Latest JAS v1.1.0
144 plugins online

mutilate stripTags whitespace

JAS13OCT015
Project
JAS Core (JAS)
Reported
Mutilate::stripTags should have an option to replace the tags with white spaces to ensure words aren't glued together

JAS Daemon

JAS13OCT012
Project
JAS Core (JAS)
Tags
Reported
Triggers: - Time - Every X seconds/minutes/hours/days/months/years - File watching - local - FTP/SFTP (polling) - Service watching (polling) - POP/IMAP - HTTP/RSS - PING - Database update Actions - Database update - Plugins (config) - Move file - local/FTP/SFTP/HTTP Examples - RSS reader - File mover - Service monitor - System statistics

Password generator + validator restrict characters

JAS13OCT022
Project
JAS Core (JAS)
Reported
Rank
2
The password generator + validator should exclude certain characters from the character sets to avoid confusion and potential bugs, e.g.:capital i and lower l are confusing capital o and zero are confusing @ and : may ruin passwords in URL As none of the values are per se incorrect it may make sense to just remove them from the generator but still leave them as "valid" values.

Alter table rename enum

JAS13OCT005
Project
JAS Core (JAS)
Tags
Reported
Rename enum options needs proper option checking

Trim values

JAS16SEP001
Project
JAS Core (JAS)
Tags
Reported
Rank
2
Typically any input should be trimmed, it makes sense to make this a default action which can be explicitly disabled. Instead of the current approach where it needs to be enabled explicitly.

Remove .htaccess files

JAS16JUN001
Project
JAS Core (JAS)
Tags
Reported
Rank
4
The deny/allow rules must be handled by the webserver configuration

Plugin static data

JAS16MAY002
Project
JAS Core (JAS)
Reported
Rank
2
When distributing plugins they often require static data to be setup to function correctly. While this can be handled in the postSetup function, it isn'/files/ in its storage directory which are loaded automagically.  So far to big issues arise:  The order in which the data is loaded is crucial. Mostly this is the order of the modules which is typically dictated by their references. However self-referencing modules also require the order of the individual entries to be correct. ...

Config language file info

JAS16MAR004
Project
JAS Core (JAS)
Reported
Rank
2
Add a configuration option to "store"/files/ are used in the session. Currently it always store this information which clutters the session and is other than being displayed in the backend completely useless.

Plugin export should include (some) dot files

JAS16MAR003
Project
JAS Core (JAS)
Reported
Rank
2
.htaccess files in a plugin are not exported... how to solve this properly? Whitelist .htaccess files or blacklist .hg (and .git etc) files?

Add CSRF prevention support

JAS16JAN006
Project
JAS Core (JAS)
Reported
Rank
3
Cross-Site Request Forgery (CSRF) are request to the server initiated from other websites. Allowing this is potentially dangerous as the request piggybacks on the existing session on the server if it's ran from the same browser (imagine 2 tabs, 1 logged in on the server, the other with a malicious site that sends a request to the server).  The most suitable way to prevent this seems to be Synchronizer Token Pattern  (STP) which effectively requires a unique token to be sent...


Report issues

We're currently not allowing issue reporting directly via ITS. Please use the feedback form to submit your issues.