Samantaz Fox
ddb06b0cac
Fix XSS vulnerability in channel playlists
...
The channel/<ucid>/playlists page was vulnerable to Cross Site Scripting
(XSS), because the different URL parameters were inserted as-is in the URL
meant for instance switching.
This vulnerability could allow an attacker to inject malicious Javascript
in the page by tricking the user to click on a crafted link.
Bug introduced in commit 66e7285108
("Only use /redirect when automatically redirecting").
Thanks to Jack (@testa:cthd.icu on Matrix, @cysea on github) for responsibly
reporting this issue!
3 years ago
Samantaz Fox
2ac19eb8fc
Merge pull request #2725 from weblate/weblate-invidious-translations
...
Translations update from Hosted Weblate
3 years ago
Hosted Weblate
6cdaafdc37
Update Norwegian Bokmål translation
...
Co-authored-by: Petter Reinholdtsen <pere-weblate@hungry.com>
3 years ago
Samantaz Fox
7f3ef12297
Merge pull request #2692 from weblate/weblate-invidious-translations
...
Invidious translations update
Merged from the command line due to merge conflicts.
3 years ago
Samantaz Fox
da2f592de6
locales: use "DASH" instead of "dash" in en-US
3 years ago
Samantaz Fox
ee91effb7a
Merge pull request #2576 from SamantazFox/fix-locales-handling
...
Fix locales handling
3 years ago
Hosted Weblate
b13f9c25b3
Update Danish translation
...
Update Danish translation
Update Danish translation
Update Danish translation
Update Danish translation
Update Danish translation
Co-authored-by: Grooty12 <Rasmus@rosendahl-kaa.name>
Co-authored-by: HackerNCoder <hackerncoder@protonmail.ch>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
3 years ago
Hosted Weblate
f85563eb66
Update Indonesian translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: I. Musthafa <i.musthafa66@gmail.com>
3 years ago
Hosted Weblate
7b689a186d
Update Dutch translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
3 years ago
Hosted Weblate
092d7df761
Update Chinese (Traditional) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Jeff Huang <s8321414@gmail.com>
3 years ago
Hosted Weblate
6c444707d7
Update Turkish translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Oğuz Ersen <oguzersen@protonmail.com>
3 years ago
Hosted Weblate
81c006cc04
Update Chinese (Simplified) translation
...
Co-authored-by: Eric <spice2wolf@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
3 years ago
Hosted Weblate
7cbd1e413f
Update Serbian (cyrillic) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
3 years ago
Hosted Weblate
f34f8ef188
Update Serbian translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
3 years ago
Hosted Weblate
c3eb385cd3
Update Croatian translation
...
Update Croatian translation
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
Co-authored-by: Milo Ivir <mail@milotype.de>
3 years ago
Hosted Weblate
be34f03157
Update French translation
...
Update French translation
Co-authored-by: Bundy01 <bundy@posteo.eu>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Samantaz Fox <translator-weblate@samantaz.fr>
3 years ago
Hosted Weblate
4964785b13
Update German translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
3 years ago
Hosted Weblate
1b7757c14f
Update Arabic translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Rex_sa <rex.sa@pm.me>
3 years ago
Hosted Weblate
58c9f20226
Update Norwegian Bokmål translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Petter Reinholdtsen <pere-weblate@hungry.com>
3 years ago
Hosted Weblate
f19be0c3ce
Update English (United States) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Samantaz Fox <translator-weblate@samantaz.fr>
3 years ago
Samantaz Fox
f236a6872b
Merge pull request #2659 from SamantazFox/fix-likes-dislikes
...
Fix likes/dislikes
3 years ago
Samantaz Fox
3e0096f360
Merge pull request #2683 from iv-org/SamantazFox-patch-1
...
Fix #2682
3 years ago
Samantaz Fox
438b334320
Merge pull request #2671 from matthewmcgarvey/code-removal
...
