8a7408bd31
Fixed social auth login audit log messages
...
Was logging the whole social account instance instead of just the
method.
Updated tests to cover.
Fixes #2930
2021-09-15 20:55:10 +01:00
121a746d59
Moved/Updated old Activity tracking tests, started on entity tests
...
Started moving old EntityTests into more appropriate places within
non-browserkit-test classes. Still many more to do.
2021-09-13 23:26:39 +01:00
badaf08e55
Removed browserkit from a couple of classess
...
Done a little reorganisation while there of misplaced tests.
Moved MarkdownTest to a new PageEditorTest to avoid confusion with
other markdown elements and to align with other page tests.
2021-09-13 22:54:21 +01:00
8565187138
Added border to generated TOTP QR code
...
To fix QR code not being scannable when in dark mode due to
lack of border matching background of QR code.
Fixes #2925
2021-09-13 14:23:54 +01:00
2eafd8335c
Updated translators for v21.08.3
2021-09-12 16:25:33 +01:00
e2f9089f56
New Crowdin updates ( #2915 )
...
* New translations auth.php (Spanish)
* New translations activities.php (Italian)
* New translations settings.php (Italian)
* New translations entities.php (Italian)
* New translations validation.php (Italian)
* New translations activities.php (Danish)
* New translations auth.php (Danish)
* New translations common.php (Danish)
* New translations settings.php (Danish)
* New translations entities.php (Danish)
* New translations auth.php (Danish)
* New translations common.php (Danish)
* New translations errors.php (Danish)
* New translations validation.php (Danish)
* New translations activities.php (Russian)
* New translations auth.php (French)
* New translations auth.php (French)
* New translations settings.php (French)
* New translations entities.php (French)
* New translations auth.php (French)
2021-09-12 16:25:05 +01:00
ef459ca4c4
Altered the parsing of custom head to prevent htmlentities on content
...
Was causing things like emjoi within script content to be somewhat
mangled. Instead we force UTF8 only parsing via XML declaration.
Added test to cover.
For #2923
2021-09-12 16:19:17 +01:00
fb80bb5d58
Applied latest styleci changes
2021-09-06 22:19:06 +01:00
88c698796b
Fixed issue with HTML tags in custom head scripts
...
Fixes a strange issue of HTML tags within script tags being malformed
when part of the HTML custom head content due to the PHP parsing we do.
DOMDocument seemed to cause this upon load.
Adding LIBXML_SCHEMA_CREATE to the ->loadHTML call seems to fix this but
not really sure why. Doesn't seem to cause further issues though.
Tested with multiple scripts and styles and comments and meta tags.
- Also added new testing class to cover.
- As part of testing, added new folder within tests to house setting
specific tests.
For #2914
2021-09-05 23:52:39 +01:00
d815e1b9f2
Merge branch 'html-filtering'
2021-09-04 14:53:46 +01:00
492af79c27
Added a couple of additional CSP rules
...
As per guidance from google's CSP evaluator.
2021-09-04 14:34:43 +01:00
253f386f00
Finished off script CSP rules
...
- Added caching for custom html head parsing to add nonce.
- Also moved api docs page into web routes to prevent issues.
2021-09-04 13:57:04 +01:00
fd44e4ba74
Started application of CSP headers
2021-09-03 23:32:42 +01:00
040997fdc4
Added filter for xlink:href svg xss
...
Simply remove all such attributes
2021-09-03 22:34:49 +01:00
5e6092aaf8
Added extra HTML filtering of dangerous content
...
In particular, That around the casing of dangerous values within
attributes. This uses some xpath translation to handle different casing
in contains searching.
2021-09-02 22:02:30 +01:00
a579b7da21
Updated translator attribution before release v21.08.1
2021-09-02 21:11:23 +01:00
bc34914ac1
New Crowdin updates ( #2906 )
...
