pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
8,417 Commits 12 Branches 98 Tags
remove-duplicate-errors
Commit Graph

16 Commits

Author SHA1 Message Date
Jeremy Benoist
66b7bdd07c Merge remote-tracking branch 'origin/2.5.x' 2023-04-24 14:36:32 +02:00
Kevin Decherf
3ed7f2b751 AnnotationController: fix improper authorization vulnerability 
This PR is based on 2.5.x branch.

We fix the improper authorization by retrieving the annotation using id
and user id.

We also replace the ParamConverter used to get the requested Annotation
on put and delete actions with an explicit call to AnnotationRepository
in order to prevent a resource enumeration through response discrepancy.

Fixes GHSA-mrqx-mjc4-vfh3

Co-authored-by: Jeremy Benoist <jeremy.benoist@gmail.com>
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
 2023-01-27 23:34:14 +01:00
Yassine Guedidi
eb43c78720 Use FQCN instead of service alias 2022-09-01 09:07:19 +02:00
Yassine Guedidi
8b7b4975d6 Migrate getRepository with entities 2022-08-26 17:47:46 +02:00
Jérémy Benoist
6a0d49ab7a Fix tests 2019-11-27 14:46:27 +01:00
adev
8197f08266 API return an error with empty quote 
Fix #4137
 2019-11-27 14:38:35 +01:00
Jeremy Benoist
1e0d8ad7b7 Enable PHPStan 
- Fix error for level 0 & 1 (level 7 has 699 errors...)
- Add `updated_at` to site_credential (so the `timestamps()` method applies correctly)
 2019-01-18 15:25:50 +01:00
Jeremy Benoist
8f2038e5b1 Fix tests 2018-11-28 22:04:55 +01:00
Jeremy Benoist
f808b01692 Add a real configuration for CS-Fixer 2017-07-01 09:52:38 +02:00
Jeremy Benoist
eb570e49c8 CS 2017-06-07 23:31:14 +02:00
adev
2c3e148b00 Displays an error with an annotation with a too long quote 
Fix #2762
 2017-06-04 11:38:29 +02:00
Nicolas Lœuillet
f24ea59ea4 Fixed migration and added tests 2016-10-28 10:55:39 +02:00
Jeremy Benoist
aa4741091f Add test on /api/annotations 
Fix controller forward in WallabagRestController.
Update PHPDoc so it is sorted the same way as others one
Duplicate all annotations test to use both api & normal way
Also, make annotation tests independent to each other
 2016-10-22 12:09:20 +02:00
Nicolas Lœuillet
e5edb6e127 PHP CS 2016-10-22 09:06:07 +02:00
Thomas Citharel
0c271b9eb0 fix cs and phpdoc 2016-10-22 09:06:07 +02:00
Jeremy Benoist
23634d5d84 Jump to Symfony 3.1 2016-06-22 17:59:35 +02:00