jvoisin
ba6b39b7b2
Add two <meta> tags
...
- Add a description, since this can be useful
in browser's histories
- Add a viewport, making it less worse to use
airsonic on a super-small screen
6 years ago
jvoisin
883022d81a
Remove script.aculo.us dependency
...
It's not used anywhere, using an old version,
and the project doesn't seem to be maintained anyway.
6 years ago
jvoisin
910802b64f
Fix a small resource leak
6 years ago
jvoisin
2f9046d6b4
Fix a xss and clean up some js
...
- Fix a stupid self-XSS. I doubt that there are ways to
use it against other users, but well, better safe than sorry
- Replace the javascript-on-focus hacks with the `autofocus` attribute
6 years ago
Andrew DeMaria
54e1237320
Exclude new spring 5.0.5 cve
6 years ago
Andrew DeMaria
8a1f36c792
Revert change to DWR fixes #923
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
6 years ago
jvoisin
39b9eab715
Simplify a bit the css
6 years ago
jvoisin
0b72acefed
Oups
6 years ago
jvoisin
fa5ffdc07a
Remove the external fonts usage
...
This is a radical (and simple) solution
to #853 , #399 , #439 , #174 and partially #712 .
6 years ago
jvoisin
45ef973627
Fix a javascript null-deref
...
This commit should fix the following javascript crash that
may occur if the localstorage isn't available/supported by the browser:
```
more.view:140 Uncaught TypeError: Cannot read property 'playCountValue' of null
at loadShuffleForm (more.view:140)
at HTMLDocument.<anonymous> (more.view:181)
at n (jquery-1.7.1.min.js:2)
at Object.fireWith (jquery-1.7.1.min.js:2)
at Function.ready (jquery-1.7.1.min.js:2)
at HTMLDocument.B (jquery-1.7.1.min.js:2)
```
Signed-off-by: jvoisin <julien.voisin@dustri.org>
6 years ago
jvoisin
0a47c6e461
Bump java-jwt
...
Signed-off-by: jvoisin <julien.voisin@dustri.org>
6 years ago
jvoisin
4e2b435abf
Bump cglib version
...
Signed-off-by: jvoisin <julien.voisin@dustri.org>
6 years ago
jvoisin
4de26ac319
Remove pngfix
...
pngfix.js is used for compatibility's reason
with IE 5 and 6. I think that now that we're in 2019,
we can get rid of it.
Signed-off-by: jvoisin <julien.voisin@dustri.org>
6 years ago
jvoisin
f501bfd5e1
Remove momentjs
...
MomentJS was only used in a single javascript function,
to do Seconds → (Minutes, Seconds). This commit
replaces this with a hand-rolled version, and removes
MomentJS.
Signed-off-by: jvoisin <julien.voisin@dustri.org>
6 years ago
Andrew DeMaria
0d78c30d06
Change a couple more log entries to debug
6 years ago
François-Xavier Thomas
2c1b5205e8
Write new db maintenance logs as 'debug' instead of 'info'
6 years ago
François-Xavier Thomas
7510b04efc
Make checkpoint() method void (return value is not used)
6 years ago
François-Xavier Thomas
8c46d39569
Do not log message about hsqldb-defrag migration on each launch
...
The FILES DEFRAG / FILES LOG SIZE properties are kept when upgrading to
2.x; it's enough that they were set once on 1.8. For new installations
the migration will still run with the correct SQL statements.
6 years ago
François-Xavier Thomas
b753e48632
Log more information when running the 'cleanup db' action
6 years ago
François-Xavier Thomas
76e8abd219
Move HSQLDB checkpoint/shutdown to a bean specific to the legacy profile
6 years ago
François-Xavier Thomas
b88bdb37c9
Properly shutdown embedded HSQLDB database on exit
6 years ago
François-Xavier Thomas
54e444b03c
Make CHECKPOINT / DEFRAG syntax work for both HSQLDB 1 & 2
6 years ago
Iwao AVE!
c79c02d449
Updated CHECKPOINT / DEFRAG syntax for HSQLDB 2.
...
Signed-off-by: Iwao AVE! <harawata@gmail.com>
6 years ago
François-Xavier Thomas
c0f3606091
Force database checkpoints on 'Clean-up' and 'Scan' actions
...
This will only affect the (embedded/legacy) HSQLDB driver. Even though
cff97ea9
should prevent the db log from getting uncontrollably large,
the 'Clean-up database' and 'Scan' actions will additionally force a
checkpoint to ensure this happens on big operations.
6 years ago
Andrew DeMaria
1a88f46c18
CVE-2018-20222 Prevent xxe during parse
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
6 years ago
Andrew DeMaria
faedfd8a62
Bump version to 10.3.0-SNAPSHOT
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
6 years ago
Andrew DeMaria
a16b89e0ac
Bump to version 10.2.0-RELEASE
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
6 years ago
tesshu
3e6d224550
#1 CVE-2018-1000840
...
stax-api-1.0.1.jar
stax-api-1.0-2.jar
6 years ago
tesshu
6023d4c0bc
fix #748
6 years ago
jo
7327353704
Pull translations from transifex
6 years ago
Frank de Lange
8127b4f7fa
Fix #860 (external database performance) by using connection pooling … ( #864 )
...
* Fix #860 (external database performance) by using connection pooling (using commons-dbcp2)
6 years ago
François-Xavier Thomas
d6ba6de7e1
Run a first defrag before enabling auto defrag on HSQLDB
6 years ago
François-Xavier Thomas
21eff917b6
PlayQueue: Fix broken keyboard shortcuts
...
Using the "space" key to resume playback, as well as +/- to
increase/decrease volume, were not working properly.
6 years ago
Andrew DeMaria
ac0e29bf9c
Remove unused import
6 years ago
Andrew DeMaria
61c0c0d758
Fix import style error
6 years ago
Andrew DeMaria
ee4cb71052
Ignore CVE-2018-8088 related to slf4j ext
6 years ago
François-Xavier Thomas
cff97ea9be
Fix #778 : Defragment embedded HSQLDB database more frequently
6 years ago
Rémi Cocula
ac453883fc
jukebox code quality and unit tests
6 years ago
randomnicode
94f4a85bb7
Suppress CVE-2018-8088
6 years ago
randomnicode
f2339e0942
Change zip to java.util
6 years ago
randomnicode
9d33ec255b
Declare used and remove unused dependencies
6 years ago
randomnicode
86e58cea3a
Update dependencies in airsonic-main
6 years ago
randomnicode
77ca475fbe
Add additional suppression
6 years ago
randomnicode
f3cc48f8cb
Suppress vulnerabilities file
6 years ago
randomnicode
51f17675d5
Update plugins
6 years ago
Andrew DeMaria
fb18862db4
Fix extraneous closing tag
6 years ago
Benz0X
af93f1eed1
Correct corrupted downloaded zip
...
Prevent the zipping of twice the same file (resulting in an error and a corrupted zip on Linux) when the cover is embedded in tags
6 years ago
Michel Néron
16b22f3501
- Correct test for use not a hardcoded value but the referenced value. The first in select on multi value didn't ordered is not assured.
6 years ago
Arne Schlüter
fec8f0ba95
Update favicons in webapp
6 years ago
Andrew DeMaria
5202845373
Bump version of guava to deal with CVE-2018-10237
...
Signed-off-by: Andrew DeMaria <lostonamountain@gmail.com>
6 years ago