jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
6,294 Commits 1 Branch 0 Tags
da170aa4136525bc9a79d86480758e194812f931
Commit Graph

35 Commits

Author SHA1 Message Date
evazion
38355b4839 posts_helper.rb: remove unused resize_image_links. 
Unused since 1ef7ef4.
 2017-02-06 19:07:03 -06:00
Albert Yi
e7907e0e14 rename some config keys to clarify what they are 2016-11-28 17:31:01 -08:00
r888888888
fc4b2e54a4 fix common searches 2016-09-29 17:45:16 -07:00
r888888888
b13c76b9d9 only trigger common searches js on manual searches 2016-09-07 18:35:28 -07:00
r888888888
c3b78b1752 add user searches 2016-08-23 18:20:21 -07:00
r888888888
504674b288 add rel=nofollow in more places 2016-02-03 23:47:17 -08:00
r888888888
16e437b048 ignore forbidden tags on missed search counter 2016-02-03 16:56:37 -08:00
r888888888
025d66a639 optimize missing search js script 2016-02-02 17:26:28 -08:00
r888888888
fe4cb7f3ba track searches that return no results 2016-02-02 16:25:14 -08:00
r888888888
f87c71cf23 remove post view counts, add search counts 2015-07-27 17:27:40 -07:00
r888888888
9e6d08600c store post view counts in reportbooru/fetch view counts from reportbooru #2128 2015-07-21 13:09:32 -07:00
evazion
a38e12f091 Fix XSS in source link on post show page. 
This vulnerability allows someone to create a source link that appears
to lead to Pixiv like normal, but that actually executes Javascript code
when clicked.

1) Set the source of a post to javascript:"http://img1.pixiv.net/img/xss/";alert("xss");
2) Wait for someone to click the source link in the Information sidebar.
3) Profit.

The cause is that the regexes for detecting Pixiv URLs aren't anchored
to the front of the string using \A. This allows non-http:// links to be
created.
 2014-10-17 15:15:48 -05:00
Toks
96d5a937d5 fixes #2106 2014-03-14 11:35:26 -04:00
Toks
424d84661a fixes #2105 
Also fix bug where sources were not escaped at all on post versions page
 2014-03-10 22:34:22 -04:00
r888888888
0ef37c0538 fixes #1242 2014-02-28 18:10:36 -08:00
r888888888
b523ed471c fixes #1249 2014-02-28 17:57:33 -08:00
Toks
b2b685a251 Change has a parent link for consistency with has children link 2013-09-07 20:41:50 -04:00
Kevin Xiwei Zheng
dcefb842df More accurately determine linkable sources 
Use the "\A" metacharacter for the beginning of a string, instead of "^"
for the beginning of any line within that string, and check for "://" as
well.  Fixes #1947.
 2013-08-21 11:32:47 -04:00
Toks
6ab405c142 fixes #1403 2013-05-03 19:54:01 -04:00
Toks
6c3aabf2b6 simplifies parent/child preview code; fixes #1489 2013-04-30 14:54:40 -04:00
Toks
e1c34df22e modify relationship preview js 2013-04-29 17:12:07 -04:00
Toks
4775535c11 fixes #1481; fixes #1483 
Additionally:
* Rename methods and variables related to the parent/child previews for
consistency.
* Split off siblings into a separate post set.
* Increase limit of children/siblings displayed to max of 200.
 2013-04-29 17:12:02 -04:00
Toks
c3f1c99848 fixes #1389 
reorganize parent/child messages into helpers
 2013-04-27 21:26:22 -04:00
Toks
32adfd5d0a prevent strange source link line breaks 2013-04-13 17:31:27 -04:00
Toks
ee5310782b fix for #1217 2013-04-11 17:45:37 -04:00
Toks
06f7f711dd fixes #1280 2013-04-11 15:00:20 -04:00
Toks
cb263575aa fix for #1217 2013-04-10 19:07:29 -04:00
albert
6a4a19fae4 fixes #1215 2013-04-09 15:31:49 -04:00
小太
cba839ba76 Kill trailing whitespace in ruby files 2013-03-19 23:10:10 +11:00
albert
7269ec0076 removed small image support 2012-03-13 18:28:32 -04:00
albert
fbc1fb1f51 fixes #80: Clicking Pixiv source address at the information panel 2011-09-16 10:58:02 -04:00
albert
d954af775e fixes #18: Source/rating not displayed on post pages 2011-09-13 19:17:45 -04:00
albert
189ad7052d fixed image resizing 2011-09-11 20:25:13 -04:00
albert
5610731b35 sync 2010-08-18 18:42:33 -04:00
albert
23656e3fa9 * Continued work on improving post view templates 
* Added statistics-based estimator for related tag calculator
* Fleshed out IpBan class based on changes to Danbooru 1.xx
 2010-04-29 17:32:15 -04:00