fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-08 11:11:39 +09:00
Code Issues Projects Releases Packages Wiki Activity
16874 commits 3 branches 212 tags 117 MiB
Commit graph

107 commits

Author SHA1 Message Date
bnu
2e661027ab 445a414 에서 추가한 Password:: generateStrongPassword() 제거 2015-03-10 11:21:40 +09:00
bnu
6bdc099d92 Merge branch 'pr/1316' into develop 
Conflicts:
	classes/security/Password.class.php
 2015-03-10 11:20:43 +09:00
Kijin Sung
8e0b310e2a Add method to create a password that includes all character classes 2015-03-06 16:15:45 +09:00
Kijin Sung
8da6ddcfe8 Add option to create a secure salt including special chars 2015-03-06 15:03:55 +09:00
bnu
445a41411e fix #1315 인증메일 및 비밀번호 찾기에서 새 비밀번호 및 인증키 발급 개선 2015-03-06 14:20:25 +09:00
bnu
2bbe9603a2 Merge branch 'develop' into next 2015-02-09 11:22:02 +09:00
bnu
a33a4b3081 fix #1227 SECISSUE 
- XXE 취약점 문제 해결
- Drupal의 소스코드를 참고하여 `Security::detectingXEE()` 추가
  - 90e884ad0f
- blogapi 애드온 및 `Context::_setXmlRpcArgument()`에서 취약점 방어
- 제보 : 한국인터넷진흥원
 2015-02-04 17:42:28 +09:00
Kijin Sung
2df137e82b Always prefer PBKDF2 to bcrypt, for better PHP 5.2 compatibility 2014-12-10 16:10:07 +09:00
Kijin Sung
3923bf40fc Ensure full compatibility with previous versions of XE and migration tools 2014-12-10 16:10:07 +09:00
Kijin Sung
ca439d4440 Add a new class for improved password hashing 2014-12-10 16:10:07 +09:00
bnu
cc487ba0b2 #1077 embed white url 중복 제거 및 추가 
- 추가 : http://serviceapi.rmcnmv.naver.com/
- 추가 : http://videofarm.daum.net/
 2014-12-08 13:19:45 +09:00
sejin7940
3bbd4b15f4 Update embedWhiteUrl.xml 2014-09-11 13:48:17 +09:00
Jin Hu, Baek
37f57f2eca remove mncast profile 
엠앤캐스트 서비스가 종료된지 어연 5년이 지났고, 현재 엠앤캐스트 사이트 자체가 불법 스미싱 사이트로 바뀌어있는 지금, 해당 embed 패턴을 통한 공격이 들어올수 있다 판단되어 삭제.
 2014-04-07 22:08:34 +09:00
bnu
43fd876dfa #331 embed whitelist를 관리페이지에서 설정할 수 있도록 추가 2014-01-24 11:21:35 +09:00
bnu
e3ae1b45ab #331 embed whitelist 정리 2014-01-24 11:21:34 +09:00
bnu
711cd1ea35 Merge commit '154fc79e99' into develop 
Conflicts:
	classes/security/EmbedFilter.class.php
	common/js/common.js
	common/js/xe.min.js
	config/config.inc.php
 2014-01-06 11:23:59 +09:00
bnu
52e9f1fc19 Issue 3639 유튜브 embed 패턴 추가 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13196 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2014-01-04 12:21:09 +09:00
bnu
ee09f0f21a Issue 3639 유튜브 embed 패턴 추가 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13195 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2014-01-04 12:21:09 +09:00
bnu
072f0ff1ce SECISSUE 2014-01-03 20:19:07 +09:00
bnu
c5845c4758 SECISSUE <object> tag의 XSS 문제 해결. 2014-01-02 20:20:38 +09:00
khongchi
53e81300f3 NOISSUE 코드정리 2013-12-05 10:39:41 +09:00
khongchi
5fae27d53c isCrawler, 관리자페이지 IP잠금, 사이트잠금 기능에서 ipfilter를 사용하도록 변경 2013-11-29 19:24:07 +09:00
khongchi
98d3408919 NOISSUE, add ipfilter class 2013-11-28 16:16:49 +09:00
ngleader
bc47f19615 NOISSUE code rearrange 2013-11-22 06:46:26 +09:00
bnu
5d78cf2300 #64 syntax error 수정. 2013-11-24 15:35:47 +09:00
bnu
932862be1f #64 서버 내 경로를 절대경로로 변경 2013-11-23 11:59:49 +09:00
bnu
63e0fd6f3b #51 preg_match()를 substr_compare() 또는 strncmp()로 대체 2013-11-22 13:00:56 +09:00
akasima
736f382b27 #66 install php version check 
#16 install rewrite module usable check
#48 htmlspecialchars function params add
 2013-11-19 13:32:39 +09:00
khongchi
29a2a99ac6 #53 파일업로드 취약점 방어 기능 disable 2013-11-15 14:00:50 +09:00
khongchi
71c8a0b99f fixed #50, file_put_contents함수에 LOCK_EX flag 적 2013-11-15 12:56:29 +09:00
khongchi
5693e340fe issue 3645, php5 대응, 함수 대체 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13202 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-13 01:40:53 +00:00
bnu
