Added noopener, noreferrer and nofollow to user generated links to prevent users abusing the link system for malicious purposes.
Also, this is the 400th commit 🎉
Added custom spaces and headings users can add like buttons to their littlelink pages to divide button sections into groups.
Spaces can be changed via the number in the title, and one space equals one "<br>". The maximum spaces that can be added with one space 'button' is capped at 10.
The 'Space' button will be replaced with an empty space, so buttons could be visually separated into groups. Entering a number between 1-10 in the title section will change the empty space's distance.
The 'Heading' button will be replaced with a sub-heading, where the title defines the text on that heading.
Added option to override registration, even if disabled with the setting in the database.
This is something that probably 99.999% of users will never need, but I really need a function like this for my personal instance.
If "REGISTER_OVERRIDE=true" is added to the .env config file, users will be able to register no matter what is set with the setting in the database. This is useful if two LittleLink Custom instances access the same database, but one should allow registration and the other should not.
If this causes any errors in the future, I will remove this.
Adds the ability to insert code snippets into the head and body element laid out by the sidebar with blade by including:
@push('stylesheets')
<!-- your code -->
@endpush
@push('scripts')
<!-- your code -->
@endpush
Added option to override registration, even if disabled with the setting in the database.
This is something that probably 99.999% of users will never need, but I really need a function like this for my personal instance.
If "REGISTER_OVERRIDE=true" is added to the .env config file, users will be able to register no matter what is set with the setting in the database. This is useful if two LittleLink Custom instances access the same database, but one should allow registration and the other should not.
If this causes any errors in the future, I will remove this.
Added a security check on the sidebar.blade.php that tests if critical config components are accessible externally by anyone.
This is a fairly crude method and not at all optimized. I might change this in future revisions. At least this feature is disabled for normal users, so it won't affect load for non admins. This is the same code from the new diagnostic tool added in the previous commit. I had to change the names of each variable, otherwise the diagnostic tool could not use the same variables. The smart thing to do here would probably be to simply use the variables only in the sidebar, since they are loaded anyway since the sidebar layout is included on the diagnostic tool, effectively loading the variables twice. I might change this later, but for now I will leave it as.
Read more about the diagnostic tool on the blog here: https://blog.littlelink-custom.com/new-security-check-tool/
Julian Prieber
Julian Prieber
dependabot[bot]