ddb06b0cac
Fix XSS vulnerability in channel playlists
...
The channel/<ucid>/playlists page was vulnerable to Cross Site Scripting
(XSS), because the different URL parameters were inserted as-is in the URL
meant for instance switching.
This vulnerability could allow an attacker to inject malicious Javascript
in the page by tricking the user to click on a crafted link.
Bug introduced in commit 66e7285108
2021-12-19 20:51:44 +01:00
f54e247eb4
Extractors: Add support for shorts
...
Fixes #2708
2021-12-17 16:47:41 +01:00
2ac19eb8fc
Merge pull request #2725 from weblate/weblate-invidious-translations
...
Translations update from Hosted Weblate
2021-12-17 15:02:59 +01:00
6cdaafdc37
Update Norwegian Bokmål translation
...
Co-authored-by: Petter Reinholdtsen <pere-weblate@hungry.com>
2021-12-16 06:25:54 +01:00
ed6476b5ea
Allow the t parameter to override the stored video playback position
2021-12-15 19:38:58 +01:00
b90bceb2dc
Fix formatting of preferences.cr and videos.cr
2021-12-15 19:38:58 +01:00
f31bd5ffb9
Use localization for save player position label in the preferences page
2021-12-15 19:38:56 +01:00
5abe7fe123
Rename 'remember_position' to 'save_player_pos' for clarity
2021-12-15 19:37:55 +01:00
b6792cf02e
Added default value for get_video_time() which was causing a bug in safari
2021-12-15 19:37:55 +01:00
1261323c66
Remove console.log debugging
2021-12-15 19:37:55 +01:00
2a45b4eba0
Save and load the position for the video using a local storage object, the object is a dictionary, where the key is the video ID, and the value is the time at which the user last left off watching the video. If the user deselected the 'remember video position' checkbox in the preferences this dictionary is cleared
2021-12-15 19:37:55 +01:00
a6a0bbf398
Add remember_position field to the Preferences and VideoPreferences structs, and add a checkbox in the preferences page to toggle it
2021-12-15 19:37:55 +01:00
33678925cf
Merge branch 'master' of github.com:iv-org/invidious
2021-12-15 21:29:47 +09:00
7f3ef12297
Merge pull request #2692 from weblate/weblate-invidious-translations
...
Invidious translations update
Merged from the command line due to merge conflicts.
2021-12-12 23:50:14 +01:00
da2f592de6
locales: use "DASH" instead of "dash" in en-US
2021-12-12 22:46:12 +01:00
ee91effb7a
Merge pull request #2576 from SamantazFox/fix-locales-handling
...
Fix locales handling
2021-12-12 22:26:22 +01:00
b13f9c25b3
Update Danish translation
...
Update Danish translation
Update Danish translation
Update Danish translation
Update Danish translation
Update Danish translation
Co-authored-by: Grooty12 <Rasmus@rosendahl-kaa.name>
Co-authored-by: HackerNCoder <hackerncoder@protonmail.ch>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
2021-12-10 23:36:14 +01:00
f85563eb66
Update Indonesian translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: I. Musthafa <i.musthafa66@gmail.com>
2021-12-10 23:36:14 +01:00
7b689a186d
Update Dutch translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
2021-12-10 23:36:14 +01:00
092d7df761
Update Chinese (Traditional) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Jeff Huang <s8321414@gmail.com>
2021-12-10 23:36:14 +01:00
6c444707d7
Update Turkish translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Oğuz Ersen <oguzersen@protonmail.com>
2021-12-10 23:36:13 +01:00
81c006cc04
Update Chinese (Simplified) translation
...
Co-authored-by: Eric <spice2wolf@gmail.com>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
2021-12-10 23:36:13 +01:00
7cbd1e413f
Update Serbian (cyrillic) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
2021-12-10 23:36:13 +01:00
f34f8ef188
Update Serbian translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
2021-12-10 23:36:13 +01:00
c3eb385cd3
Update Croatian translation
...
