Marien Fressinaud
|
a2da70fd11
|
Fix security hole from ext.php script.
Now, ext.php can only serve file under a EXTENSIONS_PATH/ext_dir/static/ directory.
A 400 Bad Request error will be returned for other files.
See https://github.com/FreshRSS/FreshRSS/issues/252
And https://github.com/FreshRSS/FreshRSS/commit/f9b037742a0aeb49cab86782d1a59913c2de47b
|
2014-12-05 10:54:44 +01:00 |
|
Marien Fressinaud
|
f9b037742a
|
Update ext.php to serve any file from extensions
Add an extension->getFileUrl() method to facilitate url generation
|
2014-12-04 20:41:01 +01:00 |
|
Alexandre Alapetite
|
5a9b08e084
|
Primitive extension system: minor change
https://github.com/marienfressinaud/FreshRSS/issues/252
|
2014-10-05 12:38:13 +02:00 |
|
Alexandre Alapetite
|
febabccdd5
|
Primitive extension system
https://github.com/marienfressinaud/FreshRSS/issues/252
I have been using this extension system for a little while, in
particular to include custom CSS and/or JavaScript (inclusion of PHP
code is not done yet).
There is very little code and it does not impact performances.
I hurry to post it before
https://github.com/marienfressinaud/FreshRSS/issues/655
|
2014-10-05 12:14:22 +02:00 |
|