Svein-Tore Griff With
9a4f57fa7d
Make sure that texts are texts
2013-07-24 18:01:07 +02:00
Frank Ronny Larsen
bd1f25448b
OPPG-473: Safari now use fake fullscreen.
...
Which is better than real fullscreen IMNSVHO...
2013-07-18 15:58:52 +02:00
Frank Ronny Larsen
7736506b39
Avoid double encoding of htmlspecialchars, we get them encoded from editor
2013-07-17 15:11:37 +02:00
Frank Ronny Larsen
67cfc1d333
OPPG-470: More potential threats in validator
2013-07-17 12:55:51 +02:00
Svein-Tore Griff With
db388d9a14
OPPG-470: Fixed several (potential) security problems
...
The biggest problem was that no filtering was done on lists because list values wasn't passed by referende through foreach
Also made sure lists where lists and keys where numbers
Made sure libraries only have library and semantics properties
2013-07-17 11:41:23 +02:00
Frank Ronny Larsen
46e4d67c06
Merge branch 'master' of b.amendor.com:h5p
2013-07-16 08:56:10 +02:00
Svein-Tore Griff With
b69ee7c2e3
OPPG-436: Rewrote logic so that the entire library processing is skipped if the user doesn't have access to update libraries
2013-07-15 17:36:56 +02:00
Frank Ronny Larsen
6d231499e3
OPPG-459: "multiple" option for semantic type "select"
...
Specifies that the select shall handle multiple options.
Used by dynamicCheckboxes widget.
2013-07-15 16:25:10 +02:00
Frank Ronny Larsen
fcc9ed4e24
Merge branch 'master' of b.amendor.com:h5p
2013-07-15 15:12:51 +02:00
Frank Ronny Larsen
ca8aca2678
Validator fixes...
...
Added better handling of select widget for multiple selects:
- Test for array, checks each element if found.
- Tests if valid options are set in semantics, enters "strict" mode if set (allows only said options)
- Non strict mode allows any option.
- All set values are htmlspecialcharred, even if strict.
2013-07-15 15:07:53 +02:00
Svein-Tore Griff With
4dfb80a8d9
Move whitelist logic out of drupal and into H5P core
2013-07-13 22:25:18 +02:00
Frank Ronny Larsen
706c61bfe8
Replaced PHP strip_tags with D7 filter_xss. Good thing we cache this..
2013-07-12 14:49:37 +02:00
Frank Ronny Larsen
7af599ae0d
OPPG-413: Merge file handlers, better htmlspecialchars
...
Filelike objects are now handled by the same code, not 4 copies of it.
htmlspecialchars are now specified as UTF-8 and will encode ALL quotes.
2013-07-11 15:17:26 +02:00
Frank Ronny Larsen
fb1b9fc719
OPPG-413: Fixed security hole inserted by validator itself..
2013-07-11 15:13:15 +02:00
Frank Ronny Larsen
4509626a0d
OPPG-413: Changed how HTML is handled for text. Any text widget with tags specified will now be treated as HTML
2013-07-11 14:36:31 +02:00
Frank Ronny Larsen
27345e22f8
BUGFIX: Use , not semantics tags after preprocessing tags, fixes in_array bugs
2013-07-11 13:12:17 +02:00
Frank Ronny Larsen
b487f452d6
BUGFIX: Regexp from semantics does not contain delimiters. Add in PHP
2013-07-10 11:02:17 +02:00
Frank Ronny Larsen
ec5c3ae1d5
BUGFIX: ->
2013-07-10 10:34:41 +02:00
Frank Ronny Larsen
7ab0309d0c
OPPG-413: If using defaults, add extra tags for table etc. too. + Extra validation for image/video/audio
2013-07-10 09:59:35 +02:00
Frank Ronny Larsen
ca1e84293a
OPPG-413: Use default tag list if no tags are set.
2013-07-09 15:42:30 +02:00
Frank Ronny Larsen
d57f4cb109
Merge branch 'master' of b.amendor.com:h5p
...
Conflicts:
library/h5p.classes.php
2013-07-09 15:16:36 +02:00
Frank Ronny Larsen
ab316a163c
OPPG-425: Add hook_alter_h5p_semantics
...
Also re-adds getLibrarySemantics in core, used by the validator to fetch decoded semantics.
This function is also responsible for calling the hook.
2013-07-09 15:13:09 +02:00
Frode Petterson
9a12f49aea
OPPG-413: Added this.