* New translations auth.php (Chinese Simplified)
* New translations auth.php (Chinese Simplified)
* New translations validation.php (Chinese Simplified)
* New translations activities.php (Latvian)
* New translations auth.php (Latvian)
* New translations common.php (Latvian)
* New translations validation.php (Latvian)
* New translations entities.php (Latvian)
* New translations activities.php (Polish)
2021-09-02 21:07:31 +01:00
7028025380
Made the TOTP URL visible during setup
...
Useful for some non-scanner type apps.
Closes #2908
2021-09-01 20:58:19 +01:00
ff494be952
Fixed lack of proper ordering of pages
...
Added test to cover
Fixes #2905
2021-09-01 20:30:02 +01:00
173f728e4a
Updated translator attribution before release v21.08
2021-08-31 22:05:16 +01:00
9772b2f69d
Applied stylci changes
2021-08-31 22:03:51 +01:00
c0f4cf4b5c
Merge branch 'master' of github.com:BookStackApp/BookStack
2021-08-31 21:59:37 +01:00
cc1f46cbf4
New Crowdin updates ( #2893 )
...
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Indonesian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Vietnamese)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Persian)
* New translations settings.php (Slovak)
* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Croatian)
* New translations settings.php (Latvian)
* New translations settings.php (Bosnian)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (German Informal)
* New translations settings.php (Slovenian)
* New translations settings.php (Russian)
* New translations settings.php (French)
* New translations settings.php (German)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Catalan)
* New translations settings.php (Czech)
* New translations settings.php (Danish)
* New translations settings.php (Hebrew)
* New translations settings.php (Portuguese)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Japanese)
* New translations settings.php (Korean)
* New translations settings.php (Dutch)
* New translations settings.php (Polish)
* New translations settings.php (Lithuanian)
* New translations activities.php (German)
* New translations auth.php (German)
* New translations common.php (German)
* New translations settings.php (German)
* New translations validation.php (German)
* New translations settings.php (French)
* New translations validation.php (French)
* New translations activities.php (French)
* New translations auth.php (French)
* New translations common.php (French)
* New translations activities.php (Norwegian Bokmal)
* New translations auth.php (Norwegian Bokmal)
* New translations auth.php (Norwegian Bokmal)
* New translations common.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations validation.php (Norwegian Bokmal)
* New translations auth.php (French)
* New translations entities.php (Chinese Traditional)
* New translations entities.php (Indonesian)
* New translations entities.php (Swedish)
* New translations entities.php (Turkish)
* New translations entities.php (Ukrainian)
* New translations entities.php (Chinese Simplified)
* New translations entities.php (Vietnamese)
* New translations entities.php (Portuguese, Brazilian)
* New translations entities.php (Persian)
* New translations entities.php (Slovak)
* New translations entities.php (Spanish, Argentina)
* New translations entities.php (Croatian)
* New translations entities.php (Latvian)
* New translations entities.php (Bosnian)
* New translations entities.php (Norwegian Bokmal)
* New translations entities.php (German Informal)
* New translations entities.php (Slovenian)
* New translations entities.php (Russian)
* New translations entities.php (French)
* New translations entities.php (German)
* New translations entities.php (Spanish)
* New translations entities.php (Arabic)
* New translations entities.php (Bulgarian)
* New translations entities.php (Catalan)
* New translations entities.php (Czech)
* New translations entities.php (Danish)
* New translations entities.php (Hebrew)
* New translations entities.php (Portuguese)
* New translations entities.php (Hungarian)
* New translations entities.php (Italian)
* New translations entities.php (Japanese)
* New translations entities.php (Korean)
* New translations entities.php (Dutch)
* New translations entities.php (Polish)
* New translations entities.php (Lithuanian)
* New translations entities.php (Spanish)
