Mirrors/sysPass
2
0
Fork 0
mirror of https://github.com/nuxsmin/sysPass.git synced 2026-03-03 07:04:07 +01:00
Code Issues Packages Projects Releases Wiki Activity
1,657 Commits 12 Branches 142 Tags
master
Commit Graph

323 Commits

Author SHA1 Message Date
RubénD
9d0e169d21 Merge pull request #1856 
* fix: Encode XSS related characters and strip tags.
 2022-07-02 07:48:11 +02:00
RubénD
c39b60c2a7 Merge pull request #1853 
* fix: Encode special characters using regex.

* chore: Bump version number.
 2022-07-01 08:14:33 +02:00
RubénD
1be83de9b2 Merge pull request #1846 
* chore: Set X-Frame options and CSP. Thanks to @lengochoa7112000 !!

* chore: Update dependencies.

* chore: Bump version number.
 2022-06-25 09:43:52 +02:00
RubénD
0ea0a13860 fix: Add missing tables to tables list. (#1843) 
Thanks to @Jonher937 for the notice!!
Closes #1786.

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2022-06-18 18:01:42 +02:00
RubénD
36d0c8861e Fix/url regex (#1842) 
* fix: Tweak URL's regex to avoid XSS.

Thanks to @rgavilan for the feedback!
Closes #1840.

Signed-off-by: Rubén D <nuxsmin@syspass.org>

* chore: Update dependencies.

Signed-off-by: Rubén D <nuxsmin@syspass.org>

* chore: Use `ENT_QUOTES` flag for all `htmlspecialchars` calls.

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2022-06-18 09:50:59 +02:00
RubénD
b1e7edd761 fix: Return safe url for accounts. (#1839) 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2022-06-16 08:32:21 +02:00
RubénD
4da4d03173 fix: Fix XSS on some URLs (#1832) 
* fix: Fix XSS when displaying URL on search account view.

Signed-off-by: Rubén D <nuxsmin@syspass.org>

* fix: Fix XSS when displaying URL on account view.

Signed-off-by: Rubén D <nuxsmin@syspass.org>

* fix: Fix XSS when displaying some URLs.

Signed-off-by: Rubén D <nuxsmin@syspass.org>

* fix: Fix XSS when displaying some URLs.

Signed-off-by: Rubén D <nuxsmin@syspass.org>

* chore: Bump version number.

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2022-06-04 09:39:22 +02:00
RubénD
7a813d4786 Merge pull request #1829 from nuxsmin/fix/wrong_syntax 
Fix/wrong syntax

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2022-05-26 07:40:05 +02:00
Rubén D
96eaeacd58 chore: Bump version. 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2022-05-25 07:16:17 +02:00
Rubén D
861ce46e8a * [MOD] Bump version number 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2021-03-13 11:45:25 +01:00
Rubén D
b0050813b0 * [FIX] Fix ADS search behavior by unsseting ACCOUNTDISABLE flag for UserAccountControl property, since it prevents to throw the proper status code when authenticating against LDAP. Thanks to @t0l0 for testing. Closes #1574 
* [MOD] Update dependencies
* [MOD] Bump version number

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2021-01-16 11:46:58 +01:00
Rubén D
f428a8c1d6 * [MOD] Bump version number 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2020-12-20 20:46:21 +01:00
Rubén D
b3137a181a * [MOD] Improve backup regex 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2020-12-20 18:30:43 +01:00
Rubén D
a55548f4c4 * [MOD] Update dependencies 
* [FIX] Fix displaying install page when the app is already installed. Thanks to @kmmndr for the notice. Closes #1629
* [FIX] Fix issue when dropping DB user after an errored installation.

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2020-12-20 15:25:20 +01:00
Rubén D
c03d779894 * [MOD] Bump version patch and build number 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2020-03-07 17:52:39 +01:00
Rubén D
a299760683 * [FIX] Wrong behavior when viewing PDF files. Thanks to @m-shirokov for the notice. Closes #1501 
* [MOD] Minor code tweaks

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-12-16 00:40:02 +01:00
Rubén D
54e84f17cf * [FIX] Wrong behavior when displaying account notes tooltip with multiple lines. Thanks to @MagikEh for the feedback. Closes #1432 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-08-23 00:15:19 +02:00
Rubén D
945ee6d307 * [FIX] Wrong behavior when upgrading from v3.0. Thanks to @Envikia for the feedback. Related #1401 
* [MOD] Improved error code when an unknown API token is used. Thanks to @matejzero for the feedback. Closes #1429
* [FIX] Wrong behavior when changing master password and there aren't any accounts for processing. Thanks to @matejzero for the feedback. Closes #1430

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-08-21 23:51:32 +02:00
Rubén D
5503dd8de5 * [FIX] Wrong behavior when upgrading from v3.0. Thanks to @Envikia for the feedback. Related #1401 
* [MOD] Improved error code when an unknown API token is used. Thanks to @matejzero for the feedback. Closes #1429
* [FIX] Wrong behavior when changing master password and there aren't any accounts for processing. Thanks to @matejzero for the feedback. Closes #1430

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-08-21 23:50:19 +02:00
Rubén D
60595a3d84 Merge branch 'v3.1' 2019-08-18 22:31:58 +02:00
Rubén D
ceab42987e * [FIX] Wrong CSV MIME type 
* [MOD] Added CSV MIME type
* [MOD] Updated composer lock file
* [MOD] Bump to v3.1

