Commit graph

302 commits

Author SHA1 Message Date
Hypolite Petovan 93823ecef5 Move HTML purification to own method in Content\Text\HTML 2021-03-14 14:19:33 -04:00
Hypolite Petovan e1f8e10fe7 Increase video tag regular expression specificity to decrease backtrack in BBCode::convert 2021-03-13 09:06:52 -05:00
Hypolite Petovan a6423031eb
Merge pull request #9963 from mexon/mat/support-cid-scheme
Support cid URLs as used in mailstream plugin
2021-02-27 12:11:15 -05:00
Matthew Exon 4a16d8e06f Support cid URLs as used in mailstream plugin 2021-02-27 16:54:52 +00:00
Hypolite Petovan dc8ecbeb24 Add new Content\Text\BBCode::embedURL method 2021-02-18 09:06:13 -05:00
Hypolite Petovan 7653bc00df Try OEmbed first for [audio] and [video] tags 2021-02-09 23:20:28 -05:00
Hypolite Petovan e2c38f1347 Prevent hashtag parsing and replacement in image alternative text 2021-01-22 17:45:28 -05:00
Hypolite Petovan 35213630e8 Remove strictly numeric tags exception
- It prevented to use year number hashtags for no clear benefit
2021-01-20 08:10:20 -05:00
Hypolite Petovan fff565a80b Prevent alt text of emoji image tags to be converted to smilies in BBCode::convert 2020-12-30 22:23:58 -05:00
Hypolite Petovan 4b1180ec8b Restore autolink in share block content in BBCode::convertShare 2020-12-21 22:46:29 -05:00
Hypolite Petovan bcd61c8372
Merge branch '2020.12-rc' into bug/9656-purify-video-embed 2020-12-18 14:47:24 -05:00
Hypolite Petovan 95f099d26c Restore Mastodon emoji span classes
- Fix typo in replacement of [class] tag
2020-12-18 11:08:03 -05:00
Hypolite Petovan 20d9dcf7ac Bump BBCode version to 2020-12-18 2020-12-18 10:32:36 -05:00
Hypolite Petovan 0781f28ca6 Allow support for allowlisted iframe sources in Content\text\BBCode::convert
- Support Youtube, Vimeo and unused local embeds
2020-12-18 10:32:36 -05:00
Hypolite Petovan ec0c9dcdb1 Remove support for [iframe] BBCode
- It was a huge gaping security hole, and now HTML Purify will remove the src attribute of all non-allowed sources anyway.
2020-12-18 10:32:36 -05:00
Hypolite Petovan e6270bc46d Enable back references in reg exp in BBCode::convert
- Bump BBCode version
2020-12-06 08:57:06 -05:00
Hypolite Petovan f141f5acf4 Prevents share block new lines from being converted to HTML <br> tags
- Address https://github.com/friendica/friendica/pull/9621#issuecomment-739333767
2020-12-05 19:55:16 -05:00
Hypolite Petovan e712706302 Add BBCode versioning
- This will trigger the re-conversion of displayed items on version update
2020-12-04 07:29:49 -05:00
Hypolite Petovan a0f6d678c4 Add HTML Purify to BBCode::convert
- Replace previous HTML cleanup using DOMDocument
- Remove obsolete HTML::sanitizeCSS method
- Use Strings::autoLinkRegEx for PageInfo::getRelevantUrlFromBody
- Update previous tests expectations
- Add new specific XSS tests
2020-12-04 07:29:48 -05:00
Hypolite Petovan dbb33399bc Prevent image descriptions from being replaced by local smilies
- AP-received emojis have their code in the image description
2020-11-15 00:12:26 -05:00
Hypolite Petovan edd439cfab Simplify code in Content\Text\BBCode::convert
- Use performWithEscapedTags instead of custom solution
2020-11-08 23:25:46 -05:00
