From 6cdaafdc37f4cd0a6b0d58d9730af66a3fe9e2a1 Mon Sep 17 00:00:00 2001 From: Hosted Weblate Date: Thu, 16 Dec 2021 06:25:54 +0100 Subject: [PATCH 1/2] =?UTF-8?q?Update=20Norwegian=20Bokm=C3=A5l=20translat?= =?UTF-8?q?ion?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: Petter Reinholdtsen --- locales/nb-NO.json | 30 +++++++++++++++++++++++++++++- 1 file changed, 29 insertions(+), 1 deletion(-) diff --git a/locales/nb-NO.json b/locales/nb-NO.json index 818bfb25..9e5eef03 100644 --- a/locales/nb-NO.json +++ b/locales/nb-NO.json @@ -433,5 +433,33 @@ "footer_modfied_source_code": "Endret kildekode", "adminprefs_modified_source_code_url_label": "Nettadresse til kodelager inneholdende endret kildekode", "preferences_quality_dash_label": "Foretrukket DASH-videokvalitet: ", - "preferences_region_label": "Innholdsland: " + "preferences_region_label": "Innholdsland: ", + "preferences_quality_option_hd720": "HD720", + "preferences_quality_option_small": "Lav", + "preferences_quality_dash_option_auto": "Auto", + "preferences_quality_dash_option_best": "Best", + "preferences_quality_dash_option_worst": "Verst", + "preferences_quality_dash_option_4320p": "4320p", + "preferences_quality_dash_option_1440p": "1440p", + "preferences_quality_dash_option_1080p": "1080p", + "preferences_quality_dash_option_720p": "720p", + "preferences_quality_dash_option_480p": "480p", + "preferences_quality_dash_option_360p": "360p", + "preferences_quality_dash_option_240p": "240p", + "preferences_quality_dash_option_144p": "144p", + "invidious": "Invidious", + "purchased": "Kjøpt", + "360": "360°", + "none": "intet", + "videoinfo_watch_on_youTube": "Se på YouTube", + "videoinfo_youTube_embed_link": "Bak inn", + "videoinfo_invidious_embed_link": "Bak in lenke", + "download_subtitles": "Undertekster - `x` (.vtt)", + "user_created_playlists": "`x` spillelister opprettet", + "user_saved_playlists": "`x` spillelister lagret", + "Video unavailable": "Utilgjengelig video", + "preferences_quality_option_dash": "DASH (tilpasset kvalitet)", + "preferences_quality_option_medium": "Medium", + "preferences_quality_dash_option_2160p": "2160p", + "videoinfo_started_streaming_x_ago": "Strømmen startet for `x` siden" } From ddb06b0cac4c0b78e2e8e085791bce4c3a760625 Mon Sep 17 00:00:00 2001 From: Samantaz Fox Date: Sun, 19 Dec 2021 20:11:50 +0100 Subject: [PATCH 2/2] Fix XSS vulnerability in channel playlists The channel//playlists page was vulnerable to Cross Site Scripting (XSS), because the different URL parameters were inserted as-is in the URL meant for instance switching. This vulnerability could allow an attacker to inject malicious Javascript in the page by tricking the user to click on a crafted link. Bug introduced in commit 66e7285108363c3c3dcb814bdffb716c14e1724d ("Only use /redirect when automatically redirecting"). Thanks to Jack (@testa:cthd.icu on Matrix, @cysea on github) for responsibly reporting this issue! --- src/invidious/views/playlist.ecr | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/invidious/views/playlist.ecr b/src/invidious/views/playlist.ecr index d0518de7..136981da 100644 --- a/src/invidious/views/playlist.ecr +++ b/src/invidious/views/playlist.ecr @@ -47,7 +47,7 @@ <%= translate(locale, "Switch Invidious Instance") %> <% else %> - + <%= translate(locale, "Switch Invidious Instance") %> <% end %>