Infra-Mirrors/BookStack
1
0
Fork 0
mirror of https://github.com/BookStackApp/BookStack.git synced 2024-10-01 01:36:00 -04:00
Code Issues Packages Projects Releases Wiki Activity
2,614 Commits 18 Branches 197 Tags 95 MiB
9382d647d7
Commit Graph

12 Commits

Author SHA1 Message Date
Timo Förster
745d15d200
Allow uploads of files containing dots in filename. Closes BookStackApp/BookStack#2217 2021-03-04 22:27:20 +01:00
Dan Brown
349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
 2020-10-31 15:01:52 +00:00
Dan Brown
140298bd96
Updated to Laravel 5.8 2019-09-13 23:58:40 +01:00
Dan Brown
213e9d2941
Upgraded to Laravel 5.6 2019-09-06 22:14:39 +01:00
Dan Brown
79f6dc00a3
Change image-selector to not use manager 
- Now changes the images directly for user, system & cover.
- Extra permission checks added to edit & delete actions.
 2019-05-04 15:50:29 +01:00
Dan Brown
9879a0d12c
Added helper text for no_double_extension validation 2019-03-24 19:40:45 +00:00
Dan Brown
f5fe524e6c
Added extension whitelist for image uploads 
- A continuation of the security issues addressed in v0.25.3
 2019-03-21 19:43:15 +00:00
Dan Brown
37b91b6b0e
Hardened image file validation by removing custom validation 
- Added test to check PHP files cannot be uploaded as an image.
 2019-03-20 23:59:55 +00:00
abijeet
9dba9ca178 Fixes tooltip on the image manager. 
Fixes #1186
 2019-01-27 19:43:31 +05:30
Dan Brown
86a00a59d4
Created sketchy translation formatter script 
Compares a translation file to a EN version to
place translations on matching line numbers and matches
up comments.
 2018-12-14 21:23:05 +00:00
Dan Brown
573357a08c
Extracted text from logic files 2016-12-04 16:51:39 +00:00
Dan Brown
eaa1765c7a Initial commit 2015-07-12 20:01:42 +01:00