* New translations settings.php (Chinese Traditional)
* New translations settings.php (Indonesian)
* New translations settings.php (Swedish)
* New translations settings.php (Turkish)
* New translations settings.php (Ukrainian)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Vietnamese)
* New translations settings.php (Portuguese, Brazilian)
* New translations settings.php (Persian)
* New translations settings.php (Slovak)
* New translations settings.php (Spanish, Argentina)
* New translations settings.php (Croatian)
* New translations settings.php (Latvian)
* New translations settings.php (Bosnian)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (German Informal)
* New translations settings.php (Slovenian)
* New translations settings.php (Russian)
* New translations settings.php (French)
* New translations settings.php (German)
* New translations settings.php (Spanish)
* New translations settings.php (Arabic)
* New translations settings.php (Bulgarian)
* New translations settings.php (Catalan)
* New translations settings.php (Czech)
* New translations settings.php (Danish)
* New translations settings.php (Hebrew)
* New translations settings.php (Portuguese)
* New translations settings.php (Hungarian)
* New translations settings.php (Italian)
* New translations settings.php (Japanese)
* New translations settings.php (Korean)
* New translations settings.php (Dutch)
* New translations settings.php (Polish)
* New translations settings.php (Lithuanian)
* New translations settings.php (Spanish)
* New translations activities.php (Persian)
* New translations auth.php (Persian)
* New translations activities.php (Chinese Simplified)
* New translations auth.php (Chinese Simplified)
* New translations activities.php (Chinese Simplified)
* New translations auth.php (Chinese Simplified)
* New translations common.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations validation.php (Chinese Simplified)
* New translations entities.php (Chinese Simplified)
2021-08-31 21:59:26 +01:00
a641b4da2c
Swapped injected db instance with facade
...
Injected db instance was causing the DB connection to be
made a lot earlier than desired or required.
Swapped to a facade for now but ideally this extension of services needs
to be cleaned up with a better approach in general.
2021-08-31 21:50:23 +01:00
4f85ce02c6
Updated php deps again
2021-08-31 20:56:07 +01:00
9eb65dcd78
Updated the login redirect logic to ignore mfa routes
2021-08-31 20:54:43 +01:00
bee5e2c7ca
Added untrusted server fetching control
...
WKHTMLtoPDF provides limited control for external fetching
so that will now be disabled by default unless
ALLOW_UNTRUSTED_SERVER_FETCHING=true is specifically set.
This new option will also control DOMPDF fetching.
2021-08-31 20:22:42 +01:00
8f12c8bc99
Applied styleci changes
2021-08-30 21:32:07 +01:00
2740603d99
Added back email confirmation check in middleware
...
During writing of the update notes, found that the upgrade path would be
tricky from a security point of view. If people were pending email
confirmation but had an active session, they could technically be
actively logged in after the next release.
Added middlware as an extra precaution for now.
2021-08-30 21:28:17 +01:00
07408ec112
Fixes for CodeStyle vol.2
2021-08-30 14:44:52 +02:00
234dd26d22
Fixes for CodeStyle
2021-08-30 14:43:35 +02:00
75749ef336
Fixed SAML logout for ADFS.
2021-08-30 14:35:11 +02:00
3e870c30e1
Updated php deps
2021-08-30 12:03:52 +01:00
8f0d08763a
Merge pull request #2899 from BookStackApp/export_permissions
...
Added role permissions for exporting content
2021-08-28 21:57:11 +01:00
0e7166f7f6
Cleaned up DB usage in migration
2021-08-28 21:55:04 +01:00
7d9de23a25
Applied styleci patches
2021-08-28 21:51:15 +01:00
eda9e89c55
Added role permissions for exporting content
2021-08-28 21:48:17 +01:00
82c6597a60
Added notice for lack of shelf permission cascade
...
Closes #2876
2021-08-28 15:44:44 +01:00
cd35e13024
Added styleci badge
2021-08-24 21:27:21 +01:00
4400ad7e8d
Applied stylci advisories
2021-08-24 21:23:55 +01:00
610ee2c182
Updated markdown task list test to check new list class
...
- Updated to align with custom list item render added yesterday.
2021-08-24 21:09:40 +01:00
4fd5dbcfdd
Updated visual consistency of lists and markdown task list rendering
...
