1berry/include-mastodon-feed
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'develop'

Browse Source
This commit is contained in:
wolfgang101 2025-01-24 12:30:06 +01:00
commit cccb8d10ee
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
readme.txt
View File

@ -105,6 +105,10 @@ Text after post permalink (date & time) (Default: )
* **text-edited** * **text-edited**
Text indicating edited posts (Default: (edited)) Text indicating edited posts (Default: (edited))
* **date-locale**
Locale for date string, used in toLocaleString() (Default: en-US)
= Additional customizations = = Additional customizations =
You can define several plugin constants to set custom default options that will be applied site-wide (e.g. date options can only be set as php constant to mitigate an XSS vulnerability). You can define several plugin constants to set custom default options that will be applied site-wide (e.g. date options can only be set as php constant to mitigate an XSS vulnerability).
@ -149,7 +153,7 @@ Use the following URL to get your ID:
== Changelog == == Changelog ==
= 1.9.10 = = 1.9.10 =
* fixed XSS vulnerability: removed support for date-options as shortcode attribute to mitigate an XSS vulnerability (still can be set as constant in PHP code) * fixed XSS vulnerability: removed support for date-options as shortcode attribute completely - to mitigate an XSS vulnerability where authenticated attackers with contributor permission could insert malicious JavaScript (still can be set as constant in PHP code)
= 1.9.9 = = 1.9.9 =
* fixed esc_url context that previously broke the URL for the Mastodon API JS ajax request (thank you @beach@illo.social) * fixed esc_url context that previously broke the URL for the Mastodon API JS ajax request (thank you @beach@illo.social)