2013-07-09 14:43:22 +02:00
Frank Ronny Larsen
b5990bff8e
Merge branch 'master' of b.amendor.com:h5p
2013-07-09 11:01:38 +02:00
Frank Ronny Larsen
938b38c6f6
Comment fix
2013-07-09 11:01:29 +02:00
Pål Jørgensen
54040c273e
Implemented String.prototype.trim if not defined to support IE8
2013-07-09 10:36:27 +02:00
Frank Ronny Larsen
d3953475f0
Whitespace
2013-07-09 10:14:42 +02:00
Frank Ronny Larsen
a247ca470c
OPPG-413: Validator just got a little more annoying. Gives warning if mandatory fields are missing in group
2013-07-09 10:10:32 +02:00
Frank Ronny Larsen
6e99a052e2
OPPG-413: BUGFIX: Use isset() to check for existence
2013-07-09 09:41:57 +02:00
Frank Ronny Larsen
1548ebaf94
OPPG-172: Added library whitelist extension
...
Adds js and css as allowed extensions for library.
Manually add swf if wanted.
2013-07-08 18:22:38 +02:00
Pål Jørgensen
112e1e1108
Merge branch 'master' of b.amendor.com:h5p
2013-07-08 17:12:48 +02:00
Pål Jørgensen
118024d479
Only clearing cache if at least one library was created or updated
2013-07-08 17:12:40 +02:00
Frank Ronny Larsen
a7aeefc367
OPPG-414: Removed just in case-code.
2013-07-08 17:02:05 +02:00
Frank Ronny Larsen
b76f1395f3
Merge branch 'OPPG-413'
2013-07-08 16:24:24 +02:00
Frank Ronny Larsen
d2e3558927
OPPG-413: Enable caching, fill default tag list for HTML validation
2013-07-08 16:15:54 +02:00
Frank Ronny Larsen
35e2623e1b
OPPG-413: Validation of specific limitations from semantics.
2013-07-08 15:28:45 +02:00
Frank Ronny Larsen
1ca9eff064
OPPG-413: Validation fixes
2013-07-08 14:59:15 +02:00
Pål Jørgensen
aba62d5b48
Merge branch 'master' of b.amendor.com:h5p
...
Conflicts:
example_content/coursepresentation/H5P.CoursePresentation/library.json
example_content/coursepresentation/H5P.CoursePresentation/styles/cp.css
2013-07-08 09:39:39 +02:00
Pål Jørgensen
38d8269a76
Added new element type in coursepresentation: ExportableTextArea
2013-07-08 08:59:14 +02:00
Frank Ronny Larsen
fca2d6924a
Merge branch 'master' into OPPG-413
...
Conflicts:
h5p.module
2013-07-08 08:56:08 +02:00
Frank Ronny Larsen
5f0ba2f2a0
OPPG-413: Validator mostly ready. Huge problems with lists.
2013-07-05 17:35:59 +02:00
Frode Petterson
4d5741c47a
Merge branch 'ndla2'
2013-07-04 13:45:17 +02:00
Svein-Tore Griff With
8c46294dcd
OPPG-376: Added comment about the getContentPath function beeing deprecated
2013-07-04 10:38:52 +02:00
Svein-Tore Griff With
9a2e77a069
OPPG-376: Added api function that was removed in previous commit by Frode Petterson
2013-07-04 10:38:17 +02:00
Svein-Tore Griff With
59025c8e68
OPPG-376: Added comment about the getContentPath function beeing deprecated
2013-07-03 14:24:09 +02:00
Svein-Tore Griff With
9d9b3bbc51
OPPG-376: Added api function that was removed in previous commit by Frode Petterson
2013-07-03 14:22:00 +02:00
Frank Ronny Larsen
d1036e9a5a
OPPG-172: Added File extentension white list for content
...
Scan content files to ensure all files comply with the configured
set of valid extensions.
Disallows adding htaccess or php to allowed extension too.
2013-06-30 22:14:16 +02:00
Frank Ronny Larsen
312bd0f8b5
OPPG-414: Specific permission for updating libraries
...
Added a permission.
Added a new function to H5PFrameworkInterface for testing if allowed to update library
Added apropriate tests.
2013-06-30 16:39:17 +02:00
Frank Ronny Larsen
a34d0ea3e7
BUGFIX: Use DIRECTORY_SEPARATOR instead of '/'
2013-06-30 15:32:38 +02:00
Frode Petterson
b21d129d2c
OPPG-376: The forgotten code!
2013-06-27 14:29:56 +02:00