- Numbered and bullet list margins have been made consistent
- Numbered lists margins were increase at some point to handle 3-digit
numbers, Normal bullet margins updated to match this.
- Consistent margin for sub-lists.
- System back-end markdown renderer (For pages) updated with a custom
list item renderer to apply class for to align with front-end renderer.
- This means that task list items will be consistent with the preview
and not render a number/bullet.
- Indentation styles for task list items fixed to be visually indented.
For #2854 and #2837
2021-08-23 22:31:07 +01:00
613228fab2
Fixed issues caused by flex content parent in markdown preview
...
Fixes #2858
2021-08-22 18:30:46 +01:00
a61c9c5e98
Reorgranised blade view files to form a convention
...
- Primarily moved and re-organised view files.
- Included readme within views to document the convention.
- Fixed some issues with page field select list in previous commit.
- Tweaked some route names while going through.
- Split some views out further.
Closes #2805
2021-08-22 13:17:32 +01:00
2036618fbd
Merge branch 'master' of github.com:BookStackApp/BookStack
2021-08-21 20:25:22 +01:00
ce6e25b341
Added lithuanian option to locale system
2021-08-21 20:24:58 +01:00
73ebe571a1
New Crowdin updates ( #2892 )
...
* New translations entities.php (Spanish, Argentina)
* New translations entities.php (German Informal)
* New translations activities.php (Lithuanian)
* New translations settings.php (Lithuanian)
* New translations passwords.php (Lithuanian)
* New translations errors.php (Lithuanian)
* New translations entities.php (Lithuanian)
* New translations common.php (Lithuanian)
* New translations auth.php (Lithuanian)
* New translations validation.php (Spanish, Argentina)
* New translations settings.php (Spanish, Argentina)
* New translations common.php (Spanish, Argentina)
* New translations auth.php (Spanish, Argentina)
* New translations activities.php (Spanish, Argentina)
* New translations validation.php (Lithuanian)
2021-08-21 20:24:31 +01:00
a274406038
Merge pull request #2868 from ffranchina/master
...
Adding Lithuanian language
2021-08-21 20:05:35 +01:00
1a6293ce24
Optimized loading of page/chapter URLs to be a little more efficient
...
- Loaded book_slug as part of chapter/page queries instead of books
being loaded in afterwards.
- Removed unused page method.
- Updated some page queries to load specific attributes.
2021-08-21 19:59:55 +01:00
8db047de70
New Crowdin updates ( #2807 )
...
* New translations entities.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations common.php (Chinese Simplified)
* New translations entities.php (Chinese Simplified)
* New translations settings.php (Portuguese)
* New translations activities.php (Portuguese)
* New translations common.php (Portuguese)
* New translations entities.php (Portuguese)
* New translations settings.php (French)
* New translations entities.php (Latvian)
* New translations common.php (Latvian)
* New translations common.php (Italian)
* New translations settings.php (Italian)
* New translations entities.php (Italian)
* New translations entities.php (German)
* New translations entities.php (Dutch)
* New translations settings.php (German)
* New translations settings.php (Dutch)
* New translations common.php (German)
* New translations common.php (Dutch)
* New translations settings.php (Italian)
* New translations activities.php (Persian)
* New translations activities.php (Persian)
* New translations auth.php (Persian)
* New translations auth.php (Persian)
* New translations validation.php (Persian)
* New translations validation.php (Persian)
* New translations common.php (Persian)
* New translations pagination.php (Persian)
* New translations passwords.php (Persian)
* New translations common.php (Persian)
* New translations components.php (Persian)
* New translations errors.php (Persian)
* New translations errors.php (Persian)
* New translations entities.php (Persian)
* New translations activities.php (Norwegian Bokmal)
* New translations common.php (Norwegian Bokmal)
* New translations entities.php (Norwegian Bokmal)
* New translations errors.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations activities.php (Polish)
* New translations common.php (Polish)
* New translations errors.php (Polish)
* New translations settings.php (Polish)
* New translations activities.php (Czech)
* New translations activities.php (Czech)