Remove dead code
3 years ago
Samantaz Fox
4aa96ecab9
Use 'dig()' in 'find()' statements
3 years ago
Samantaz Fox
e5557b515e
Merge pull request #2684 from iv-org/SamantazFox-patch-2
...
Decode title from download widget
3 years ago
Samantaz Fox
7b9d26d688
Fix #2670
...
Fixes "Download widget replaces spaces in filename with +"
https://github.com/iv-org/invidious/issues/2670
3 years ago
matthewmcgarvey
8d4b4cd14c
Remove dead code
3 years ago
Samantaz Fox
342fc202a7
Fix #2682
...
Fix "Missing param name: "q" (KeyError)"
https://github.com/iv-org/invidious/issues/2682
3 years ago
Samantaz Fox
4436359d07
Use dig to get category contents
...
Co-authored-by: Matthew McGarvey <matthewmcgarvey14@gmail.com>
3 years ago
Samantaz Fox
91f8395222
Typo: missing '?' when looking for key in dislikes_button
...
Co-authored-by: Matthew McGarvey <matthewmcgarvey14@gmail.com>
3 years ago
Émilien Devos
c6e086c6ff
Revert "Temporarily fix for #2612" ( #2673 )
3 years ago
Samantaz Fox
82f3eda82b
Merge pull request #2656 from SamantazFox/fix-2549
...
extract_video_info: Make sure that the Android player response is valid
3 years ago
Samantaz Fox
05f9613e14
Merge pull request #2623 from SamantazFox/temp-decompression-fix
...
Temporarily fix for #2612
3 years ago
TheFrenchGhosty
50bb591826
Merge pull request #2658 from weblate/weblate-invidious-translations
...
Translations update from Hosted Weblate
3 years ago
Hosted Weblate
2ca23c714d
Update Indonesian translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: I. Musthafa <i.musthafa66@gmail.com>
3 years ago
Hosted Weblate
b030d822f1
Update Serbian translation
...
Co-authored-by: Anon Anonimovic <BGteam@live.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
3 years ago
Hosted Weblate
65b5183f01
Update Portuguese (Brazil) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Vinicius <rodriguessv30@gmail.com>
3 years ago
Hosted Weblate
33431844b7
Update French translation
...
Co-authored-by: Bundy01 <bundy@posteo.eu>
3 years ago
Hosted Weblate
325a67155d
Update Catalan translation
...
Update Catalan translation
Add Catalan translation
Co-authored-by: Alfonso Montero López <amontero@tinet.org>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
3 years ago
Samantaz Fox
6876f88f43
Merge pull request #2622 from SamantazFox/add-makefile
...
Add a makefile
3 years ago
Samantaz Fox
ad9d3f4425
Merge pull request #2555 from iv-org/readme-enhancements
...
Enhance some stuff in the README
3 years ago
TheFrenchGhosty
5eca7a8a30
Fix indenting
...
Co-authored-by: Samantaz Fox <coding@samantaz.fr>
3 years ago
TheFrenchGhosty
de153ece4e
Move the Awesome-Humane-Tech to its own line
3 years ago
TheFrenchGhosty
2d8964d37d
Apply the suggestions
3 years ago
Samantaz Fox
ceb1feb350
likes/dislikes: better fallback management
...
'.to_i64?' instead of '.to_i64' returns nil rather than raising
an exception when it's done on an empty string.
In some rare cases, rating can be equal to 5. In this case, the
value of player_response[videoDetails][averageRating] is an
Int and not a Float.
3 years ago
Samantaz Fox
2ea0590b03
i18n: return 'key' if 'key' is not in locales files
3 years ago
Samantaz Fox
80a513baa5
Use new techniques to get (dis)likes back
3 years ago
Samantaz Fox
ba48f68fc3
allow multiple, successive content-encodings
3 years ago
Samantaz Fox
319587e2f1
extract_video_info: make sure that the Android player response is valid
3 years ago
Samantaz Fox
bf7952d9c7
i18n: log a warning instead of rising an exception
...
This is more user-friendly.
TODO: maybe make a compile time flag for testing purposes
3 years ago