Michael 498dda7999 Fix parser issues when a video is linked without a matching extension 2020-11-08 09:24:01 +00:00
Michael a012234d82 Publish the provider fields in the API 2020-10-26 19:40:09 +00:00
Philipp Holzer a6fc9cd32e
Remove $binary flag for HTTPRequest::get(), HTTPRequest::fetch(), HTTPRequest::fetchAll() (deprecated since PHP 5.1.3) 2020-10-18 20:56:31 +02:00
Philipp Holzer 0449077126
Revert "Fix IHTTPResult::getHeader() - Now returns a string array, like expected - Fix usages - Fix dataset"
This reverts commit 80bd0a4d
2020-10-11 23:25:40 +02:00
Philipp Holzer 80bd0a4d5a
Fix IHTTPResult::getHeader()
- Now returns a string array, like expected
- Fix usages
- Fix dataset
2020-10-10 23:11:30 +02:00
Michael Vogel 20652870b6
Update src/Content/Text/BBCode.php
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
2020-10-06 04:55:28 +02:00
Michael Vogel 397f239abb
Apply suggestions from code review
Co-authored-by: Hypolite Petovan <hypolite@mrpetovan.com>
2020-10-05 17:40:06 +02:00
Michael 16224a7001 Improve plaintext generation for language detection 2020-10-05 12:50:18 +00:00
Michael 38ed5c943d Avoid probing non existing profiles 2020-08-19 05:24:53 +00:00
Hypolite Petovan afb882048e Generate callstack value from inside Profiler::saveTimestamp
- Save a massive amount of time computing callstacks when profiling is disabled
2020-07-27 02:33:05 -04:00
nupplaPhil 657d08f09f Rename "fetchUrl" and "fetchUrlFull" to "fetch" and "fetchFull" 2020-07-21 03:15:53 -04:00
nupplaPhil 7029012f27 Rename "HTTPRequest::curl()" to HTTPRequest::get() 2020-07-21 03:14:01 -04:00
nupplaPhil 57587efe58 Move "getUserAgent()" to "HTTPRequest" class 2020-07-21 03:04:58 -04:00
nupplaPhil 1aa07f87a4 Make "HTTPRequest::fetchUrl" dynamic 2020-07-21 03:04:58 -04:00
nupplaPhil 5344efef71 Move post/curl/fetchUrl/fetchUrlFull to own class "Network\HTTPRequest" 2020-07-21 02:56:10 -04:00
Michael fc0312451d Changed parameter order for getByURL 2020-07-15 17:06:48 +00:00
Michael d9c6a46ffe Replaced "getDetailsByURL" with "getByURL/getByURLForUser" 2020-07-15 04:42:04 +00:00
Michael 52bb1ff0f1 Some more replaced logger 2020-06-28 17:35:56 +00:00
Michael Vogel f611c99ad7 Improve render speed by not probing for unknown contacts 2020-06-28 15:57:33 +02:00
Michael Vogel 7fd2c00171
Merge pull request #8792 from MrPetovan/task/share-block-guid
[frio] Add local post link to share block when guid attribute is present
2020-06-23 21:26:07 +02:00
Hypolite Petovan faeffff8a3 [pre] blocks now preserve spaces
- Added test case
- Added English documentation
2020-06-23 07:53:18 -04:00
Hypolite Petovan 251a3791dd Keep spaces after non-tags in Content\BBCode::convert
- Added test case
2020-06-23 07:52:38 -04:00
Hypolite Petovan d2aa68106b Make guid attribute available to convertShare callback 2020-06-21 09:45:00 -04:00
Hypolite Petovan 912ff069c0 Update getShareOpeningTag::getShareOpeningTag method signature
- Optional parameter $guid is now at the end
- Always provided parameter $posted is now mandatory
2020-06-21 09:42:37 -04:00
Hypolite Petovan cd74fb8609 Add new Content\BBCode::getShareOpeningTag 2020-06-18 08:53:30 -04:00
Hypolite Petovan f9ecbbd743 Exclude [img] tags from tag replacement
- It broke image captions by inserting an HTML link inside an HTML attribute