* New translations auth.php (Czech)
* New translations common.php (Czech)
* New translations entities.php (Czech)
* New translations errors.php (Czech)
* New translations passwords.php (Czech)
* New translations auth.php (Czech)
* New translations entities.php (Czech)
* New translations settings.php (Czech)
* New translations validation.php (Czech)
* New translations auth.php (Czech)
* New translations auth.php (Czech)
* New translations entities.php (Czech)
* New translations settings.php (Czech)
* New translations components.php (Czech)
* New translations activities.php (Czech)
* New translations activities.php (Indonesian)
* New translations entities.php (Indonesian)
* New translations settings.php (Indonesian)
* New translations errors.php (Vietnamese)
* New translations common.php (Vietnamese)
* New translations activities.php (Chinese Traditional)
* New translations common.php (Chinese Traditional)
* New translations entities.php (Chinese Traditional)
* New translations errors.php (Chinese Traditional)
* New translations errors.php (Chinese Traditional)
* New translations settings.php (Chinese Traditional)
* New translations common.php (Portuguese, Brazilian)
* New translations common.php (Portuguese, Brazilian)
* New translations activities.php (Chinese Traditional)
* New translations common.php (Chinese Simplified)
* New translations activities.php (Ukrainian)
* New translations auth.php (Ukrainian)
* New translations common.php (Ukrainian)
* New translations settings.php (Ukrainian)
* New translations validation.php (Ukrainian)
* New translations activities.php (Chinese Simplified)
* New translations auth.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Turkish)
* New translations validation.php (Chinese Simplified)
* New translations auth.php (Chinese Traditional)
* New translations validation.php (Chinese Traditional)
* New translations activities.php (Vietnamese)
* New translations auth.php (Vietnamese)
* New translations common.php (Vietnamese)
* New translations settings.php (Vietnamese)
* New translations validation.php (Vietnamese)
* New translations validation.php (Turkish)
* New translations common.php (Turkish)
* New translations auth.php (Portuguese, Brazilian)
* New translations auth.php (Slovenian)
* New translations validation.php (Russian)
* New translations activities.php (Slovak)
* New translations auth.php (Slovak)
* New translations common.php (Slovak)
* New translations settings.php (Slovak)
* New translations validation.php (Slovak)
* New translations activities.php (Slovenian)
* New translations common.php (Slovenian)
* New translations auth.php (Turkish)
* New translations settings.php (Slovenian)
* New translations validation.php (Slovenian)
* New translations activities.php (Swedish)
* New translations auth.php (Swedish)
* New translations common.php (Swedish)
* New translations settings.php (Swedish)
* New translations validation.php (Swedish)
* New translations activities.php (Turkish)
* New translations activities.php (Portuguese, Brazilian)
* New translations settings.php (Portuguese, Brazilian)
* New translations common.php (Russian)
* New translations validation.php (Bosnian)
* New translations common.php (Latvian)
* New translations settings.php (Latvian)
* New translations validation.php (Latvian)
* New translations activities.php (Bosnian)
* New translations auth.php (Bosnian)
* New translations common.php (Bosnian)
* New translations settings.php (Bosnian)
* New translations activities.php (Norwegian Bokmal)
* New translations activities.php (Latvian)
* New translations auth.php (Norwegian Bokmal)
* New translations common.php (Norwegian Bokmal)
* New translations settings.php (Norwegian Bokmal)
* New translations validation.php (Norwegian Bokmal)
* New translations activities.php (German Informal)
* New translations auth.php (German Informal)
* New translations common.php (German Informal)
* New translations settings.php (German Informal)
* New translations auth.php (Latvian)
* New translations validation.php (Croatian)
* New translations validation.php (Portuguese, Brazilian)
* New translations settings.php (Persian)
* New translations activities.php (Indonesian)
* New translations auth.php (Indonesian)
* New translations common.php (Indonesian)
* New translations settings.php (Indonesian)
* New translations validation.php (Indonesian)
* New translations activities.php (Persian)
