fanbinit/rhymix

mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00

Author	SHA1	Message	Date
Kijin Sung	044ad8fbf6	Mark old Security class as deprecated	2023-10-04 01:24:22 +09:00
Kijin Sung	2a1aad7c1b	Mark old EmbedFilter and Password classes as deprecated	2023-10-04 01:22:30 +09:00
Kijin Sung	3c9828ec5f	Mark old IpFilter and Purifier classes as deprecated	2023-10-04 01:20:29 +09:00
Kijin Sung	dfa1e93c79	Remove unnecessary header and footer from class files - 아래에 이미 author 언급이 있으므로 중복되는 저작권 표기는 제거 - 클래스 하단에 불필요한 end of file 표시 제거 (파일 하나에 클래스 하나씩이므로 파일이 중간에 끊겼다면 클래스가 닫히지 않아 쉽게 알 수 있음)	2023-01-30 23:52:23 +09:00
Kijin Sung	c881e73c1d	Remove trailing whitespace in legacy class files	2023-01-17 21:07:55 +09:00
Kijin Sung	60465fb2db	Fix various warnings in PHP 8.0	2021-01-28 22:32:56 +09:00
Kijin Sung	4fdb51d689	Fix outdated use of REMOTE_ADDR instead of RX_CLIENT_IP	2020-12-18 15:10:30 +09:00
Kijin Sung	49923844b2	Various fixes to remove warnings in PHP 8.0	2020-12-15 00:18:42 +09:00
Kijin Sung	8c161bc28d	Various fixes to improve PHP 8.0 compatibility - XmlParser 클래스가 PHP 내장 클래스가 되어버려서 XeXmlParser로 변경 - 함수나 파라미터의 형태가 맞지 않아서 치명적인 오류 나는 곳 수정 - undefined 변수 및 배열 키 다수 수정 (치명적인 오류는 아님) - 계속 수정중...	2020-10-31 00:25:26 +09:00
Kijin Sung	b193ad73e3	Fix #1274 check chunked uploads after all chunks are ready	2020-04-16 18:17:04 +09:00
Kijin Sung	cd084d6073	Fix invalid function call	2018-10-18 15:51:44 +09:00
Kijin Sung	e98cf03d95	Move upload file filter to Rhymix Framework and add proper unit tests for SVG-based attacks	2018-10-18 14:34:19 +09:00
Kijin Sung	af64ae79c1	Rename checkXEE() to checkXXE()	2018-10-18 14:21:08 +09:00
Kijin Sung	c54fa8dab1	Use escape more consistently 여기저기 htmlspecialchars가 들어 있는 것을 escape로 통일	2018-10-10 15:07:51 +09:00
Kijin Sung	19331e6746	Additional XSS checks #1088	2018-09-18 13:27:55 +09:00
Kijin Sung	e03ccbd7a9	Also filter XML and HTML file uploads - Detect possible XML (including SVG) by actual content, not extension - Check large files in overlapping chunks to reduce memory usage - Check XML files for external entities - Check HTML files for SSI and PHP code	2018-09-18 02:45:48 +09:00
Kijin Sung	60d390f52e	Initial mitigations for #1088 #1089	2018-09-17 00:48:47 +09:00
Kijin Sung	910f7220e6	Import cryptographic signature functions from XE 1.8.23	2016-08-02 16:30:33 +09:00
Kijin Sung	cb229c2d66	Clean up namespaces	2016-03-14 21:04:27 +09:00
Kijin Sung	f4dc7e6b21	Move all functionality of old Password class to new Password class	2016-03-13 23:23:48 +09:00
Kijin Sung	90dcc4a2e8	Implement encryption, decryption, and CSPRNG in Security class	2016-03-13 20:40:23 +09:00
Kijin Sung	544170b530	Move IpFilter class to Security namespace	2016-03-13 10:24:52 +09:00
Kijin Sung	0adb13ca30	Add inRanges() and validateRanges() methods to IpFilter class	2016-03-13 10:18:52 +09:00
Kijin Sung	7ecd9230c2	Add MediaFilter class to absorb most EmbedFilter functionality	2016-03-13 09:51:15 +09:00
