Age | Commit message (Collapse) | Author |
|
* Buffing xss testing system.
* More testing changes.
* Finish adding more xss test data.
* Update ui-test.php file.
* Use DI\add in test container override.
* Update OmniFixture.
* Get fixture to setup properly.
* Make xss sanity check work w/ persist fixture data option.
* Another sanity check tweak.
* Trying to debug xss sanity check.
* removing duplicates
* Fix xss testing JS.
* Escape widget category text.
* deal w/ angular input in goal name
* Ensure privacy manager links are safe and add automated test for dangerous links to UI tests.
* Create dangerous link method in xsstesting class.
* Make xss test failures a bit easier to debug and escape metric documentation for angular.
* Tweak quickaccess test.
* Try to get pviot by dimension test to pass.
* Tweak QuickAccess test and try to get xss reports to show.
* Fix exception message.
* Tweaks to fake xss report (cannot currently be displayed).
* Updating screenshots.
* In check for dangerous links test allow empty links that use dangerous prefix.
* fix a cou0le more tests.
* update more screenshots
* Update a couple more screenshots.
* Updated screenshot.
* update screenshots
* update two more screenshots
* Use ng-bind-html to sanitize report documentation which can potentially have HTML.
* update screenshots
|
|
See https://github.com/matomo-org/matomo/commit/2d2abcc9576079a8496ad8bd4a038ba07cf1fb2b#r31248004
|
|
|
|
* Show the CORS settings in the UI when enable_general_settings_admin=0
The INI setting description does not mean to include CORS:
```ini
; By setting this option to 0, the following settings will be hidden and disabled from being set in the UI:
; - "Archiving Settings"
; - "Update settings"
; - "Email server settings"
enable_general_settings_admin = 1
```
* improve the meaning of enable_general_settings_admin = 1
* Do not allow to configure trusted hostnames if general settings are disabled
|
|
Email through DI (#13658)
|
|
|
|
|
|
* Use correct filter in certain places in twig templates.
* Another filter change.
* Reverse encoding strategy in site selector.
* Tweak to annotation escaping.
* Fix couple more double encoding issues.
* encode report name on unsubscription page
* Escape site name in quickaccess directive.
|
|
* Changed wording of YouAreOptedIn
* Update en.json
|
|
|
|
|
|
|
|
* Remember user who created a site.
* Send email if no tracked data within N days.
* Add test and get to pass.
* Fixes after manual tests of emails
* Bump version & change column name to creator_login.
* Email tweaks.
* Rename Site::getCreationUserFor
* Modify Site:: access methiod name
* Applying PR feedback.
* Move email HTML content generation logic to separate class in DI.
* tweak translations
* Apply PR review feedback.
* Couple more tweaks.
* Make tracking code check a one time task + and save timetable when removing inactive tasks.
* Update save call.
* Apply more PR feedback.
* small performance tweak and put the site name in quotes
* Fixing tests.
* Update expected file.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* Replace proxy redirect with rel=noreferrer
* Add noopener
* Restore action=redirect for non-Matomo links
* Wrap referring URLs
* NO target on download link
* Fix Github links
* Fix whitespace
* Fix tests
* Revert change
* Revert changes
* Fix tests
* Add noreferrer shim for MSIE 10
* Remove all action=redirect links
* Restore noreferrer
* Restore test
* Fix one more occurrence
* Update changelog
* Combine if's
* Fix changelog wording
* Fix stray whitespace
|
|
* Make CORS domain configureable in UI
* Move trusted host settings to SystemSettings class
* Use unique id for pluginSettings
* Improve styling
* Improve help text
* improve code & naming
* Implements new UI field array type
* review adjustments
* reorganize form demo
* update UI files
* update system test files
* Improve handling of Config Settings
|
|
|
|
|
|
|
|
|
|
|
|
* Make some menus translatable
* Update changelog
|
|
|
|
inline-script CSP (#12873)
* on opt-out page move js to separate file to fix inline-script (CSP)
* Compatibility of separate optOutJs with tracker-proxy
* remove destinction between proxy and normal request
* revert unwanted changes of /tmp/.gitkeep and created .htaccess
* In optout form, clear new window closed check interval after new window is closed.
