8be0746bd4
Bump to 10.4.0 SNAPSHOT
7 anos atrás
7203d4ba6b
One more changelog update
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 anos atrás
53142c8702
Merge remote-tracking branch 'origin/pr/1062'
7 anos atrás
f1831820f4
Update docker base image
7 anos atrás
493a53b418
Merge remote-tracking branch 'origin/pr/930'
7 anos atrás
6729838030
Changelog updates for 10.3.0
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 anos atrás
bec5cec4a2
Merge remote-tracking branch 'origin/pr/930'
7 anos atrás
1090348b0e
Use the version number in jquery-ui's css path
7 anos atrás
0a1164966d
Merge remote-tracking branch 'origin/pr/1032'
7 anos atrás
cdd307d86f
Merge remote-tracking branch 'origin/pr/1042'
7 anos atrás
1e89890223
Merge remote-tracking branch 'origin/pr/1038'
7 anos atrás
33bf68aaa5
Add a password settings testcase ( #1058 )
...
* Add a simple testcase
This commit was done to understand how JUnit
and its friends are working. Expect more useful tests
in the future ;)
* Factorise a bit the tests
7 anos atrás
27ee009b69
[ci skip] Better readability in .gitlab-ci.yml
7 anos atrás
ce7671bf5e
Add the required keyword to some forms
...
This should improve a bit the accessibility.
7 anos atrás
6d294a770b
Replace the usage of prototypejs with jquery in changeCoverArt.jsp
...
This change was successfully tested on Chromium and Firefox.
7 anos atrás
bf5f8cb713
Factorize scripts-2.0.js into utils.js
...
No need to include two different and super-small javascript "utils" files.
7 anos atrás
f3b2c2ea7a
Add a missing taglib to homePager.jsp
...
The missing taglib is confusing coverity a bit,
and I think that it's a good practise to add it
anyway.
7 anos atrás
3cfe2b31a1
Move some cast-related inline js to an external file
...
There is no point in having such a massive
blob of javascript inline in the page.
7 anos atrás
7b628ed8dd
Merge remote-tracking branch 'origin/pr/1056'
7 anos atrás
58daacd9ab
Jetty is only used by developers, and never in production
...
So we're free to completely ignore CVE against it.
7 anos atrás
2c3ba680d8
[ci skip] Add Java version in issue template
7 anos atrás
ab03526620
Fix two NULL-deref
7 anos atrás
f57ad3f27b
Fix typo in anonymous user name ( #663 )
7 anos atrás
ac0a722a10
Merge remote-tracking branch 'airsonic/pr/990'
7 anos atrás
b51cdc1c5c
Merge remote-tracking branch 'airsonic/pr/1028'
7 anos atrás
4537495baf
Merge remote-tracking branch 'airsonic/pr/1012'
7 anos atrás
3cdecb87f4
Merge remote-tracking branch 'airsonic/pr/1037'
7 anos atrás
8a90d9f77b
Add system properties for persisting the 'remember me' key
...
This adds the 'airsonic.rememberMeKey' system property (can be set from
command-line with `-Dairsonic.rememberMeKey=<value>`) as well as a
'RememberMeKey' setting in airsonic.properties, so that the key used for
generating 'remember me' tokens can be persisted across server restarts.
It also adds a default, insecure key in case we are running in
development mode with the 'airsonic.development' property set.
7 anos atrás
3ee6fefe11
Bump jQuery/jquery-ui to the latest versions
...
I bumped it first to 2.X with jQuery migrate, played around but didn't manage
to trigger any warning. So I bumped it again to the latest available version,
jQuery 3.4.0, which isn't triggering useful warnings either.
7 anos atrás
b663a2fb90
Fix a stored XSS
7 anos atrás
348c698e35
Remove the /db page
...
This page wasn't linked anywhere, and was
allowing an administrator to issue arbitrary sql
comments, and was vulnerable to reflected XSS.
We should get rid of it. If you really want to issue
SQL commands, just ssh to your instance and do it from here.
7 anos atrás
d3970a5c62
Fix various minor issues found by LGTM
...
- Unnecessary boxing
- Integer overflow
- Path traversal via zip
- Dangerous synchronization pattern
7 anos atrás
a911ebab80
Merge remote-tracking branch 'origin/pr/1027'
7 anos atrás
df352d8cb0
Fix #611 Add support for Java 9 and greater
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 anos atrás
2162250101
Revert "Minor frameset-related factorization"
...
This reverts commit e69287cfe6
7 anos atrás
925ecdaa03
Add a gitlab-ci file
7 anos atrás
3d54ef1afb
Mark the player cookie httpOnly
...
It doesn't improve much security-wise,
but it's a good practise anyway.
7 anos atrás
8f608485cb
Fix a typo
7 anos atrás
8123716d52
Remove unused loggers
7 anos atrás
4a06823057
Balance some synchronized
...
Balance synchronized used on getters and not setters
as well as the other way around.
7 anos atrás
d2f40b710b
Fix a possible stacktrace on RandomPlayQueue
7 anos atrás
a14c8549fa
Merge remote-tracking branch 'origin/pr/963'
7 anos atrás
a3e59e9724
Fix file encoding
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 anos atrás
e5c36d9854
Fix variable name
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 anos atrás
d8a5d1afad
Merge remote-tracking branch 'origin/pr/1034'
7 anos atrás
afc2f58ac5
Merge remote-tracking branch 'origin/pr/1036'
7 anos atrás
ab07462530
Update tomcat to 8.5.40
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
7 anos atrás
820a4faec2
Avoid logging sensitive URL parameters in the Subsonic API
...
In case of exceptions, Airsonic logs the full URL that triggered it
since 417583cc
7 anos atrás
41408bc2c3
Replace the double-mustache anti-pattern
...
Because Double Brace Initialization (DBI) creates an anonymous class with a
reference to the instance of the owning object, its use can lead to memory
leaks if the anonymous inner class is returned and held by other objects. Even
when there's no leak, DBI is so obscure that it's bound to confuse most
maintainers.
7 anos atrás
c6825cf0d7
Minor refactorization of two methods in AbstractDao
7 anos atrás
Andrew DeMaria
jvoisin
jvoisin
Jonas L
François-Xavier Thomas