1berry/include-mastodon-feed
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'develop'

Browse Source
This commit is contained in:
wolfgang101 2025-01-24 12:30:06 +01:00
commit cccb8d10ee
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
readme.txt
View File

@ -105,6 +105,10 @@ Text after post permalink (date & time) (Default: )
* **text-edited**
Text indicating edited posts (Default: (edited))
* **date-locale**
Locale for date string, used in toLocaleString() (Default: en-US)
= Additional customizations =
You can define several plugin constants to set custom default options that will be applied site-wide (e.g. date options can only be set as php constant to mitigate an XSS vulnerability).
@ -149,7 +153,7 @@ Use the following URL to get your ID:
== Changelog ==
= 1.9.10 =
* fixed XSS vulnerability: removed support for date-options as shortcode attribute to mitigate an XSS vulnerability (still can be set as constant in PHP code)
* fixed XSS vulnerability: removed support for date-options as shortcode attribute completely - to mitigate an XSS vulnerability where authenticated attackers with contributor permission could insert malicious JavaScript (still can be set as constant in PHP code)
= 1.9.9 =
* fixed esc_url context that previously broke the URL for the Mastodon API JS ajax request (thank you @beach@illo.social)