Commit graph

156 commits

Author SHA1 Message Date
Iván Eixarch
ef3231efd2 cleaning 2012-11-23 19:06:18 +01:00
Iván Eixarch
d0a17d5471 test import converting to html instead to txt by default 2012-11-23 18:18:03 +01:00
Marcel Klehr
e24ed46a08 PadMessageHandler: Make sure sessioninfos[session] still exists before pushing data to user. 2012-11-10 10:47:12 +01:00
John McLear
d7ec050f34 Merge pull request #1035 from amtep/develop
Guard against malicious clients in USERINFO_UPDATE handling
2012-10-11 08:27:27 -07:00
Dmitry
dbcdc2f956 fix for error handling in callback code
The callback code does not follow error handling guidelines, thus always
receiving NULL instead of results array.
2012-10-11 18:07:45 +04:00
Dmitry
0fa954c1a0 fixed variable name in handleMessageHook
the code would never work as expected with this type
2012-10-11 17:51:57 +04:00
Richard Braakman
85b44119ae USERINFO_UPDATE: construct a new message for broadcast
The server was reusing the client's message when broadcasting userinfo
updates. This would allow a malicious client to insert arbitrary fields
into a message that the other clients would trust as coming from the
server. For example, adding "disconnect" or renaming other authors.

This commit fixes it by having the server construct a new message with
known fields before broadcasting.
2012-10-02 23:27:30 +03:00
Richard Braakman
2e72a1e489 Prevent server crash in handleClientReady
The client might have disconnected between callbacks so don't try to
write to the session before checking this. The main callback of this
function now has a single check at its top.

Removed a redundant check halfway through the callback.

Also normalized use of client.id for the session index instead of a mix of
client.id and sessionId.

Added some explanatory comments.
2012-09-28 23:23:00 +03:00
Richard Braakman
413ddb393e Add some explanatory comments to handleUserChanges() 2012-09-28 22:49:20 +03:00
Richard Braakman
7aaef01346 Prettify session handling in handleUserChanges
Also add a comment to explain what's going on with thisSession.
No changes in behavior.
2012-09-27 23:07:00 +03:00
Richard Braakman
f1b4206cad Fix crash when client submits changeset based on too-old revision
We had a problem with the server running out of stack space if a client
submitted a changeset based on a revision more than about 1000 revs old.
(944 was our cutoff but yours may vary). This happened in the wild with
about 30 people editing via flaky wifi. A disconnected client would try
to submit a fairly old changeset when reconnecting, and a few minutes
was enough for 30 people to generate that many revs.

The stack kept growing because pad.getRevisionChangeset was being answered
from the cache, so no I/O interrupted the callback chain. (This was seen with
mysql, I don't know about other backends.)

This patch forces a nextTick every 200 revisions to solve this problem.
2012-09-26 03:01:59 +03:00
Richard Braakman
e16008b371 Fix sessioninfos race that can cause crash during USER_CHANGES handling
When stress testing etherpad-lite we occasionally got this error:

TypeError: Cannot read property 'author' of undefined
    at /home/etherpad/etherpad-lite/src/node/handler/PadMessageHandler.js:556:47

handleUserChanges was accessing sessioninfos[client.id].author in a callback,
after spending some time in the loop that updates the changeset to the
latest revision. It's possible for a disconnect request to be processed
during that loop so the session might no longer be there.

This patch fixes it by looking up the author at the start of the function.
2012-09-26 03:01:59 +03:00
Marcel Klehr
f8f002adc0 Add listAllGroups API endpoint
Adds a database key that lists all groups
2012-09-17 23:03:56 +02:00
Marcel Klehr
ad16c0d0d4 Bump API version to v1.1 2012-09-13 16:13:54 +02:00
Marcel Klehr
ea0f7cb2e9 Add support for multiple api versions 2012-09-09 18:20:16 +02:00
John McLear
7e79bf3462 Update src/node/handler/APIHandler.js 2012-09-04 17:26:08 +02:00
Mark Holmquist
f9469ef256 Add in padUsers HTTP API call
I needed the list of users this time, so I got it. There are docs
and everything.
2012-08-17 13:39:16 -07:00
Mark Holmquist
3d4fb81796 Add in an HTTP API call to send a custom message type.
You cannot currently send any data with your custom message, but
this patch is just begging for a second one that will allow that.
2012-08-08 10:12:11 -07:00
Matthias Bartelmeß
975171a86b Make handleMessage async 2012-07-08 21:06:19 +02:00
Egil Moeller
17b6103a3d Bugfix for broken readonly timeslider 2012-07-05 19:33:20 +02:00
Mark Holmquist
a71a8a7efc Add in padUsersCount method and API call
The PadMessageHandler objects now have a new API call associated
with them. I'm sure that's a funny place to put it, but the
pad2sessions object in that file seems to be the only place user
counts are stored!

