191 commits

Author	SHA1	Message	Date
John McLear	1e98033632	Security: Fix revision parsing (#5772) ... A carefully crated URL can cause Etherpad to hang.	2023-06-26 18:17:06 +01:00
SamTV12345	1d0d109821	Updated changelog	2023-06-20 16:26:02 +02:00
webzwo0i	22a9b81cf0	add changelog entry for node v14 requirement	2022-09-24 22:58:32 +02:00
Richard Hansen	7e4931cf25	Windows build: Switch to 64-bit Node.js executable	2022-05-14 18:25:29 -04:00
Richard Hansen	2d56838792	Windows build: Upgrade bundled Node.js to v16	2022-05-14 18:25:29 -04:00
Richard Hansen	2facf3a0c5	ExportEtherpad: New importEtherpad, exportEtherpad hooks	2022-05-06 02:54:34 -04:00
Richard Hansen	44fd70491d	ImportEtherpad: Batch database writes	2022-05-05 20:49:52 -04:00
Richard Hansen	6a183db850	ExportEtherpad: Parallelize record reads	2022-05-05 19:33:21 -04:00
Richard Hansen	88c0ab8255	ExportEtherpad: Support custom subkeys	2022-05-05 19:33:21 -04:00
Richard Hansen	b82ccb76df	Merge branch 'master' into develop	2022-05-05 18:53:03 -04:00
Richard Hansen	f22fb13d89	deps: Bump ueberdb2 to 2.2.4	2022-05-05 05:18:53 -04:00
Richard Hansen	096379e6f9	Pad: Limit DB concurrency when copying a pad	2022-04-16 00:03:00 -04:00
Richard Hansen	ff494563d9	Pad: Call padCreate, padUpdate hooks asynchronously	2022-04-15 23:52:16 -04:00
Richard Hansen	07146591dd	Pad: Run padLoad hook asynchronously	2022-04-08 22:04:00 -04:00
Richard Hansen	b38d66b30b	Pad: Move padLoad hook to Pad.init()	2022-04-08 22:04:00 -04:00
Richard Hansen	f9610452cf	Pad: New padCheck hook	2022-04-08 21:52:11 -04:00
Richard Hansen	a2460a9848	Pad: New padRemove hook pad context property	2022-04-08 21:52:11 -04:00
Richard Hansen	8fe779b58c	Pad: New padCopy hook dstPad context property	2022-04-08 21:52:11 -04:00
Richard Hansen	9cdb69c159	Pad: Rename originalPad context property to srcPad	2022-04-08 21:52:11 -04:00
Richard Hansen	59d60480c0	Pad: Expose pad-specific database object ... This will make it possible for plugins to add/change/delete custom pad-specific records.	2022-04-08 21:52:11 -04:00
Richard Hansen	ae092edf0c	AuthorManager: New getAuthorId hook	2022-03-16 06:10:28 -04:00
Richard Hansen	32c82917e3	Merge branch 'master' into develop	2022-02-23 17:25:38 -05:00
Richard Hansen	d97537d18b	Release v1.8.17	2022-02-23 17:03:34 -05:00
Richard Hansen	ba370b0e05	PadMessageHandler: Don't trust user-provided padId	2022-02-23 16:11:21 -05:00
Richard Hansen	bdbde88fed	PadMessageHandler: Fix USER_CHANGES queue identifier ... `message.padId` is normally undefined for `USER_CHANGES` messages.	2022-02-23 16:11:16 -05:00
Richard Hansen	c59cbb537a	Bump version	2022-02-23 16:10:47 -05:00
Richard Hansen	1513932ca1	plugins: Give each plugin a plugin-specific logger object ... This makes it possible for plugins to stop assuming that log4js is available at `ep_etherpad-lite/node_modules/log4js`.	2022-02-21 15:13:57 -05:00
Richard Hansen	2e0e872ae3	Pad: New padDefaultContent hook	2022-02-19 14:55:43 -05:00
Richard Hansen	aa286b7dbd	API: Add optional authorId param to mutation functions	2022-02-19 14:55:42 -05:00
Richard Hansen	aec512d1fa	Pad: Rename author context properties to authorId	2022-02-19 14:55:42 -05:00
Richard Hansen	2512593d4b	docs: Group HTTP API changes	2022-02-19 14:25:51 -05:00
Richard Hansen	1e604add99	deps: Require Node.js 12.17.0 or later ... This makes it possible to use dynamic `import()`.	2022-01-27 01:27:10 -05:00
Richard Hansen	692749d1cf	express-session: Extend session lifetime if user is active	2022-01-17 21:45:56 -05:00
Richard Hansen	023e58cfe6	express-session: Set a finite cookie lifetime	2022-01-17 21:45:56 -05:00
Richard Hansen	ec10700dff	express-session: Don't save uninitialized sessions ... This should avoid frivolous session records, such as when the user gets a 404 (unless login was required to see the 404).	2022-01-17 21:45:56 -05:00
Richard Hansen	945e6848e2	SessionStore: Delete DB record when session expires ... This only deletes records known to the current Etherpad instance -- old records from previous runs are not automatically cleaned up.	2022-01-17 21:45:56 -05:00
Richard Hansen	02a56dc58c	PadMessageHandler: Allow handleMessageSecurity to grant one-time write access	2021-12-21 17:23:56 -05:00
Richard Hansen	31b025bd9d	PadMessageHandler: Pass session info to handleMessageSecurity hook	2021-12-21 17:23:56 -05:00
Richard Hansen	1b52c9f0c4	PadMessageHandler: Deprecate client context property	2021-12-21 17:23:56 -05:00
Richard Hansen	f1856cf95a	Docker: Use new /health endpoint for HEALTHCHECK	2021-12-21 17:19:56 -05:00
Richard Hansen	696f9c3367	specialpages: New /health endpoint for health checking ... This endpoint is intended to conform with: https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html	2021-12-21 17:19:56 -05:00
Richard Hansen	649fbdccf5	express: Move static handlers to expressPreSession ... This avoids the need to exempt the paths from authentication checks, and it eliminates unnecessary express-session state.	2021-12-20 20:08:19 -05:00
Richard Hansen	72f4ae444d	express: New expressPreSession server-side hook	2021-12-20 20:08:19 -05:00
webzwo0i	8b73f2ee70	padurlsanitize: Don't crash if sanitizePadId() throws ... Let Express send a 500 status code to the user instead. Co-authored-by: Richard Hansen <rhansen@rhansen.org>	2021-12-18 18:47:01 -05:00
Richard Hansen	d94f380141	API: Fix race conditions in setText, appendText, restoreRevision	2021-12-14 01:02:00 -05:00
Richard Hansen	4d457f6296	ImportHandler: Pass ImportError to import hook	2021-12-10 02:34:13 -05:00
John McLear	6cca27dea6	API: getText with old revision should only return text, not atext ... Co-authored-by: Richard Hansen <rhansen@rhansen.org>	2021-12-05 18:50:39 -05:00
Richard Hansen	99fae2ec6e	pad: Fix application of padOptions values from settings.json	2021-12-04 23:06:17 -05:00
Richard Hansen	f00b1ae89b	Merge branch 'master' into develop	2021-11-28 23:10:45 -05:00
Richard Hansen	142a47cbbc	Release v1.8.16	2021-11-28 23:03:58 -05:00