Kijin Sung	6f53a3f068	Check object whitelist in HTMLFilter class, not EmbedFilter class	2016-03-12 22:35:43 +09:00
Kijin Sung	be882d0c5c	Do not check allowscriptaccess because HTMLPurifier does it better	2016-03-12 21:11:53 +09:00
Kijin Sung	b962409652	Use new Security and URL classes in other places	2016-03-12 17:26:41 +09:00
Kijin Sung	4594c40321	Disable useless UploadFileFilter	2016-03-11 19:55:41 +09:00
Kijin Sung	b89818e13d	Update HTMLPurifier configuration and allow HTML5	2016-03-11 15:29:42 +09:00
Kijin Sung	5d5fe818f1	Remove outdated PHP HTML Parser library	2016-02-16 15:29:01 +09:00
Kijin Sung	a1e8d14b0d	Move whitelist file to common location	2016-02-16 15:27:41 +09:00
Kijin Sung	e7bacf689a	Update embed filter to use Simple HTML DOM Parser	2016-02-16 15:22:12 +09:00
Kijin Sung	f7aad28d2c	Remove remaining references to getDBInfo()	2016-02-05 15:18:31 +09:00
Kijin Sung	b47abe8d12	Update old IpFilter class to call the new class internally	2016-02-02 09:15:07 +09:00
Kijin Sung	30246059eb	Remove Crypto class (was added by @kijin but not used)	2016-01-22 15:02:33 +09:00
qw5414	349ee07f60	Add ifream whitelist to afreeca	2016-01-15 14:09:14 +09:00
Kijin Sung	5196ddaf83	Fix incorrect generation of whitelist regexp	2016-01-12 19:23:27 +09:00
Kijin Sung	2be2e8e73e	Fix incorrect use of embed filter in HTMLPurifier	2016-01-12 19:13:15 +09:00
Kijin Sung	bd15128e14	embed whitelist를 별도로 캐싱하지 않고 직접 include하여 사용하도록 변경	2016-01-07 10:14:40 +09:00
Kijin Sung	ca3001141c	embed whitelist 설정파일에서 XML을 제거하고 http/https를 구분하지 않도록 함	2016-01-07 09:39:55 +09:00
Kijin Sung	546606b208	Initial import of composer dependencies (--no-dev)	2016-01-06 19:21:31 +09:00
MinSoo Kim	264a5d3ef5	PHP 5.4 이상부터 의미가 없어진 변수 입력 제거 * [매뉴얼](https://secure.php.net/en/htmlspecialchars)에서 기본값이 되었다고 설명함. * 빼먹은 `LOCK_EX` 다시 추가.	2016-01-02 22:59:55 +09:00
MinSoo Kim	2957f8cebe	HTMLPurifier update 약간 커스텀 된 부분 모두 반영. File lock 부분과 htmlspecialchars 부분.	2016-01-02 11:55:54 +09:00
conory	ef5e660bb2	#10 잘못된 변수	2015-12-22 08:32:12 +09:00
Kijin Sung	811c5dbedd	Merge pull request #10 from kijin/feature/password-improvements Password 클래스 개선	2015-12-21 15:32:18 +09:00
Kijin Sung	804dd3073a	Support custom (user-defined) check-only algorithms in Password class	2015-12-21 13:44:46 +09:00
Kijin Sung	a22e69b7ec	Merge branch 'develop' of https://github.com/xpressengine/xe-core (1.8.14) Conflicts: classes/context/Context.class.php modules/point/tpl/config.html	2015-12-02 14:38:23 +09:00
YJSoft	961deaf3ea	fix #1796 에디터 컴포넌트와 위젯의 스타일도 체크함	2015-11-06 17:06:40 +09:00
Kijin Sung	9dbe64e0da	Merge #1650 다양하게 활용 가능한 암호화 클래스 추가 by kijin * pr/1650: Simplify IV creation routine by reusing Password class Add currentSessionOnly option to Crypto class Add Crypto class compatible with defuse/php-encryption	2015-10-08 15:03:28 +09:00
Kijin Sung	a7ed4c56c8	Merge #1363 PHP 5 방식의 생성자 (__construct) 사용 by kijin * pr/1363: ExtraItem 클래스에도 PHP 5 방식의 생성자 (__construct) 사용 PHP 5 방식의 생성자 (__construct) 사용 Conflicts: classes/context/Context.class.php	2015-10-08 14:10:32 +09:00

1 2 3

117 commits