airsonic-custom

Commit Graph

Author	SHA1	Message	Date
jvoisin	258c68dd4d	Remove the embedded copy of appbundler	7 years ago
Andrew DeMaria	f04ec61d0f	Merge remote-tracking branch 'airsonic/pr/958'	7 years ago
Andrew DeMaria	58f4dfdb2e	Merge remote-tracking branch 'airsonic/pr/957'	7 years ago
Andrew DeMaria	a59e8e4a9f	Merge remote-tracking branch 'airsonic/pr/956'	7 years ago
Andrew DeMaria	afb9c6bfb7	Merge remote-tracking branch 'airsonic/pr/954'	7 years ago
Andrew DeMaria	1daa6cff6e	Merge remote-tracking branch 'airsonic/pr/952'	7 years ago
Andrew DeMaria	72609a8d0c	Merge remote-tracking branch 'airsonic/pr/950'	7 years ago
Andrew DeMaria	c460a16628	Merge remote-tracking branch 'airsonic/pr/928'	7 years ago
jvoisin	aff7bd3d57	Remove webfx stuff, since they're apparently not used The only place where the string `webfx` is mentioned was in playQueue.jsp, to include a small css file, twice, that only applies to webfx components, that aren't used anywhere in the codebase.	7 years ago
jvoisin	db2592a84b	Delete AC_OETags.js since it's not used anywhere	7 years ago
jvoisin	c9212805be	Remove jquery-contextmenu since it's not used anywhere	7 years ago
jvoisin	87442320fc	Try to run jkd9 on travis-ci	7 years ago
jvoisin	d35834c0e7	Fix a bunch of dom-based xss This should close #633	7 years ago
jvoisin	0d6cbb60ed	Use https for external links	7 years ago
jvoisin	ab1690b1fe	Don't display the title if it's empty	7 years ago
Andrew DeMaria	83882b18d9	Merge remote-tracking branch 'airsonic/pr/919'	7 years ago
Andrew DeMaria	81835aa589	Merge remote-tracking branch 'airsonic/pr/934'	7 years ago
Andrew DeMaria	f8f5c4a6bf	Merge remote-tracking branch 'airsonic/pr/936'	7 years ago
Andrew DeMaria	b73ab9c45e	Merge remote-tracking branch 'airsonic/pr/949'	7 years ago
Andrew DeMaria	78ee5bd1da	Merge remote-tracking branch 'airsonic/pr/948'	7 years ago
Andrew DeMaria	221a0ed933	Merge remote-tracking branch 'airsonic/pr/945'	7 years ago
jvoisin	ac1c887698	Remove Google+ relics Google+ is dead: https://developers.google.com/+/	7 years ago
jvoisin	cb0866d5fd	Download dependencies via https on download.java.net	7 years ago
Andrew DeMaria	edd097ad5b	Add a couple of static analysis badges	7 years ago
jvoisin	5edebf7885	Remove inline javascript on the `cancel` buttons The inline javascript used with the cancel buttons was only used to change the location. Instead of doing this, it's easier to wrap the button in a tag. This is related to #909.	7 years ago
Andrew DeMaria	cd45717256	Merge remote-tracking branch 'airsonic/pr/938'	7 years ago
Andrew DeMaria	570abe69d5	Merge remote-tracking branch 'airsonic/pr/939'	7 years ago
Andrew DeMaria	d5500ce3d2	Merge remote-tracking branch 'airsonic/pr/941'	7 years ago
Andrew DeMaria	41a5ae06d5	Merge remote-tracking branch 'airsonic/pr/922'	7 years ago
Andrew DeMaria	6613bd86d5	Merge remote-tracking branch 'airsonic/pr/907'	7 years ago
Andrew DeMaria	c9a209fd8f	Merge remote-tracking branch 'airsonic/pr/943'	7 years ago
Andrew DeMaria	2b0fe25eff	Merge remote-tracking branch 'airsonic/pr/946'	7 years ago
jvoisin	ba6b39b7b2	Add two <meta> tags - Add a description, since this can be useful in browser's histories - Add a viewport, making it less worse to use airsonic on a super-small screen	7 years ago
jvoisin	4d5680931c	Add the dates of the releases to the changelog	7 years ago
jvoisin	883022d81a	Remove script.aculo.us dependency It's not used anywhere, using an old version, and the project doesn't seem to be maintained anyway.	7 years ago
jvoisin	910802b64f	Fix a small resource leak	7 years ago
jvoisin	2f9046d6b4	Fix a xss and clean up some js - Fix a stupid self-XSS. I doubt that there are ways to use it against other users, but well, better safe than sorry - Replace the javascript-on-focus hacks with the `autofocus` attribute	7 years ago
François-Xavier Thomas	bcc5f8d7a6	Fix StringIndexOutOfBounds errors thrown by DWR/YUI	7 years ago
jvoisin	61c842923a	Generate new passwords in a secure way Previously, lost passwords were generated via org.apache.commons.lang.RandomStringUtils, which is using java.util.Random internally. This PRNG is has a 48-bit seed, that can easily be bruteforced if an attacker is able to get the PRNG's output, for example but resetting their own account multiple times, leading to trivial privileges escalation attacks. This commit makes use of java.security.SecureRandom instead.	7 years ago
Andrew DeMaria	e330eeb864	Remove coverity integration - not working	7 years ago
Andrew DeMaria	4e73266a7f	Add travis ci badge	7 years ago
Andrew DeMaria	897de26886	Remove comment	7 years ago
Andrew DeMaria	bc0bfdf481	Update scan token Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>	7 years ago
Andrew DeMaria	fb0079d3c0	Merge remote-tracking branch 'origin/pr/932'	7 years ago
Andrew DeMaria	54e1237320	Exclude new spring 5.0.5 cve	7 years ago
Andrew DeMaria	5dc96ba011	Add coverity badge	7 years ago
jvoisin	6f3c3312ee	Add coverity scan to travis	7 years ago
Andrew DeMaria	8a1f36c792	Revert change to DWR fixes #923 Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>	7 years ago
jvoisin	39b9eab715	Simplify a bit the css	7 years ago
jvoisin	0b72acefed	Oups	7 years ago

1 2 3 4 5 ...

882 Commits (258c68dd4d7b20afe33070c53a073fb34bd3337b) All Branches Search

882 Commits (258c68dd4d7b20afe33070c53a073fb34bd3337b)

All Branches