21:47 +02:00
5c3dc9982f remove outdated, unmaintained template 'default' 2019-08-26 21:03:43 +02:00
15c5b66800 page view: fix messed up ul close tags 2019-08-26 20:51:59 +02:00
2d0bd713e5 sandbox-linux: call seccomp_release, remove unnecessary iteration 2019-08-21 20:14:44 +02:00
1e150144e6 sandboxing: check whether debian specific patch disables user namespaces for unpriv users 2019-08-12 09:06:32 +02:00
e14aa99a4b sandbox: paths must be bind mounted in order of their length 2019-08-11 21:03:50 +02:00
f83c705230 Begin sandboxing support, README updates. 2019-08-11 20:10:38 +02:00
d7db1fbe39 handlerlogin: use std::atomic for counter and lockguard in ban check 2019-05-12 21:26:10 +02:00
93aea9ed7b httpgateway: set new max payload length config value 2019-05-04 00:02:17 +02:00
8fe7e98aaa sync httplib.h with its current master, but replace std::regex with boost:regex again 2019-05-03 23:34:15 +02:00
b751e0ba92 Fixed: inverted boolean in check for enabled anon user 2019-05-03 23:26:08 +02:00
611ef12ca6 permissionsdao: no silent fallback to user-permissions if we find none for user 2019-05-03 16:00:36 +02:00
7630301168 handlers: permisison check for all pages + retrieve user-specific permissions for pages (if any) 2019-05-03 15:59:29 +02:00