Anyway, I hope this is helpful. I know it would be for me :)
2012-06-29 11:26:12 -07:00
John McLear
a717c11ab3 Merge pull request #819 from marcelklehr/contributor-api-methods
Contributor api methods (listPadsOfAuthor & listAuthorsOfPad )
2012-06-27 11:31:25 -07:00
Mark Holmquist
ab0d3c87cb Add in getLastEdited API call
This new HTTP API call, getLastEdited, will return the time of the
last revision, in UNIX timestamp format.
2012-06-27 10:05:17 -07:00
Marcel Klehr
6f9d7a5db7 Add 2 new APIs: listPadsOfAuthor and listAuthorsOfPad
Return all pads that a given author has contributed to (not just
created) and return all authors who has contributed to a given pad.
2012-06-27 18:23:17 +02:00
John McLear
0bc01feb72 Merge pull request #818 from MarkTraceur/kick-on-deauth
Kick on deauth
2012-06-26 16:09:14 -07:00
Mark Holmquist
c4e660b206 Fix glaring problem with pull request
I accidentally forgot to call finalHandler if there was no padID
.... :)
2012-06-26 16:07:08 -07:00
John McLear
3d9a2360be Merge pull request #817 from MarkTraceur/kick-on-deauth
Kick on deauth
2012-06-26 16:01:40 -07:00
Mark Holmquist
79ca5f3e7c Refuse connection if the user is no longer authorized
This should do the trick for issue 815. Please review and merge if
it works.

Try again: Fewer variables.
2012-06-26 16:00:38 -07:00
Mark Holmquist
854e1092d9 Add in a new hook for handleMessage
Add a new hook: handleMessage. Whenever a message comes in, it is
intercepted by this hook.
2012-06-26 14:10:42 -07:00
Egil Moeller
15a7d24450 Merge branch 'master' into timeslider-realtimeupdate+readonly-pads
Conflicts:
	src/node/handler/PadMessageHandler.js
	src/static/css/pad.css
	src/templates/pad.html
2012-05-29 21:26:12 +02:00
John McLear
26614bf2d5 You can't use $ if no jQuery is available.. Apologies for so much spam on this issue, this finally resolves #594 2012-05-23 01:01:50 +02:00
John McLear
d1c2d12150 Import Should now work in IE 2012-05-23 00:52:10 +02:00
John McLear
dafa44e6b4 I hate how hacky this change is. 2012-05-23 00:51:03 +02:00
John McLear
b27287ce37 Update src/node/handler/ImportHandler.js 2012-05-23 00:49:12 +02:00
John McLear
c8b93f6ddc Fix IE import 2012-05-23 00:46:56 +02:00
Matthias Bartelmeß
06c36f3023 fix #722 by better argument checking in PadMessageHandler.js 2012-05-22 09:31:28 +02:00
0ip
99ecadc0c3 Fix #655, wrong located APIKEY.txt 2012-05-13 00:34:26 +03:00
Egil Moeller
e559ef5640 Disable design mode in readonly pad 2012-04-23 16:41:41 +02:00
Egil Moeller
480d0b8e25 ReadOnly pad handling 2012-04-23 16:18:14 +02:00
Egil Moeller
e5a22423bb Fixed timedelta problem 2012-04-23 14:20:17 +02:00
Egil Moeller
583743a3f9 Restored saved revision support 2012-04-23 12:58:04 +02:00
Egil Moeller
914d79ad20 Unified timeslider and pad editing protocol / component 2012-04-23 12:52:30 +02:00
Matthias Bartelmeß
e664320b8c removed sliderEnabled, supportsSlider clientVars, as they were not used anywhere 2012-04-15 19:25:23 +02:00
Matthias Bartelmeß
b7a0b36b5e ...well stupid error 2012-04-08 21:21:30 +02:00
Matthias Bartelmeß
0340c87996 Pad message handler detects lineattributemakers by asking Attribute manager 2012-04-07 01:05:25 +02:00
John McLear
9ecd864ac6 Merge pull request #557 from redhog/master
Templating system built on top of EJS and plugin installer
2012-04-02 12:42:38 -07:00
Egil Moeller
33c53e61c2 Merge branch 'johnyma22'
Conflicts:
	node/utils/Minify.js
	src/static/js/pad.js
	src/static/js/pad_docbar.js
	src/static/js/pad_editbar.js
	src/static/js/pad_savedrevs.js
	static/css/timeslider.css
	static/pad.html
2012-04-01 13:27:38 +02:00
Matthias Bartelmeß
daca484747 Merge branch 'develop' into objectify_ep
Conflicts:
	src/node/utils/tar.json
	src/static/js/ace2_inner.js
2012-03-27 11:15:48 +02:00
Matthias Bartelmeß
8eb43a3ebf replaceing AttributePoolFactory by AttributePool 2012-03-18 09:05:46 +01:00
Matthias Bartelmeß
ede32726c1 check if sockets are available in PadMessageHandler 2012-03-14 01:32:16 +01:00
Egil Moeller
ce5d2d8685 Merge branch 'pita'
Resolved conflicts:
	.gitignore
	src/static/js/ace.js
	src/static/js/ace2_inner.js
	src/static/js/broadcast.js
	src/static/js/domline.js
	src/static/pad.html
	src/static/timeslider.html

Ignored conflicts (please merge manually later):
	node/server.js
	src/node/utils/Minify.js
2012-03-02 22:00:20 +01:00
Egil Moeller
81440cd856 Removed old pluginfw stuff 2012-03-01 19:00:58 +01:00
Egil Moeller
35626df77b Send plugin data to client 2012-02-29 16:05:44 +01:00
Egil Moeller
a894fcd4f9 Removed CommonCode entierly 2012-02-28 21:19:10 +01:00
Egil Moeller
763361a7c9 First stab at getting client side require(plugin/..) to work from within etherpad 2012-02-26 17:48:17 +01:00
Egil Moeller
1239ce7f28 The Big Renaming - etherpad is now an NPM module 2012-02-26 13:07:51 +01:00