TCPDF

mirror of https://github.com/tecnickcom/TCPDF.git synced 2025-03-28 18:02:24 +01:00

Author	SHA1	Message	Date
Nicola Asuni	26abef749a	Merge branch 'main' into rollback	2021-03-27 08:39:10 +00:00
Nicola Asuni	f930ac7cea	Merge pull request #319 from Ayesh/curl-hardening Curl Security: Limit protocols and redirects	2021-03-27 08:36:19 +00:00
Nicola Asuni	76864e25f5	Merge branch 'main' into curl-hardening	2021-03-27 08:36:10 +00:00
Nicola Asuni	2a1241bfc5	Merge pull request #341 from dionisvl/main Fixed large count of notices	2021-03-27 08:35:33 +00:00
Nicola Asuni	3894e0563f	Merge branch 'main' into main	2021-03-27 08:35:27 +00:00
Nicola Asuni	b9b011916b	Merge pull request #330 from DISPI-dev/dispi General fixes and PHP 8 deprecation fixes	2021-03-27 08:34:19 +00:00
Nicola Asuni	d943b38655	Merge branch 'main' into dispi	2021-03-27 08:33:52 +00:00
nicolaasuni	a9525646a1	Merge branch 'main' of github.com:tecnickcom/TCPDF into main	2021-03-27 08:32:34 +00:00
nicolaasuni	3b1b063876	ignore .phpdoc	2021-03-27 08:30:57 +00:00
Den	0eb62a7d5f	Fixed large count of notices	2021-03-26 13:56:12 +03:00
Marc van Tilburg	e5c11046f8	PHP 8 (deprecation) fixes	2021-03-03 10:13:36 +01:00
Ayesh Karunaratne	65cc96b190	Curl Security: Limit protocols and redirects In `include/tcpdf_static.php` file, there are couple Curl calls that could use some additional Curl hardening. 1. Limit the maximum number of redirects Curl is allowed to follow. Currently, it is configured in PHP source code to 20. However, as a [security precaution, limit it to 5](https://php.watch/articles/php-curl-security-hardening#infinite-redirects). 2. Curl is used here for HTTP, HTTPS, and in one instance, for FTP URLs. With `CURLOPT_FOLLOWLOCATION` option enabled, this allows a malicious remote server to perform SSRF attacks and utilize all protocols Curl supports, such as LDAP, FTP, etc that are highly undesired. Setting a restricted [`CURLOPT_PROTOCOLS` value mitigates this vulnerability](https://php.watch/articles/php-curl-security-hardening#ssrf). In older Curl versions, it even allows local file inclusion attacks with `file:///etc/passwd` style redirect URLs.	2021-01-23 14:57:33 +07:00
Nicola Asuni	456b794f1f	Merge pull request #298 from nullx2/fix-fontspace Fix font_space	2020-12-09 07:15:50 +00:00
Nicola Asuni	b691a7f457	Merge pull request #302 from mvorisek/fix_eol Fix EOL of text files	2020-12-09 07:14:23 +00:00
Nicola Asuni	2a75e5ac4e	Merge pull request #289 from przemekperon/php74-fix Fix for PHP 7.4	2020-12-09 07:13:46 +00:00
Nicola Asuni	89f9e5f616	Merge pull request #293 from cedric-anne/fix/php8 Fix optionnal parameters declaration (PHP8)	2020-12-09 07:11:17 +00:00
Michael Voříšek	b1d5922525	Fix EOL of text files	2020-11-23 10:59:42 +01:00
Yuya Yabe	481e46d365	Fix width calc	2020-11-11 15:44:33 +09:00
Cédric Anne	9616e9e44b	Fix optionnal "$tagvspaces" parameter declaration	2020-10-14 10:35:46 +02:00
Cédric Anne	292fc741f8	Fix optionnal "$k" parameter declaration	2020-10-14 10:35:08 +02:00
Cédric Anne	e5f4da5a76	Fix optionnal "$currentfont" parameter declaration	2020-10-14 10:33:59 +02:00
Przemek Peron	9e8861b4dc	Fix for PHP 7.4	2020-10-01 20:27:22 +02:00
Jakub Jelen	0727b9598f	Remove file_id from the cloned object before destruction This prevents the cloned object from removing temporary files owned by the original object during cleanup, potentially leaving some that were created during the transaction, but these should be cleaned with the original object Fixes #205	2020-04-10 17:40:02 +02:00