Otherwise, if reload takes more than 1s, the interval will run again and try another reload, cancelling the pending one. Which results in no reload occuring.
|
|
|
|
|
|
|
|
|
|
settings (#12558)
* add a couple of new platform features especially around validating settings
* more validators and other tweaks
* few tweaks
* allow plugins to add header script in JS tests
* some work on gdpr
* remove email feature
* menu update
* add date tooltip
* make sure privacy has its own icon
* added some text
* add opt out info
* better titles
* add some information about webserver logs
* add log import notice
* give angular some time to render
* show border around iframe
* make sure to place a notification in modal dialog if needed
* when opening a modal, make sure the top part is visible
* disable newsletter sign up by default
* command line tool to anonymize and remove previously tracked raw data
* implement some basic consent features into piwik.js
* minor tweak
* schedule entries to anonymize data in past
* let users anonymize historical data
* better overview
* better naming
* explain consent tracking
* add legitimate interest
* new menu structure for privacy
* use a proper db table for scheduled anonymizations
* add some tracker tests
* some tests and fixes
* couple of fixes and tests
* starting to add some UI tests
* more tweaks
* add missing file
* fix jslint
* have the field full width
* more tweaks
* create directory if needed
* various fixes
* fix some tests
* make sure keys will be always returned in same order
* more fixes
* fix some tests
* apply feedback from review
* fix some tests
* this might fix mysqli tests
* fix some tests
* trying to fix mysqli tests
* fix system test
* fix comment
* remove some duplicated code
* update method name
* trigger event when logs need to be deleted
* add possibility to anonymize userId and orderId
* trigger event in tracking code page
* expire consent in hours
* post another event
* update wording for privacy GDPR
* fix various ui tests
* fix some tests
* trying to fix ui tests
* trigger another test run
* fix system test
* fix some ui tests
* show a table of contents on tracking code page, fix title, add mobile apps and API
* fix ui test
* 3.5.0-b2 update
* Re-generate piwik.js
* fix job status and selector style
* make sure to include only sites with admin access
* some tweaks
* fix some ui tests
* fix some ui tests
* fix test
|
|
|
|
|
|
|
|
|
|
* composer package piwik/searchengine-and-social-list is now matomo/searchengine-and-social-list
* composer package piwik/referrer-spam-blacklist is now matomo/referrer-spam-blacklist
* update icon submodule
* update git url
|
|
|
|
* Added custom URL parameters to style the optOut iframe
* UI optOut customisation
* Improved Features and iframe preview
* Update .gitignore
* Update en.json
* Update CoreHome.php
* Update opt-out-customizer.controller.js
* Update opt-out-customizer.directive.html
* Update PrivacyManager.php
|
|
* Replace all occurences of Piwik in english translations of Actions plugin
* translation update
* Replace all occurences of Piwik in english translations of API plugin
* translation update
* Replace all occurences of Piwik in english translations of core
* replace Piwik occurrences
* Rename widget piwik.org blog => matomo.org blog
* fix widget name
* replaced some more piwik mentions
* Renamed to Matomo a few strings
* Replaced more strings to Matomo in JSON files, twig templates
* Replaced more strings to Matomo in INI file
* Replaced more strings to Matomo in API docs, error messages, feedback forms
* introduce API.getMatomoVersion and ExampleAPI.getMatomoVersion API + deprecate old ones
|
|
|
|
* renaming more Piwik mentions
* some more updates
* fix some tests
* support matomo partially as require string
* fix tests
* fix failing system test
* fix tests
* fix system test
* fix test
|
|
|
|
The currently shown settings are wrong anyway (eg it always says YES browser archiving is enabled and shows how often it is archived but both values may be very wrong). Also it is not needed to show this information when the admin is disabled.
|
|
|
|
commit + tests). (#12267)
* In log importer, allow filtering logs by host & datetime (new submodule commit + tests).
* Add tests for replay tracking filtering & check that filtered line is in output.
* More log filtering tests for log replay.
|
|
* Adds a note about cross domain linking requiring multiple domains. Adds a new i18n key CoreAdminHome_JSTracking_CrossDomain_NeedsMultipleDomains
* Update en.json
|
|
|