kenmirrors/firefly-iii
1
0
Fork 0
mirror of https://github.com/firefly-iii/firefly-iii.git synced 2026-06-12 07:33:52 +00:00
Code Issues Projects Releases Wiki Activity
23,240 Commits 10 Branches 1,051 Tags
develop
Commit Graph

2487 Commits

Author SHA1 Message Date
James Cole
377123d41f Fix https://github.com/firefly-iii/firefly-iii/issues/12309 2026-06-06 11:15:44 +02:00
James Cole
b1f32406cc Fix https://github.com/firefly-iii/firefly-iii/issues/12335 2026-06-05 05:41:00 +02:00
James Cole
4865123d59 Fixed #12305 2026-05-30 04:22:21 +02:00
James Cole
30fd28b928 Fix https://github.com/firefly-iii/firefly-iii/issues/12306 2026-05-30 04:13:53 +02:00
James Cole
b70ed32952 Merge pull request #12271 from alanturing881/fix/stored-xss-ale-piggy-name 
Fix stored XSS in audit log view via piggy bank name (ale.twig)
 2026-05-20 20:16:16 +02:00
iaohkut
fa6c123595 Fix stored XSS in ALE view by HTML-escaping piggy bank name 
The Twig template ale.twig rendered the piggy bank name from
AuditLogEntry.after.piggy using |raw, bypassing auto-escaping.
A user-controlled name containing HTML (e.g. <img onerror=...>)
would execute as JavaScript in any browser viewing the transaction
audit log (CWE-79).

Apply |e filter to escape only the user-controlled `name` parameter
before substitution into the trans() string. The |raw filter is
preserved because the `amount` parameter legitimately contains
<span> tags for currency styling.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-05-20 11:07:57 -04:00
James Cole
04704392f3 Fix amount display in budget overview. 2026-05-03 09:24:03 +02:00
James Cole
3a9ac03358 Add entry in preferences. 2026-05-02 15:04:23 +02:00
James Cole
525f0c752a Fix https://github.com/orgs/firefly-iii/discussions/11408 2026-04-30 07:55:43 +02:00
Sander Dorigo
dae4f6f351 Add clarity on password validation api 2026-04-28 08:38:04 +02:00
James Cole
39be5075eb Clean up JS scripts. 2026-04-25 08:54:28 +02:00
James Cole
714133dad5 Merge pull request #12182 from tasnim0tantawi/bug/fix-sidebar-expanding-when-navigating 
fix shrinked sidebar expanding when navigating by clicking on icons
 2026-04-25 08:45:47 +02:00
tasnim0tantawi
1ebff22785 fix delay 2026-04-24 22:42:22 +03:00
tasnim0tantawi
8b14a11969 lines 2026-04-24 22:28:06 +03:00
tasnim0tantawi
ea57a0a8c8 remove code from default twig 2026-04-24 21:49:37 +03:00
tasnim0tantawi
c96cc8d941 fix shrinked sidebar expanding when navigating by clicking on icons 2026-04-24 21:01:03 +03:00
James Cole
0e97b4a6b8 Add script and add exception. 2026-04-24 10:26:48 +02:00
James Cole
30cce327e8 Add helpers and fix missing string. 2026-04-24 05:34:40 +02:00
James Cole
994e3dae18 Merge pull request #12179 from tasnim0tantawi/feature/client-side-password-verification-on-register 
implement password validation JS script
 2026-04-24 05:09:19 +02:00
tasnim0tantawi
b065150968 implement password validation JS script 2026-04-23 22:08:24 +03:00
James Cole
e81af7e051 Fix #12169 2026-04-22 18:34:16 +02:00
James Cole
32250ddc1a Fix https://github.com/firefly-iii/firefly-iii/issues/12169 2026-04-22 07:54:53 +02:00
James Cole
d42012afdd Push new oAuth features. 2026-04-18 05:17:03 +02:00
James Cole
d900a22926 Upgrade to laravel 13 and passport 13. 2026-04-15 08:31:06 +02:00
James Cole
6effbdb716 Fix https://github.com/firefly-iii/firefly-iii/issues/12083 2026-04-04 05:55:49 +02:00
James Cole
7f9640087e Fix https://github.com/firefly-iii/firefly-iii/issues/12043 2026-03-29 16:53:55 +02:00
James Cole
3881cd3e39 Fix https://github.com/firefly-iii/firefly-iii/issues/12026 2026-03-24 19:20:36 +01:00
James Cole
62eb054c7f Fix class/id value. 2026-03-14 20:31:16 +01:00
James Cole
b8ebcdf1a8 Remove CSS, only chartJS remains 2026-03-14 06:40:23 +01:00
James Cole
ac8dbbff6c Remove CSS and unused files. 2026-03-14 06:25:11 +01:00
James Cole
fea89c5231 Remove and replace inline styles. 2026-03-14 06:16:53 +01:00
James Cole
654f2ee489 Remove inline CSS 2026-03-14 06:02:40 +01:00
James Cole
27ba8e842a Remove CSS 2026-03-13 20:47:42 +01:00
James Cole
e504ee204a Remove styles. 2026-03-13 20:44:51 +01:00
James Cole
a3a332643c Replace styles with classes. 2026-03-13 20:35:39 +01:00
James Cole
464a89f305 Remove lots of style attributes. 2026-03-13 20:22:50 +01:00
James Cole
062c2323e3 Clean up and expand css styles. 2026-03-13 19:49:56 +01:00
James Cole
bc23bc0173 Fix reference to IP. 2026-03-13 03:50:02 +01:00
James Cole
1611cb3819 Add link to Firefly III in emails 2026-03-13 03:40:07 +01:00
James Cole
b48b2a411a Remove amount when nothing left. 2026-02-28 07:45:26 +01:00
James Cole
2842432204 Clean up budget amounts. 2026-02-28 07:29:44 +01:00
James Cole
31d1ee11cb Fix https://github.com/firefly-iii/firefly-iii/issues/11694 2026-02-13 08:04:39 +01:00
James Cole
6d4aca54de Fix #11246 2026-02-07 06:32:11 +01:00
James Cole
fb035ba594 Fix #11660 2026-02-07 06:09:41 +01:00
James Cole
88d3e01065 Add events for opening balance. 2026-02-06 18:10:41 +01:00
James Cole
831d39a41e Catch missing nonce 2026-02-04 20:39:54 +01:00
James Cole
fe971ec611 Add new setting. 2026-01-27 19:35:14 +01:00
mergify[bot]
c8a235b0b0 Merge branch 'develop' into dark-mode-improvements 2026-01-25 18:14:52 +00:00
mateuszkulapl
229db34d13 fix: apply user-selected light/dark mode to form elements (checkboxes, date picker) #8613 #7620 2026-01-25 18:45:19 +01:00
James Cole
8dba928dca Add autocomplete=off 2026-01-21 11:35:01 +01:00