Nicola Asuni	485956db63	Merge pull request #197 from SuperVirus/php53-compat Changed [] to array() to maintain PHP 5.3 compat.	2020-04-01 14:36:47 +01:00
SuperVirus	6617ab2cd9	Changed [] to array() to maintain PHP 5.3 compat.	2020-03-08 23:19:12 +01:00
nicolaasuni	19a535eaa7	Bump version 6.3.5	2020-02-14 14:20:12 +00:00
Nicola Asuni	6ca08645e2	Merge pull request #183 from bolduz/bolduz-tcpdf-fix-176 Fix #176: syntax error on line 12387 (invalid usage of array index)	2020-02-14 14:17:28 +00:00
Nicola Asuni	51ae053e81	Merge pull request #178 from Findus23/some-more-curly-brace-fixes fix curly braces in pdf417	2020-02-14 14:10:16 +00:00
Enrico	cea137671f	Fix #176 : syntax error on line 12387 (invalid usage of array index) Fix a syntax error issue when accessing an index of a casted variable	2020-02-14 11:47:31 +01:00
Lukas Winkler	c09bef348d	fix curly braces in pdf417	2020-02-13 12:46:53 +01:00
nicolaasuni	510070b5e0	Unlink only images in cache 6.3.4	2020-02-12 13:26:24 +00:00
nicolaasuni	84d41c66fd	Check if imagekeys exist	2020-02-12 13:14:52 +00:00
nicolaasuni	185eb13f21	Fix syntax error 6.3.3	2020-02-12 11:32:17 +00:00
Nicola Asuni	fe779adc9e	Merge pull request #145 from woytam/patch-1 Problem with $imagekeys undefined or unlinked	2020-02-12 11:18:46 +00:00
Nicola Asuni	2260343cfa	Merge branch 'master' into patch-1	2020-02-12 11:18:38 +00:00
Nicola Asuni	06ac099478	Merge pull request #148 from ivan-koliadynskyy/patch Update tcpdf_static.php	2020-02-12 11:16:19 +00:00
Nicola Asuni	91b3fde146	Merge pull request #146 from itrocks/svg-fixes FIX SVGPath elliptical arc with rx/ry=0 + z should return to initial …	2020-02-12 11:11:40 +00:00
Nicola Asuni	e6f06ee9f8	Merge pull request #166 from sasanyasari/#165 set background image in RTL mode debugged	2020-02-12 11:10:54 +00:00
Nicola Asuni	c25f6d642b	Merge pull request #150 from upsite4k/patch-1 Valid PDF/A XMP Information	2020-02-12 11:05:55 +00:00
Nicola Asuni	ceda0aa97c	Merge branch 'master' into patch-1	2020-02-12 11:05:46 +00:00
Nicola Asuni	c50c07fade	Merge pull request #143 from DaRealFreak/fix/no-list-access Prevent crash in case of no list access in cache path	2020-02-12 11:01:36 +00:00
Nicola Asuni	add4b458d5	Merge pull request #142 from DominiqueFERET/patch-1 Prevents crash and files deletion.	2020-02-12 11:00:35 +00:00
Nicola Asuni	ae7d45fc59	Merge pull request #141 from gabema/RemoveBackupFiles Removing backup changelog files from repo	2020-02-12 10:59:44 +00:00
Nicola Asuni	3f56071806	Merge pull request #138 from tanelt/fix_pdf_a_3b_compatibility Fix PDF/A-3b compatibility and validation	2020-02-12 10:57:43 +00:00
Nicola Asuni	9fa49f7da9	Merge pull request #149 from SunMar/patch-1 Fix license in composer.json	2020-02-12 10:53:54 +00:00
Nicola Asuni	8a55479acf	set license to LGPL 3.0	2020-02-12 10:53:43 +00:00
Nicola Asuni	621723c929	Merge pull request #137 from fisharebest/patch-1 PHP 7.4 - cannot use array offset on integers	2020-02-12 10:51:01 +00:00
Nicola Asuni	97c0e35a7a	Merge branch 'master' into patch-1	2020-02-12 10:50:50 +00:00
Nicola Asuni	f6fe2d7195	Merge pull request #162 from LDAV/patch-1 Fix php7.4 error	2020-02-12 10:49:18 +00:00
Nicola Asuni	59be217aa0	Merge branch 'master' into patch-1	2020-02-12 10:49:03 +00:00

1 2 3 4 5 ...

820 Commits