ba6b39b7b2
Add two <meta> tags
...
- Add a description, since this can be useful
in browser's histories
- Add a viewport, making it less worse to use
airsonic on a super-small screen
5 years ago
883022d81a
Remove script.aculo.us dependency
...
It's not used anywhere, using an old version,
and the project doesn't seem to be maintained anyway.
5 years ago
910802b64f
Fix a small resource leak
5 years ago
2f9046d6b4
Fix a xss and clean up some js
...
- Fix a stupid self-XSS. I doubt that there are ways to
use it against other users, but well, better safe than sorry
- Replace the javascript-on-focus hacks with the `autofocus` attribute
5 years ago
54e1237320
Exclude new spring 5.0.5 cve
5 years ago
8a1f36c792
Revert change to DWR fixes #923
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
5 years ago
39b9eab715
Simplify a bit the css
5 years ago
0b72acefed
Oups
5 years ago
fa5ffdc07a
Remove the external fonts usage
...
This is a radical (and simple) solution
to #853 , #399 , #439 , #174 and partially #712 .
5 years ago
45ef973627
Fix a javascript null-deref
...
This commit should fix the following javascript crash that
may occur if the localstorage isn't available/supported by the browser:
```
more.view:140 Uncaught TypeError: Cannot read property 'playCountValue' of null
at loadShuffleForm (more.view:140)
at HTMLDocument.<anonymous> (more.view:181)
at n (jquery-1.7.1.min.js:2)
at Object.fireWith (jquery-1.7.1.min.js:2)
at Function.ready (jquery-1.7.1.min.js:2)
at HTMLDocument.B (jquery-1.7.1.min.js:2)
```
Signed-off-by: jvoisin <julien.voisin@dustri.org>
5 years ago
0a47c6e461
Bump java-jwt
...
Signed-off-by: jvoisin <julien.voisin@dustri.org>
5 years ago
4e2b435abf
Bump cglib version
...
Signed-off-by: jvoisin <julien.voisin@dustri.org>
5 years ago
4de26ac319
Remove pngfix
...
pngfix.js is used for compatibility's reason
with IE 5 and 6. I think that now that we're in 2019,
we can get rid of it.
Signed-off-by: jvoisin <julien.voisin@dustri.org>
5 years ago
f501bfd5e1
Remove momentjs
...
MomentJS was only used in a single javascript function,
to do Seconds → (Minutes, Seconds). This commit
replaces this with a hand-rolled version, and removes
MomentJS.
Signed-off-by: jvoisin <julien.voisin@dustri.org>
5 years ago
0d78c30d06
Change a couple more log entries to debug
5 years ago
2c1b5205e8
Write new db maintenance logs as 'debug' instead of 'info'
5 years ago
7510b04efc
Make checkpoint() method void (return value is not used)
5 years ago
8c46d39569
Do not log message about hsqldb-defrag migration on each launch
...
The FILES DEFRAG / FILES LOG SIZE properties are kept when upgrading to
2.x; it's enough that they were set once on 1.8. For new installations
the migration will still run with the correct SQL statements.
5 years ago
b753e48632
Log more information when running the 'cleanup db' action
5 years ago
76e8abd219
Move HSQLDB checkpoint/shutdown to a bean specific to the legacy profile
5 years ago
b88bdb37c9
Properly shutdown embedded HSQLDB database on exit
5 years ago
54e444b03c
Make CHECKPOINT / DEFRAG syntax work for both HSQLDB 1 & 2
5 years ago
c79c02d449
Updated CHECKPOINT / DEFRAG syntax for HSQLDB 2.
...
Signed-off-by: Iwao AVE! <harawata@gmail.com>
5 years ago
c0f3606091
Force database checkpoints on 'Clean-up' and 'Scan' actions
...
This will only affect the (embedded/legacy) HSQLDB driver. Even though
cff97ea9
5 years ago
1a88f46c18
CVE-2018-20222 Prevent xxe during parse
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
5 years ago
faedfd8a62
Bump version to 10.3.0-SNAPSHOT
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
5 years ago
a16b89e0ac
Bump to version 10.2.0-RELEASE
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
5 years ago
3e6d224550
#1 CVE-2018-1000840
...
stax-api-1.0.1.jar
stax-api-1.0-2.jar
5 years ago
6023d4c0bc
fix #748
5 years ago
7327353704
Pull translations from transifex
6 years ago
8127b4f7fa
Fix #860 (external database performance) by using connection pooling … ( #864 )
...
* Fix #860 (external database performance) by using connection pooling (using commons-dbcp2)
6 years ago
d6ba6de7e1
Run a first defrag before enabling auto defrag on HSQLDB
6 years ago
21eff917b6
PlayQueue: Fix broken keyboard shortcuts
...
Using the "space" key to resume playback, as well as +/- to
increase/decrease volume, were not working properly.
6 years ago
ac0e29bf9c
Remove unused import
6 years ago
61c0c0d758
Fix import style error
6 years ago
ee4cb71052
Ignore CVE-2018-8088 related to slf4j ext
6 years ago
cff97ea9be
Fix #778 : Defragment embedded HSQLDB database more frequently
6 years ago
ac453883fc
jukebox code quality and unit tests
6 years ago
94f4a85bb7
Suppress CVE-2018-8088
6 years ago
f2339e0942
Change zip to java.util
6 years ago
9d33ec255b
Declare used and remove unused dependencies
6 years ago
86e58cea3a
Update dependencies in airsonic-main
6 years ago
77ca475fbe
Add additional suppression
6 years ago
f3cc48f8cb
Suppress vulnerabilities file
6 years ago
51f17675d5
Update plugins
6 years ago
fb18862db4
Fix extraneous closing tag
6 years ago
af93f1eed1
Correct corrupted downloaded zip
...
Prevent the zipping of twice the same file (resulting in an error and a corrupted zip on Linux) when the cover is embedded in tags
6 years ago
16b22f3501
- Correct test for use not a hardcoded value but the referenced value. The first in select on multi value didn't ordered is not assured.
6 years ago
fec8f0ba95
Update favicons in webapp
6 years ago
5202845373
Bump version of guava to deal with CVE-2018-10237
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
6 years ago
jvoisin
Andrew DeMaria
François-Xavier Thomas
Iwao AVE!
tesshu
jo
Frank de Lange
Rémi Cocula
randomnicode
Benz0X
Michel Néron
Arne Schlüter