* New translations auth.php (Persian)
* New translations common.php (Persian)
* New translations validation.php (Persian)
* New translations settings.php (Croatian)
* New translations activities.php (Spanish, Argentina)
* New translations auth.php (Spanish, Argentina)
* New translations common.php (Spanish, Argentina)
* New translations settings.php (Spanish, Argentina)
* New translations validation.php (Spanish, Argentina)
* New translations activities.php (Croatian)
* New translations auth.php (Croatian)
* New translations common.php (Croatian)
* New translations settings.php (Russian)
* New translations auth.php (Russian)
* New translations common.php (Chinese Traditional)
* New translations common.php (Czech)
* New translations validation.php (Bulgarian)
* New translations activities.php (Catalan)
* New translations auth.php (Catalan)
* New translations common.php (Catalan)
* New translations settings.php (Catalan)
* New translations validation.php (Catalan)
* New translations auth.php (Czech)
* New translations settings.php (Czech)
* New translations common.php (Bulgarian)
* New translations validation.php (Czech)
* New translations activities.php (Danish)
* New translations auth.php (Danish)
* New translations common.php (Danish)
* New translations settings.php (Danish)
* New translations validation.php (Danish)
* New translations activities.php (German)
* New translations auth.php (German)
* New translations settings.php (Bulgarian)
* New translations auth.php (Bulgarian)
* New translations settings.php (German)
* New translations activities.php (Spanish)
* New translations settings.php (Chinese Traditional)
* New translations common.php (Portuguese, Brazilian)
* New translations activities.php (Czech)
* New translations activities.php (French)
* New translations auth.php (French)
* New translations common.php (French)
* New translations settings.php (French)
* New translations validation.php (French)
* New translations auth.php (Spanish)
* New translations activities.php (Bulgarian)
* New translations common.php (Spanish)
* New translations settings.php (Spanish)
* New translations validation.php (Spanish)
* New translations activities.php (Arabic)
* New translations auth.php (Arabic)
* New translations common.php (Arabic)
* New translations settings.php (Arabic)
* New translations validation.php (Arabic)
* New translations common.php (German)
* New translations validation.php (German)
* New translations activities.php (Russian)
* New translations activities.php (Polish)
* New translations settings.php (Korean)
* New translations validation.php (Korean)
* New translations activities.php (Dutch)
* New translations auth.php (Dutch)
* New translations common.php (Dutch)
* New translations settings.php (Dutch)
* New translations validation.php (Dutch)
* New translations auth.php (Polish)
* New translations auth.php (Korean)
* New translations common.php (Polish)
* New translations settings.php (Polish)
* New translations validation.php (Polish)
* New translations activities.php (Portuguese)
* New translations auth.php (Portuguese)
* New translations common.php (Portuguese)
* New translations settings.php (Portuguese)
* New translations validation.php (Portuguese)
* New translations common.php (Korean)
* New translations activities.php (Korean)
* New translations activities.php (Hebrew)
* New translations validation.php (Hungarian)
* New translations auth.php (Hebrew)
* New translations common.php (Hebrew)
* New translations settings.php (Hebrew)
* New translations validation.php (Hebrew)
* New translations activities.php (Hungarian)
* New translations auth.php (Hungarian)
* New translations common.php (Hungarian)
* New translations settings.php (Hungarian)
* New translations activities.php (Italian)
* New translations validation.php (Japanese)
* New translations auth.php (Italian)
* New translations common.php (Italian)
* New translations settings.php (Italian)
* New translations validation.php (Italian)
* New translations activities.php (Japanese)
* New translations auth.php (Japanese)
* New translations common.php (Japanese)
* New translations settings.php (Japanese)
* New translations validation.php (German Informal)
* New translations activities.php (Spanish)
* New translations auth.php (Spanish)
* New translations common.php (Spanish)
* New translations settings.php (Spanish)
* New translations validation.php (Spanish)
2021-08-21 18:57:32 +01:00