2020-06-16 16:34:16 -04:00
Hypolite Petovan 9b2d758c1a Add no-parsing block escaping in BBCode::setMentions 2020-06-10 10:16:07 -04:00
Hypolite Petovan eaa7740da6 Remove superfluous code
- Remove explicit default parameter value in BBCode::convertShareCallback
- Remove Probe::$baseurl reset since the twitter probe sets the `baseurl` property
- Remove baseurl guessing in Probe::detect
2020-06-10 10:15:54 -04:00
Hypolite Petovan a5f0225d60 Add mention support to shared content 2020-06-10 10:15:54 -04:00
Hypolite Petovan 89b3ae2657 Add null/empty string parameter value case in BBCode::convert
- Remove obsolete coalesce operator uses
2020-06-08 19:15:08 -04:00
Hypolite Petovan 472018191b Add tag escaping to BBCode::setTags 2020-06-08 18:40:20 -04:00
Hypolite Petovan 0bc7b89530 Replace existing block escaping by performWitEscaped* calls 2020-06-08 18:40:20 -04:00
Hypolite Petovan 348b71d0b0 Add new Strings::performWithEscapedBlocks methods
- Add new BBCode::performWithEscapedTags method
- Add tests
2020-06-08 18:40:20 -04:00
Hypolite Petovan 8eeb7807d3 Replace remaining instances with "allowlist", "denylist" and "blocklist" 2020-06-07 11:24:56 -04:00
Hypolite Petovan e0152bec7d Remove Twitter exception for shared blocks in Text\BBCode::convertShareCallback
- Twitter stopped supporting OEmbed which defaulted to an undesirable fallback
2020-06-04 11:13:31 -04:00
Hypolite Petovan f68652d61c Revert "Move share content conversion before link handling in Text\BBCode::convert"
This reverts commit 010ec99b35.
2020-06-04 11:11:44 -04:00
Hypolite Petovan 010ec99b35 Move share content conversion before link handling in Text\BBCode::convert 2020-06-03 22:02:01 -04:00
Michael efb1c630fd Fix warnings ("Divide by zero" and "key parameter is not a valid public key") 2020-05-18 02:58:08 +00:00
Michael e737eea17d Issue 8458-2: Now all unicode emojis should work 2020-05-17 21:46:54 +00:00
Michael d7f0ffdbc1 Issue 8458: Display big emojis
Fixes #8458
2020-05-17 16:55:54 +00:00
Michael b625797591 issue 8642: Make hashtags more compatible 2020-05-16 18:38:50 +00:00
Michael b192810288 Still more missing places replaced 2020-05-16 16:41:37 +00:00
Michael 0da0580a82 use "self" 2020-05-16 16:32:37 +00:00
Michael 0cf517ad76 Use constants for the BBCode modes 2020-05-16 16:28:15 +00:00
Hypolite Petovan 43b8bdea07
Merge pull request #8520 from annando/term2tag
We now store tags in "tag"
2020-04-22 22:56:07 -04:00
Michael 33eda87bc4 Fix: Image descriptions now work again 2020-04-21 04:01:13 +00:00
Michael 538e212a84 Hashtag handling with Diaspora improved 2020-04-19 16:33:06 +00:00
Michael d3722c945b Improved Mime Type detection 2020-04-01 05:42:44 +00:00
Michael 1fef1ef6e9 Issue 7771: Funkwhale support 2020-03-24 23:12:53 +00:00
Michael 72c198990e Merge remote-tracking branch 'upstream/develop' into private 2020-03-02 15:05:00 +00:00
Michael ca1b92bb34 Support unlisted public posts 2020-03-02 07:57:23 +00:00
Michael Vogel cdc39b0f72
Merge pull request #8333 from MrPetovan/bug/8280-about-conversion-export
Add about field conversion to HTML in Protocol\ActivityPub\Transmitter
2020-02-25 20:36:11 +01:00
Hypolite Petovan b100b9600e Add rel="noopener noreferrer" to all target="_blank" links
