1af8e37e9b
fix(front-end): add more security fixes for formatted lists and notifier
...
- introduce html escape function
- escape message content in notifier plugin
- escape user name in ConversationListItem
- escape user name in the Event EditView contacts section
- display user summary as plain text in ActorCard
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-07 14:29:20 +01:00
e08b057e06
Translated using Weblate (Galician)
...
Currently translated at 71.2% (1169 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/gl/
2023-12-07 12:14:43 +01:00
211d07b68e
Merge branch 'xss-fixes' into 'main'
...
Security and docker fixes
See merge request framasoft/mobilizon!1500
2023-12-07 11:14:36 +00:00
94bf2e53bf
fix(front): put correct value for CONVERSATION_LIST enum value
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:51:45 +01:00
41227d994c
style: linting front-end
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:18:36 +01:00
2c12fbfd09
fix(front): anonymous participant text is plain text, avoid using v-html
...
It was using v-html when opening to "view more"
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:18:05 +01:00
ffff379d47
fix: always consider report content as text
...
Report content was used as HTML in front-end and e-mails but wasn't sanitized as such.
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 11:05:56 +01:00
7b4c31d66a
Translated using Weblate (Korean)
...
Currently translated at 1.1% (19 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/ko/
2023-12-06 10:49:27 +01:00
ded59bec27
fix(front): fix XSS because of bad operations when setting the group's summary
...
Group summary (HTML) is properly sanitized by the backend, but for groups we did a special operation
before setting the HTML in the Vue app. This is now removed
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 08:47:44 +01:00
935799f123
fix(front): fix editing group
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-06 08:37:48 +01:00
9c88faeafb
Translated using Weblate (Croatian)
...
Currently translated at 88.9% (1458 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-05 22:34:12 +01:00
623f4ee556
Translated using Weblate (Croatian)
...
Currently translated at 87.1% (1430 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-05 17:34:13 +01:00
f81472e081
fix(front): fix tag loading
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:28:11 +01:00
c4d2ec69ad
fix(front): only show participants & announcements menu items to organizers
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-05 08:15:11 +01:00
a26ff98b13
Translated using Weblate (Croatian)
...
Currently translated at 86.2% (1414 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:30:01 +01:00
aa7f870a79
Translated using Weblate (Croatian)
...
Currently translated at 86.2% (1414 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:18:45 +01:00
1ce34eaffb
Translated using Weblate (Croatian)
...
Currently translated at 86.0% (1412 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:13:15 +01:00
5e7edc0784
Translated using Weblate (Croatian)
...
Currently translated at 85.9% (1410 of 1640 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/hr/
2023-12-04 19:10:07 +01:00
10ce812660
fix(front): make recipient field placeholder translatable
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-04 13:49:42 +01:00
32caebb1d0
fix: prevent sending group physical address if it's empty and allow empty text for timezone
...
As old addresses don't hold TZ information
Closes #1357
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-03 18:14:00 +01:00
d831dff9fc
feat(front): add dedicated page and route for event announcements
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-01 11:29:56 +01:00
9e6b232a78
feat: add links to cancel anonymous participations in emails
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-12-01 11:29:53 +01:00
f81804d57f
resolve result promise in a shorter way
2023-11-27 16:43:12 +00:00
83da88ca28
fix fullAddressAutocomplete component not loading results
...
- introduce refetch method to fetch the result when query variables change
2023-11-27 16:52:23 +01:00
802ab78968
Translated using Weblate (Portuguese (Brazil))
...
Currently translated at 47.4% (775 of 1632 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/pt_BR/
2023-11-24 05:22:14 +01:00
8a1b122711
remove unnecessary function
2023-11-22 16:45:43 +01:00
69e4a5c532
fix: don't show passed/finished events in related events section
2023-11-21 22:55:35 +01:00
5e86ef1e8c
fix(front): hide all categories card if we don't have even one
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-21 16:40:34 +01:00
5602164c62
build: replace @vueuse/head with @unhead/vue
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-21 16:40:32 +01:00
6ecfa48511
chore(i18n): add missing translation key
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-21 11:22:27 +01:00
9aa9cd2056
Update translation files
...
Updated by "Cleanup translation files" hook in Weblate.
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/
2023-11-20 18:57:15 +01:00
a11fab6e6d
Added translation using Weblate (Korean)
2023-11-20 18:46:49 +01:00
d065193546
Translated using Weblate (Indonesian)
...
Currently translated at 45.2% (730 of 1612 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/id/
2023-11-20 18:46:31 +01:00
d702ca203c
Translated using Weblate (Czech)
...
Currently translated at 98.2% (1583 of 1612 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/cs/
2023-11-20 18:46:31 +01:00
9224f89d9d
Translated using Weblate (Czech)
...
Currently translated at 98.0% (1581 of 1612 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/cs/
2023-11-20 18:46:31 +01:00
c14dffb234
Translated using Weblate (Czech)
...
Currently translated at 97.7% (1576 of 1612 strings)
Translation: Mobilizon/Frontend
Translate-URL: https://weblate.framasoft.org/projects/mobilizon/frontend/cs/
2023-11-20 18:46:30 +01:00
dcfcf066f9
Merge branch 'feat-private-messages' into 'main'
...
Private messages
Closes #496
See merge request framasoft/mobilizon!1477
2023-11-20 16:58:20 +00:00
7ef85fe19b
fix(announcements): load group announcements
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-20 17:35:37 +01:00
b635937091
fix: various fixes
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-20 09:35:21 +01:00
105d3b5814
test: fix front-end tests
...
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-15 12:38:36 +01:00
bfbc299f37
test: fix histoire configuration
...
Nearly
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-14 18:59:28 +01:00
2e72f6faf4
build: switch from yarn to npm to manage js dependencies and move js contents to root
...
yarn v1 is being deprecated and starts to have some issues
Signed-off-by: Thomas Citharel <tcit@tcit.fr>
2023-11-14 17:24:42 +01:00
potsda.mn-Kollektiv