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-08-18 22:02:58 +02:00
RubénD
535d7abcbf Merge pull request #1385 from mluchkin/master 
* [FIX] russian language in search. Thanks to @mluchkin
 2019-07-21 00:32:30 +02:00
Rubén D
29b56c5e35 * [MOD] Update version & build number 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-07-20 23:41:15 +02:00
Mluchkin
5811680c38 fix russian language 2019-07-05 15:33:03 +03:00
Rubén D
1adb103f29 * [FIX] Wrong URL handling when downloading files. Thanks to @fprina for the feedback ans testing. Closes #1354 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-05-25 20:28:35 +02:00
Rubén D
58dbc3509e * [MOD] Improved stacktrace by anonymizing function's arguments data. Thanks to @cRaZy-bisCuiT for the feedback. Closes #1339 
+ [MOD] Bump version & build

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-05-25 02:08:21 +02:00
Rubén D
4f3bb74296 * [MOD] Improved stacktrace by anonymizing function's arguments data. Thanks to @cRaZy-bisCuiT for the feedback. Closes #1339 
+ [MOD] Bump version & build

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-05-25 01:41:22 +02:00
Rubén D
4da57f86fb * [MOD] Improved behavior when searching for user permission on accounts. Thanks to @anth69 for the feedback. Closes #1338 
* [MOD] Updated translations. Thanks to all contributors.

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-05-25 00:29:02 +02:00
Rubén D
ea9b6ee1fd * [FIX] Wrong field definition on PluginData table. Thanks to @drewlsvern for the feedback. Closes 1326 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-30 20:50:01 +02:00
Rubén D
4f9431e7bc * [FIX] Wrong PHP version comparison 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-28 15:35:54 +02:00
Rubén D
72c51b037d * [MOD] Jump to RC1 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-27 12:01:35 +02:00
Rubén D
1e308a9431 * [FIX] Missing database upgrade 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-27 03:16:49 +02:00
Rubén D
6197c52af1 * [MOD] Update copyright date 
* [MOD] Code cleanup

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-27 02:48:18 +02:00
Rubén D
cf2becfcfe * [FIX] Fix custom fields migration issue. Thanks to @VexedSyd for the feedback. Closes #1273 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-27 01:55:28 +02:00
Rubén D
b8022166ba * [FIX] Wrong behavior when disabling remote syslog 
* [MOD] Increase account's name length up to 100 characters long. Related #1071

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-27 00:34:13 +02:00
Rubén D
e17e80d665 * [ADD] Added search for accounts name by regular expression. Closes #1311 
* [FIX] Fixed wrong behavior when search operator was set

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-25 23:20:00 +02:00
Rubén D
2318796c00 * [FIX] Fixed wrong behavior when searching for accounts on accounts manager. Thanks to @Weptun for the feedback. Closes #1271 
* [ADD] Added missing tests
* [MOD] Code cleanup

Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-04-21 23:12:45 +02:00
Rubén D
5f37d466dd * [ADD] Allow to change the account's owner and main group when the user is the account's owner. Related #705 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-24 23:32:45 +01:00
Rubén D
4e26b3918e * [ADD] Allow to set account's owner when creating or copying the account. Related #1264 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-24 22:15:42 +01:00
Rubén D
fd8d4886b4 * [MOD] Avoid to import blank client or category name when importing CSV files. 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-24 21:33:15 +01:00
Rubén D
1ec8d26e3a * [ADD] Application URL for handling requests through reverse proxy. Thanks to @rob42 for the feedback. Closes #1218 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-24 20:48:34 +01:00
Rubén D
5e8861e42f * [ADD] Allow to enable email notifications only for account access requests. Thanks to @jorgemfm for the feedback. Closes #1157 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-23 20:00:38 +01:00
Rubén D
b859311f86 Merge branch 'v3.0' into v3.1 
# Conflicts:
#	lib/SP/Services/Install/Installer.php
 2019-02-07 20:57:16 +01:00
RubénD
08bc68c9cc Merge pull request #1232 from denibrain/master 
[FIX] Import CSV. Thanks to @denibrain for the contribution. Closes #1232
 2019-02-07 20:50:43 +01:00
Rubén D
6095749e89 * [MOD] Bump version&build number 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-07 20:26:08 +01:00
Rubén D
bb651fbed3 * [FIX] Wrong behavior when creating new users from LDAP during login. Thanks to @javierlm for the feedback. Closes #1187 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-07 20:19:37 +01:00
Rubén D
10caf1f2fe * [MOD] Improved URL detection when displaying account search results. Thanks to @nblount for the feedback. Closes #1239 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-02-07 19:58:47 +01:00
Denis R
8e7fb417a8 [FIX] Import CSV 2019-02-05 12:16:52 +05:00
Rubén D
3ea87a4ecc * [MOD] Improved plugins data handling by encrypting the plugin's data 
Signed-off-by: Rubén D <nuxsmin@syspass.org>
 2019-01-30 00:04:05 +01:00
Rubén D
a2ecef2141 Merge branch 'master' into v3.1 
# Conflicts:
#	.travis.yml
#	lib/SP/Services/Install/Installer.php
 2019-01-26 13:12:28 +01:00