fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-04 01:01:41 +09:00
Code Issues Projects Releases Packages Wiki Activity
16830 commits 3 branches 212 tags 117 MiB
Commit graph

346 commits

Author SHA1 Message Date
Kijin Sung
7b9fe8f7f2 Revert "Fix var_export() not working for stdClass in PHP < 7.3" 
This reverts commit 3f7f802585.
 2018-12-13 18:59:27 +09:00
Kijin Sung
3f7f802585 Fix var_export() not working for stdClass in PHP < 7.3 2018-12-13 15:22:11 +09:00
Kijin Sung
e98cf03d95 Move upload file filter to Rhymix Framework and add proper unit tests for SVG-based attacks 2018-10-18 14:34:19 +09:00
Kijin Sung
af64ae79c1 Rename checkXEE() to checkXXE() 2018-10-18 14:21:08 +09:00
Kijin Sung
dead538afb Use egulias/EmailValidator to validate email addresses 2018-10-18 14:16:12 +09:00
Kijin Sung
e027bc8319 Add jquery-latest.js to blacklist 
http://code.jquery.com/jquery-latest.js 와 같은 스크립트를 임의로
로딩하지 못하도록 막음. 버전이 붙은 파일명은 이미 대부분 막혀 있었지만,
이 커밋에서는 -latest가 포함된 것도 막도록 변경함.

cf. https://xetown.com/qna/1089463
 2018-10-11 14:32:10 +09:00
Kijin Sung
720e7c6527 Update unit test for TemplateHandler 2018-10-10 15:13:01 +09:00
Kijin Sung
d63da57045 Fix unit tests for autoescape 2018-10-10 14:50:34 +09:00
Kijin Sung
4fc7605e93 Remove mobile.css from unit tests 2018-08-05 19:13:58 +09:00
Kijin Sung
109203d12b Remove invalid characters from REQUEST_URI 2018-07-31 19:08:02 +09:00
Kijin Sung
9b12e0a71c Update unit tests for UA::encodeFilenameForDownload() 2018-07-20 19:21:55 +09:00
Kijin Sung
89fcea58c9 Fix unit tests for PHP 7.2 2018-06-14 15:37:04 +09:00
Kijin Sung
ca90ac2c8e Fix unit test for UA class 2018-06-14 14:18:05 +09:00
conory
9e2a09f108 웹 브라우저가 아닌 wget, curl, php를 봇으로 취급 2018-06-14 12:57:00 +09:00
conory
c728250fd7 템플릿 foreach 처리시 디버그 편의를 위해 원래의 엄격한 방식으로 되돌림 2018-03-31 16:59:30 +09:00
conory
3d24c14f7f object 변수일 경우 템플릿 foreach 문이 작동하지 않는 문제 수정 
#1023 문제 수정

