882 Commity (ec8fdb0df1554aa37bd78c1f8e7b068008c9b248)

 

Wszystkie gałęzie   

Szukaj

Autor	SHA1	Wiadomość	Data
jvoisin	ec8fdb0df1	Remove the unused embedded copy of sbbi-upnplib	6 lat temu
Andrew DeMaria	f04ec61d0f	Merge remote-tracking branch 'airsonic/pr/958'	6 lat temu
Andrew DeMaria	58f4dfdb2e	Merge remote-tracking branch 'airsonic/pr/957'	6 lat temu
Andrew DeMaria	a59e8e4a9f	Merge remote-tracking branch 'airsonic/pr/956'	6 lat temu
Andrew DeMaria	afb9c6bfb7	Merge remote-tracking branch 'airsonic/pr/954'	6 lat temu
Andrew DeMaria	1daa6cff6e	Merge remote-tracking branch 'airsonic/pr/952'	6 lat temu
Andrew DeMaria	72609a8d0c	Merge remote-tracking branch 'airsonic/pr/950'	6 lat temu
Andrew DeMaria	c460a16628	Merge remote-tracking branch 'airsonic/pr/928'	6 lat temu
jvoisin	aff7bd3d57	Remove webfx stuff, since they're apparently not used ... The only place where the string `webfx` is mentioned was in playQueue.jsp, to include a small css file, twice, that only applies to webfx components, that aren't used anywhere in the codebase.	6 lat temu
jvoisin	db2592a84b	Delete AC_OETags.js since it's not used anywhere	6 lat temu
jvoisin	c9212805be	Remove jquery-contextmenu since it's not used anywhere	6 lat temu
jvoisin	87442320fc	Try to run jkd9 on travis-ci	6 lat temu
jvoisin	d35834c0e7	Fix a bunch of dom-based xss ... This should close #633	6 lat temu
jvoisin	0d6cbb60ed	Use https for external links	6 lat temu
jvoisin	ab1690b1fe	Don't display the title if it's empty	6 lat temu
Andrew DeMaria	83882b18d9	Merge remote-tracking branch 'airsonic/pr/919'	6 lat temu
Andrew DeMaria	81835aa589	Merge remote-tracking branch 'airsonic/pr/934'	6 lat temu
Andrew DeMaria	f8f5c4a6bf	Merge remote-tracking branch 'airsonic/pr/936'	6 lat temu
Andrew DeMaria	b73ab9c45e	Merge remote-tracking branch 'airsonic/pr/949'	6 lat temu
Andrew DeMaria	78ee5bd1da	Merge remote-tracking branch 'airsonic/pr/948'	6 lat temu
Andrew DeMaria	221a0ed933	Merge remote-tracking branch 'airsonic/pr/945'	6 lat temu
jvoisin	ac1c887698	Remove Google+ relics ... Google+ is dead: https://developers.google.com/+/	6 lat temu
jvoisin	cb0866d5fd	Download dependencies via https on download.java.net	6 lat temu
Andrew DeMaria	edd097ad5b	Add a couple of static analysis badges	6 lat temu
jvoisin	5edebf7885	Remove inline javascript on the `cancel` buttons ... The inline javascript used with the cancel buttons was only used to change the location. Instead of doing this, it's easier to wrap the button in a tag. This is related to #909.	6 lat temu
Andrew DeMaria	cd45717256	Merge remote-tracking branch 'airsonic/pr/938'	6 lat temu
Andrew DeMaria	570abe69d5	Merge remote-tracking branch 'airsonic/pr/939'	6 lat temu
Andrew DeMaria	d5500ce3d2	Merge remote-tracking branch 'airsonic/pr/941'	6 lat temu
Andrew DeMaria	41a5ae06d5	Merge remote-tracking branch 'airsonic/pr/922'	6 lat temu
Andrew DeMaria	6613bd86d5	Merge remote-tracking branch 'airsonic/pr/907'	6 lat temu
Andrew DeMaria	c9a209fd8f	Merge remote-tracking branch 'airsonic/pr/943'	6 lat temu
Andrew DeMaria	2b0fe25eff	Merge remote-tracking branch 'airsonic/pr/946'	6 lat temu
jvoisin	ba6b39b7b2	Add two <meta> tags ... - Add a description, since this can be useful in browser's histories - Add a viewport, making it less worse to use airsonic on a super-small screen	6 lat temu
jvoisin	4d5680931c	Add the dates of the releases to the changelog	6 lat temu
jvoisin	883022d81a	Remove script.aculo.us dependency ... It's not used anywhere, using an old version, and the project doesn't seem to be maintained anyway.	6 lat temu
jvoisin	910802b64f	Fix a small resource leak	6 lat temu
jvoisin	2f9046d6b4	Fix a xss and clean up some js ... - Fix a stupid self-XSS. I doubt that there are ways to use it against other users, but well, better safe than sorry - Replace the javascript-on-focus hacks with the `autofocus` attribute	6 lat temu
François-Xavier Thomas	bcc5f8d7a6	Fix StringIndexOutOfBounds errors thrown by DWR/YUI	6 lat temu
jvoisin	61c842923a	Generate new passwords in a secure way ... Previously, lost passwords were generated via org.apache.commons.lang.RandomStringUtils, which is using java.util.Random internally. This PRNG is has a 48-bit seed, that can easily be bruteforced if an attacker is able to get the PRNG's output, for example but resetting their own account multiple times, leading to trivial privileges escalation attacks. This commit makes use of java.security.SecureRandom instead.	6 lat temu
Andrew DeMaria	e330eeb864	Remove coverity integration - not working	6 lat temu
Andrew DeMaria	4e73266a7f	Add travis ci badge	6 lat temu
Andrew DeMaria	897de26886	Remove comment	6 lat temu
Andrew DeMaria	bc0bfdf481	Update scan token ... Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>	6 lat temu
Andrew DeMaria	fb0079d3c0	Merge remote-tracking branch 'origin/pr/932'	6 lat temu
Andrew DeMaria	54e1237320	Exclude new spring 5.0.5 cve	6 lat temu
Andrew DeMaria	5dc96ba011	Add coverity badge	6 lat temu
jvoisin	6f3c3312ee	Add coverity scan to travis	6 lat temu
Andrew DeMaria	8a1f36c792	Revert change to DWR fixes #923 ... Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>	6 lat temu
jvoisin	39b9eab715	Simplify a bit the css	6 lat temu
jvoisin	0b72acefed	Oups	6 lat temu