colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,893 Commits 1 Branch 0 Tags 48 MiB
Commit Graph

14 Commits

Author SHA1 Message Date
Dan Brown 4597069083
Added Backup code verification logic 
Also added testing to cover as part of this in addition to adding the
core backup code handling required.

Also added the standardised translations for switching mfa mode and
adding testing for this switching.
 2021-08-02 16:35:37 +01:00
Dan Brown 916a82616f
Complete base flow for TOTP setup 
- Includes DB storage and code validation.
- Extracted TOTP work to its own service file.
- Still needs testing to cover this side of things.
 2021-06-30 22:10:02 +01:00
Timo Förster 745d15d200
Allow uploads of files containing dots in filename. Closes BookStackApp/BookStack#2217 2021-03-04 22:27:20 +01:00
Dan Brown 349162ea13
Prevented possible XSS via link attachments 
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.

Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
 2020-10-31 15:01:52 +00:00
Dan Brown 140298bd96
Updated to Laravel 5.8 2019-09-13 23:58:40 +01:00
Dan Brown 213e9d2941
Upgraded to Laravel 5.6 2019-09-06 22:14:39 +01:00
Dan Brown 79f6dc00a3
Change image-selector to not use manager 
- Now changes the images directly for user, system & cover.
- Extra permission checks added to edit & delete actions.
 2019-05-04 15:50:29 +01:00
Dan Brown 9879a0d12c
Added helper text for no_double_extension validation 2019-03-24 19:40:45 +00:00
Dan Brown f5fe524e6c
Added extension whitelist for image uploads 
- A continuation of the security issues addressed in v0.25.3
 2019-03-21 19:43:15 +00:00
Dan Brown 37b91b6b0e
Hardened image file validation by removing custom validation 
- Added test to check PHP files cannot be uploaded as an image.
 2019-03-20 23:59:55 +00:00
abijeet 9dba9ca178 Fixes tooltip on the image manager. 
Fixes #1186
 2019-01-27 19:43:31 +05:30
Dan Brown 86a00a59d4
Created sketchy translation formatter script 
Compares a translation file to a EN version to
place translations on matching line numbers and matches
up comments.
 2018-12-14 21:23:05 +00:00
Dan Brown 573357a08c
Extracted text from logic files 2016-12-04 16:51:39 +00:00
Dan Brown eaa1765c7a Initial commit 2015-07-12 20:01:42 +01:00