29004a9358 Issue 3639 유튜브 embed 패턴 추가 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13196 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-09 10:05:18 +00:00
bnu
560fe3b7db Issue 3639 유튜브 embed 패턴 추가 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13195 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-09 10:01:31 +00:00
akasima
bce0a0b6d4 copyright add to php files 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13186 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-08 05:52:51 +00:00
khongchi
e0879ea45c remove debugPrint 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13184 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-08 04:27:55 +00:00
khongchi
acd89ccd9a issue 3633, protect from file upload hacking 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13182 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-08 03:44:04 +00:00
ngleader
dbc18a4f99 change author 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13180 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-11-07 02:42:42 +00:00
misol
f70ce644ce Close Connection when there is no connection value. 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@13161 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-09-25 15:29:32 +00:00
flyskyko
915cdb3824 issue 2119. supporting php 5.4. object, page and security classes. 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@12693 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-02-05 02:33:02 +00:00
flyskyko
0f04bd3f92 merge changes of luminous to maserati (~r12676) 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@12680 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-02-04 08:09:07 +00:00
ovclas
6cf384a37e security defence 
git-svn-id: http://xe-core.googlecode.com/svn/branches/luminous@12510 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2013-01-03 08:23:31 +00:00
ovclas
15fa10dc39 issue 2662 coding convention 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@12220 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-11-14 09:59:39 +00:00
ovclas
f0376dfa7f issue 1860 purifier definition error fix 
git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@11889 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-10-25 02:49:44 +00:00
ovclas
a6261c58d7 issue 1860 add htmlpurifier to core 
support for editor component, widget
check safe iframe in htmlpurifier instead of Embed class


git-svn-id: http://xe-core.googlecode.com/svn/branches/maserati@11812 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-10-22 02:45:58 +00:00
flyskyko
5acfe84c14 issue 2494, added a _XE_PATH_ in include statement. 
git-svn-id: http://xe-core.googlecode.com/svn/branches/luminous@11500 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-09-25 08:35:35 +00:00
ovclas
a9205610bb issue 2239 chnage empty string to htmlspecialchars 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@11043 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-08-20 01:45:36 +00:00
ovclas
851f7a9710 issue 2239 fix wrong word 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@11034 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-08-17 07:13:30 +00:00
ovclas
00152e1cb8 issue 2239 add vimeo.com 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@11029 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-08-16 02:18:16 +00:00
ovclas
64192c224c issue 2239 Object, Embed, Iframe source allow by white list 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@11028 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-08-16 02:11:00 +00:00
ovclas
927c944ff3 issue 2239 Object, Embed, Iframe source allow by white list 
git-svn-id: http://xe-core.googlecode.com/svn/branches/1.5.3.2@11024 201d5d3c-b55e-5fd7-737f-ddc643e51545
 2012-08-13 02:19:17 +00:00