레이아웃 확장변수 (extra_var)가 object 라서 발생한 warning 수정 (왜 object로 했는 지 모르겠지만, array가 더 맞는 듯함)
Warning: count(): Parameter must be an array or an object that implements Countable in php 7.2
 2018-03-30 23:28:44 +09:00
conory
e0edf3cb53 Context::setRequestArguments() 입력 정리 2018-03-26 23:55:07 +09:00
conory
605fcc87df Fix unit test for template 2018-03-22 17:49:00 +09:00
Kijin Sung
e63d597168 Add comprehensive tests for Context::setRequestMethod() and args 2018-03-13 11:06:34 +09:00
Kijin Sung
2b40d1ef74 Fix unit test for $lang in templates 2018-03-03 12:07:13 +09:00
Kijin Sung
2dd549f076 Add methods to clear debug entries (for long-running scripts) 2018-01-16 15:03:36 +09:00
Kijin Sung
d7a3e1bc26 Fix unit tests that don't work in PHP 7.2 2017-12-09 03:00:51 +09:00
Kijin Sung
3feaf36c23 Adjust unit tests to accommodate new template parser behavior 2017-12-09 02:55:01 +09:00
Kijin Sung
487509c1e5 Revert "Revert "Convert default SCSS stylesheet to LESS"" 
This reverts commit 5586956fea.
 2017-12-01 18:02:41 +09:00
Kijin Sung
5586956fea Revert "Convert default SCSS stylesheet to LESS" 
This reverts commit 1a98f0974c.
 2017-12-01 17:57:30 +09:00
Kijin Sung
1a98f0974c Convert default SCSS stylesheet to LESS 
서버단에서 컴파일하는 속도가 SCSS보다 LESS가 훨씬 빠름
 2017-12-01 17:32:55 +09:00
Kijin Sung
6f35f5bafc Fix strict count() behavior in PHP 7.2 2017-12-01 01:42:03 +09:00
Kijin Sung
7c91f3a5e7 Fix unit test for blocking common scripts 2017-09-20 17:32:24 +09:00
Kijin Sung
e734caf7b3 Fix unit tests to accommodate change to trusty in Travis CI 2017-09-04 14:04:41 +09:00
Kijin Sung
73c09ce876 Fix handling of external CSS/JS URLs with query strings 
xpressengine/xe-core#2114
 2017-08-16 23:05:45 +09:00
Kijin Sung
21072195c0 Prevent overwriting jQuery and other common scripts 
- Block third-party programs trying to load their own version of jQuery
- Block obsolete scripts such as xe.css and xe.js
- Block minified versions of the above, too
- Increase blocking index threshold from 1,500,000 to 1,500,000,000
- Add unit tests for script blocking
 2017-07-02 00:36:19 +09:00
Kijin Sung
464325c6f6 Update Markdown formatter to support footnotes and hard wraps natively 2017-06-29 23:58:20 +09:00
Kijin Sung
8c752b9baf Add more unit tests for is_html_content() 2017-06-29 19:54:33 +09:00
Kijin Sung
2a023f0854 Also use the <span> tag to determine whether an editor was used 2017-06-29 18:53:46 +09:00
Kijin Sung
3c772bf1cf Separate <p> tests from <br> tests 2017-06-29 18:44:52 +09:00
Kijin Sung
804533222c Add is_html_content() function to detect whether a string is HTML 2017-06-29 18:25:36 +09:00
Kijin Sung
8ca0ca4a47 Fix Context::loadLang() compatibility when lang.xml is specified 2017-05-05 11:47:22 +09:00
Kijin Sung
2822191271 Fix CSRF check for GET requests 2017-04-23 14:51:41 +09:00
Kijin Sung
8147044802 Fix toBool() and add more test cases 2017-04-08 22:02:03 +09:00
Kijin Sung
97047d1279 Add list of reserved words #763 2017-03-23 19:43:49 +09:00
Kijin Sung
a3ef122b57 Merge branch 'develop' into pr/csrf-token 2017-03-13 16:35:24 +09:00
Kijin Sung
fc77980c39 Merge branch 'develop' into pr/multidomain 2017-03-07 15:43:25 +09:00
Kijin Sung
d62756dcd5 Fix unit tests to ignore user warnings during CSRF test 2017-03-06 16:02:50 +09:00
Kijin Sung
89255d0281 Initial implementation of CSRF token enforcement in Security class 2017-03-06 15:54:56 +09:00
Kijin Sung
a0f2388842 Add Session::getGenericToken() for general-purpose token handling 2017-03-06 11:24:09 +09:00
Kijin Sung
387dd1f78b Fix #741 do not allow empty HTML content in document and comment 2017-03-06 10:50:06 +09:00
Kijin Sung
f1608ad3a9 Fix unit test for Session::checkSSO() 2017-03-04 22:09:07 +09:00
Kijin Sung
990876515b Don't dump error log to screen during unit test of Debug class 2017-02-27 22:47:02 +09:00
Kijin Sung
72d25872cd Fix randomly failing unit test for Session class 2017-02-27 15:57:45 +09:00
Kijin Sung
aa879e7326 Improve HTMLFilter handling of editor component properties 2017-02-25 17:37:58 +09:00