See https://mathiasbynens.github.io/rel-noopener/
2020-02-24 20:07:34 -05:00
Hypolite Petovan 0f85f5d167 Convert outgoing profile description to Markdown in Protocol\Diaspora 2020-02-24 07:59:53 -05:00
Michael Vogel 01640a7045 Merge pull request #8272 from MrPetovan/bug/8254-regex-url-img
Increase specificity of [url][img] capture regex in BBCode::getAttachedData
2020-02-10 05:32:43 +01:00
Hypolite Petovan d2ca5ccd35 Increase specificity of [url][img] capture regex in BBCode::getAttachedData
- Prevents it from over capturing when there's a [url] tag before the image
2020-02-09 22:19:21 -05:00
nupplaPhil 23c64b9a11
Add license info at Friendica classes 2020-02-09 15:45:36 +01:00
Philipp Holzer ed9392469e
Remove unneeded Config namespace usages 2020-01-19 22:50:44 +01:00
Philipp Holzer 6c36fd9e01
Move Config::get() to DI::config()->get() 2020-01-19 21:21:13 +01:00
Philipp Holzer d6efc90194
cleanup namespace usages for L10n 2020-01-19 16:31:33 +01:00
Philipp Holzer 5dfee31108
Move L10n::t() calls to DI::l10n()->t() calls 2020-01-19 16:31:16 +01:00
Michael 4e5db36177 Improved formatting 2020-01-19 09:46:31 +00:00
Michael 0a4119adaf @brief is removed completely 2020-01-19 06:05:23 +00:00
Philipp Holzer a38b0f7eaf
Move remaining namespaces and delete Core\Cache.php 2020-01-07 00:51:02 +01:00
Philipp Holzer fe078410a1
Move Cache::get() to DI::cache()->get() 2020-01-07 00:45:49 +01:00
Philipp Holzer f68929633b
Move Cache::set() to DI::cache()->set() 2020-01-07 00:41:20 +01:00
Hypolite Petovan 4461c16165 Remove superfluous comment in BBCode::scaleExternalImage 2020-01-03 09:30:35 -05:00
Hypolite Petovan 52c5b0e0f3 Remove unused BBCode::scaleExternalImage parameters
- Remove now obsolete system.no_view_full_size config key
2020-01-02 20:44:15 -05:00
Hypolite Petovan 0b3cd206c3 Remove harmful HTML decode/encode in BBCode::scaleExternalImages 2020-01-02 20:35:59 -05:00
Philipp Holzer 3f34229752
Move redundant System::baseUrl() to DI::baseUrl() calls 2019-12-30 23:00:08 +01:00
Philipp Holzer e944d7bed6
Remove deprecated App::getBaseURL() - process methods to DI::baseUrl()->get() 2019-12-29 20:17:48 +01:00
Philipp Holzer 181529f3df
Refactor dynamic App::getProfiler() to static DI::profiler() 2019-12-29 20:17:42 +01:00
Philipp Holzer 388b963714
Replace BaseObject class with DI::* calls 2019-12-29 20:17:38 +01:00
Philipp Holzer 1de3f186d7
Introduce new DI container
- Adding Friendica\DI class for getting dynamic classes
- Replacing BaseObject::getApp() with this class
2019-12-29 20:16:55 +01:00
Hypolite Petovan aa3a85c727 Escape major HTML characters in code blocks in BBCode::convert
- HTML sanitization was removing unescaped opening chevrons in code blocks
2019-12-27 21:42:56 -05:00
Hypolite Petovan 39cb3e68b9 Remove faulty escape for HTML entities in BBCode::toMarkdown
- Mangled Markdown output with chevrons
2019-12-27 21:42:56 -05:00
Michael 81d500c271 Fix optical glitch: Replace multiple newlines when replacing attachments 2019-12-20 09:45:34 +00:00
Hypolite Petovan e1583123b4 Escape potential URL-containing BBCodes before running autolinker 2019-12-13 12:40:10 -05:00
Michael cc38250538 Improved RegExp 2019-12-12 14:57:31 +00:00