fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-05-18 08:23:38 +09:00
Code Issues Projects Releases Packages Wiki Activity
20959 commits 7 branches 212 tags 119 MiB
Commit graph

3149 commits

Author SHA1 Message Date
Kijin Sung
a0af01c76a Merge branch 'security/rve-2026-8' 2026-05-11 18:17:41 +09:00
Kijin Sung
aa0f3f0200 Merge branch 'security/rve-2026-7' 2026-05-11 18:17:22 +09:00
Kijin Sung
71b11c769d Fix incorrect error location when R\F\Exception is thrown from inside an event handler 2026-05-07 23:07:36 +09:00
Kijin Sung
019950c8a8 Prevent unnecessary double cookie refresh when logging in as admin 2026-04-30 23:13:05 +09:00
Kijin Sung
7f1a61fb83 Clean up session refresh handling (dedicated timer, don't refresh in non-GET request, etc.) 2026-04-30 23:00:55 +09:00
Kijin Sung
f438a91cd6 Treat samesite attribute as a string, not integer 2026-04-30 22:44:14 +09:00
Kijin Sung
9f1a3574c5 Remove SSO 2026-04-29 23:31:29 +09:00
Kijin Sung
1511693cf6 Regenerate session ID upon login and peridically RVE-2026-8 2026-04-29 23:12:02 +09:00
Kijin Sung
d609d36ac6 Add Storage::protectDirectory() to place .htaccess and index.html files in a directory 2026-04-29 17:38:56 +09:00
Kijin Sung
c66daf6507 Be more strict about skipping embedded SVG checks #2703 2026-04-26 18:18:40 +09:00
Kijin Sung
f9119c8ba3 Fix incorrect detection of ChatGPT-generated PNG as dangerous SVG #2703 2026-04-26 14:47:52 +09:00
Kijin Sung
530464289a Version 2.1.32 2026-04-01 10:54:41 +09:00
Kijin Sung
b1f84365a5 Add 'command' type to R\F\Security::sanitize() 2026-03-31 21:02:33 +09:00
Kijin Sung
ba49fe7b70 Fix warnings when migrating XE config to Rhymix format 2026-03-31 19:30:09 +09:00
Kijin Sung
5c858806b2 Treat comma as a regular character when parsing search string #2687 2026-03-29 16:26:10 +09:00
Kijin Sung
7a3d759e62 Fix undefined property when XML query has <navigation> without <page_count> #2688 2026-03-22 15:17:50 +09:00
Kijin Sung
63d2582c8e Fix invalid query when search contains zero conditions #2687 2026-03-22 15:09:45 +09:00
Kijin Sung
94008fbe9b Allow larger images/videos to be uploaded if they are going to be converted 
- 변환 대상인 이미지나 동영상 파일은 용량 제한을 더 느슨하게 설정할 수 있도록 함
- 변환 후에 다시 용량을 체크하여 각 게시판의 업로드 정책 적용
- https://rhymix.org/qna/1926104
 2026-03-10 19:45:38 +09:00
Kijin Sung
840a9adac8 Version 2.1.31 2026-02-26 13:18:24 +09:00
Kijin Sung
465248a7a4 Update jQuery Migrate to 3.6.0 2026-02-26 13:10:47 +09:00
Kijin Sung
d0d1505367 Enable secure session and cookies by default if installed or upgraded in an HTTPS site 2026-02-26 01:25:36 +09:00
Kijin Sung
7ce40653d7 Use jQuery 3.x by default 2026-02-26 01:23:10 +09:00
Kijin Sung
f0f73c6ac8 Update jQuery to 3.7.1 and recommend updating 2026-02-26 01:21:19 +09:00
Kijin Sung
74b9533281 Merge branch 'security/rve-2026-2' 2026-02-25 20:39:06 +09:00
Kijin Sung
bf2df84d0f Use enshrined\svgSanitize to clean SVG file content 2026-02-20 21:55:29 +09:00
Kijin Sung
a18b45f0f8 Strip namespace prefixes before checking dangerous tags in SVG 2026-02-20 21:40:37 +09:00
Kijin Sung
f131a616eb Fix RVE-2026-1 arbitrary file association by extra var 2026-02-16 21:56:44 +09:00
Kijin Sung
c5d453a2df #2675 보완 및 최적화 2026-02-11 21:02:50 +09:00
Kijin Sung
5834a3c18a Fix fatal error in some environments when relative URL is passed to encodeIdna() or decodeIdna() #2675 2026-02-11 20:54:00 +09:00
Kijin Sung
1199095e7f Version 2.1.30 2026-02-10 12:23:00 +09:00
Kijin Sung
26c59c251c Fix incorrect conversion of JS template variable containing path #2657 2026-02-05 23:05:19 +09:00
Kijin Sung
9d1738e21d Add trigger before auto-login #2665 #2666 2026-02-05 22:14:06 +09:00
Kijin Sung
078c07d9f5 Add confirmation dialog before deleting or trashing document in admin dashboard #2653 2026-01-28 21:33:27 +09:00
Kijin Sung
70a25057f0 Fix incorrect redirect when loading saved document from another module #2659 2026-01-28 21:04:12 +09:00
Kijin Sung
bb6eeb926e Add delay before closing window in doDocumentSelect() 2026-01-28 20:51:29 +09:00
Kijin Sung
09919944a7 Prevent type error when non-integer input passed to getNumberingPath() 2026-01-28 20:46:30 +09:00
Kijin Sung
c1942080e7 Fix incorrect identification of DaumApps webview as robot 2026-01-19 19:44:25 +09:00
Lastorder
1811cfee39
Fix error title localization in Debug.php 2026-01-08 22:56:16 -08:00
Kijin Sung
26d645da4d Fix nested JS contexts in template v2 #2646 2026-01-06 23:43:21 +09:00
Kijin Sung
8b1da6a98a Fix incorrect handling of nested context switches (CSS inside HTML inside JS) in template v2 #2646 2026-01-06 21:36:10 +09:00
Kijin Sung
d6b7cb52b8 Fix deprecations in PHP 8.5 #2639 2026-01-01 18:39:20 +09:00
Kijin Sung
aaf3791a78 Version 2.1.29 2025-12-18 13:40:08 +09:00
Kijin Sung
620fee05cf Fix duplicate hidden input when a form includes mid or act as a <select> 2025-12-17 21:32:03 +09:00
Kijin Sung
f3ff338711 Return more information from DB::getColumnInfo() and DB::getIndexInfo() 2025-12-17 16:43:18 +09:00
Kijin Sung
0c8aa306ec Fix incorrect timestamp display when timestamp is zero #2621 2025-12-17 11:32:37 +09:00
Kijin Sung
8e5480674d Exclude functions and closures from scope conversion #2617 2025-11-29 11:50:43 +09:00
Kijin Sung
50dd010e2d Remove empty class and style attributes when compiling template v2 2025-11-29 11:07:15 +09:00
Kijin Sung
dd2b5aecb3 Version 2.1.28 2025-10-29 10:19:07 +09:00
Kijin Sung
bc6eaae544 Remove old Flash-based uploader plugin 2025-10-23 13:42:21 +09:00
Kijin Sung
2a7eeebcbd Add numeric value column to extra vars, and add option to mark extra var as sortable #2604 #2559 2025-10-23 11:17:24 +09:00