Update Croatian translation
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
Co-authored-by: Milo Ivir <mail@milotype.de>
2021-12-10 23:36:13 +01:00
be34f03157
Update French translation
...
Update French translation
Co-authored-by: Bundy01 <bundy@posteo.eu>
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Samantaz Fox <translator-weblate@samantaz.fr>
2021-12-10 23:36:13 +01:00
4964785b13
Update German translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Issa1553 <fairfull.playing@gmail.com>
2021-12-10 23:36:12 +01:00
1b7757c14f
Update Arabic translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Rex_sa <rex.sa@pm.me>
2021-12-10 23:36:12 +01:00
58c9f20226
Update Norwegian Bokmål translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Petter Reinholdtsen <pere-weblate@hungry.com>
2021-12-10 23:36:12 +01:00
f19be0c3ce
Update English (United States) translation
...
Co-authored-by: Hosted Weblate <hosted@weblate.org>
Co-authored-by: Samantaz Fox <translator-weblate@samantaz.fr>
2021-12-10 23:36:12 +01:00
48dc98ff45
Merge branch 'master' of github.com:iv-org/invidious
2021-12-10 23:19:08 +09:00
f236a6872b
Merge pull request #2659 from SamantazFox/fix-likes-dislikes
...
Fix likes/dislikes
2021-12-06 03:52:38 +01:00
ed435a4fa5
Merge branch 'master' of git.076.ne.jp:TechnicalSuwako/invidious-mod
2021-12-06 10:30:58 +09:00
41c71cbc73
Merge branch 'master' of github.com:iv-org/invidious
2021-12-06 10:29:47 +09:00
3e0096f360
Merge pull request #2683 from iv-org/SamantazFox-patch-1
...
Fix #2682
2021-12-02 15:35:00 +01:00
438b334320
Merge pull request #2671 from matthewmcgarvey/code-removal
...
Remove dead code
2021-12-01 20:49:23 +01:00
4aa96ecab9
Use 'dig()' in 'find()' statements
2021-12-01 17:32:10 +01:00
e5557b515e
Merge pull request #2684 from iv-org/SamantazFox-patch-2
...
Decode title from download widget
2021-12-01 17:29:04 +01:00
112d52e958
Merge branch 'master' of git.076.ne.jp:TechnicalSuwako/invidious-mod
2021-11-30 21:19:03 +09:00
fcba670862
Merge branch 'master' of github.com:iv-org/invidious
2021-11-30 21:18:56 +09:00
38a99395e9
Merge branch 'master' of github.com:iv-org/invidious
2021-11-30 20:45:32 +09:00
7b9d26d688
Fix #2670
...
Fixes "Download widget replaces spaces in filename with +"
https://github.com/iv-org/invidious/issues/2670
2021-11-29 23:12:55 +01:00
8d4b4cd14c
Remove dead code
2021-11-29 09:11:50 -06:00
342fc202a7
Fix #2682
...
Fix "Missing param name: "q" (KeyError)"
https://github.com/iv-org/invidious/issues/2682
2021-11-29 14:53:27 +01:00
4436359d07
Use dig to get category contents
...
Co-authored-by: Matthew McGarvey <matthewmcgarvey14@gmail.com>
2021-11-28 23:44:37 +01:00
91f8395222
Typo: missing '?' when looking for key in dislikes_button
...
Co-authored-by: Matthew McGarvey <matthewmcgarvey14@gmail.com>
2021-11-28 23:37:27 +01:00
de00e86cd5
Decompress the response body ourselves
...
Temp fix for #2612
2021-11-28 18:04:12 +01:00
c6e086c6ff
Revert "Temporarily fix for #2612" ( #2673 )
2021-11-28 09:41:16 +01:00
82f3eda82b
Merge pull request #2656 from SamantazFox/fix-2549
...
extract_video_info: Make sure that the Android player response is valid
2021-11-28 02:38:29 +01:00
05f9613e14
Merge pull request #2623 from SamantazFox/temp-decompression-fix
...
Temporarily fix for #2612
2021-11-28 02:35:39 +01:00
Samantaz Fox