libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-02-08 03:02:03 +01:00
Code Issues Projects Releases Wiki Activity
6178 commits 208 branches 105 tags 125 MiB
Commit graph

325 commits

Author SHA1 Message Date
muxator
d1481041c2 specialpages: replace relative paths for sendfile() with absolute ones 
This file uses it for robots.txt and favicon.ico.

This makes use of the new stable settings.root introduced with #3466, and will
be modified when introducing support for custom skins.
 2018-08-23 23:39:38 +02:00
muxator
9d815c58b8 deprecations: get rid of DEP0005 about Buffer() 
Similar code still lives in some dependent libraries.
It will be updated when upgrading the dependencies.

Fixes #3446
 2018-08-14 19:45:03 +02:00
Muh Muhten
3cedf474e5 Fix misparse of port when binding Unix socket 
The hostname:port of URIs used in Minify are currently bogus and refer
to localhost only for historical reasons; there's no reason to retain
them and omitting them avoids generating an invalid URI when "port" is
not an integer.

Context: settings.port is passed to express's listen; if not numeric, it
is used a filename for a Unix domain socket.
This allows e.g. starting a server to be reverse-proxied on a multi-user
system, using the filesystem to handle access control and avoiding need
to allocate port numbers.

Before this change, etherpad-lite starts without error when configured
to listen on a Unix domain socket in this manner. However, `pad.js` and
`ace2_common.js` are generated incorrecting, causing an error
"Uncaught Error: The module at "ep_etherpad-lite/static/js/rjquery" does not exist."
when loading the editor:

When settings.port is a non-numeric string, e.g. `etherpad.sock`, a URI
of the form `http://localhost:etherpad.sock/static/js/rjquery.js` is
generated and parsed to find the file needed. In this case, the file
searched for is `:etherpad.sock/static/js/rjquery.js`, rather than the
expected `static/js/rjquery.js`. No such file exists, and the required
code is silently omitted from the bundle.

As a workaround, hard-code a (meaningless) hostname which can be parsed
correctly, since the current code makes no use of it anyway.
 2018-08-10 01:57:30 +02:00
Olivier Tétard
5b1e1f0c35 Fix typo in apicalls.js which prevents from importing isValidJSONPName. 2018-04-09 20:56:29 +02:00
John McLear
fa83de778c Password check fix 2018-04-07 10:31:47 +01:00
Peter 'Pita' Martischka
6d5dc93dbf merged 2018-04-07 10:23:49 +01:00
thomas
ffe24c3dd9
Update webaccess.js 2018-04-06 22:21:33 +02:00
Peter 'Pita' Martischka
a08c4383b8 check pad exists before importing / exporting 2018-04-04 21:48:32 +01:00
John McLear
f4f032afc0
Merge pull request #3297 from apenwarr/auth-sequence 
Call authentication hooks before default basic authentication.
 2018-04-03 13:41:51 +01:00
John McLear
18dd90139a
Merge pull request #3115 from noerw/redirect_fix 
redirect /admin properly (fix #3114)
 2018-04-03 13:10:36 +01:00
John McLear
bb40aa00be
Update express.js 2018-04-03 10:59:10 +01:00
John McLear
50bbcb87bb
Merge pull request #4 from nashe/jsonp_fix 
Added a jsonp var checker
 2018-04-03 10:29:52 +01:00
John McLear
8767410a36
be more strict on password check 2018-03-23 19:21:52 +00:00
Peter 'Pita' Martischka
dd7894d3c9 Added a jsonp var checker 2018-03-23 11:17:39 +00:00
Man Yue Mo
a2992b3624 fix jsonp checking. 2018-02-07 08:43:07 +00:00
Stefan
b292e137ed Added missing require for is-var-name 2018-02-03 12:33:33 +01:00
Robert Helmer
f56936c936 better sanitize jsonp 2018-01-30 12:52:19 -08:00
Avery Pennarun
e0582797f2 Call authentication hooks before default basic authentication. 
This allows authenticators to do any extra session setup for a given user,
even if their username/password happens to match settings.json.
 2017-12-31 12:32:50 +00:00
Rainer Rillke
f12debd5c7 Catch SIGTERM for graceful shutdown (#3266) 
Shut down database connection and exit the node process
when SIGTERM is encountered. This is especially important
when nodejs is run as PID1, e.g. in a docker container.

Shutting down connections to clients (browsers) is beyond
this patche's scope.

Resolves #3265
 2017-11-04 19:59:19 -02:00
Luiza Pagliari
cf686282ef Do not use cookie for pad shortcuts 
Users still cannot choose which shortcuts they want to enable/disable,
so it does not make sense (yet) to have a cookie with that preference.

This can be reverted once we create an UI to change shortcuts, but
PLEASE PLEASE PLEASE do not read the cookie every time handleKeyEvent is
called!!!

This is an adjustment to #2891.
 2017-05-11 12:26:14 -03:00
Luiza Pagliari
1ebcf0dc47 Merge pull request #2891 from bhldev/padShortcutDisable 
Added pad shortcut disabling feature to settings.json
 2017-05-11 11:29:25 -03:00
Sjoerd Langkemper
21a6e66e25 Remove deprecated comment 
The session key is currently stored in SESSIONKEY.txt, so it is no longer reset
every time the server starts.
 2017-01-26 09:59:09 +01:00
noerw
cc69e76200 redirect /admin properly (fix #3114) 2017-01-06 18:19:38 +01:00
Stefan
aefa617797 Merge branch 'develop' into improve_cookies 2016-12-20 21:31:11 +01:00
Nobody Really
97fd1ab2fe Added LibreJS support 2016-09-20 09:30:35 +02:00
Dan Bornstein
879ae7c67d Remove the noDocType argument, which was only ever passed as false. 2016-09-08 09:41:23 -07:00
Stefan
009b61b338 Make express-session cookie scheme dependent 2016-07-10 12:44:45 +02:00
Stefan
6b9711cb70 Fixed path check 2016-06-20 00:22:29 +02:00
John McLear
b3b17c2190 Merge pull request #2991 from LokeshN/deactivate-settings 
Issue #2960 - deactivate settings.json
 2016-06-13 14:41:30 +08:00
Stefan
4ea9c4f98d Add secure flag to express-session cookies 2016-06-08 21:15:26 +02:00
LokeshN
a8d5dc0693 Issue #2960 - deactivate settings.json 
Deactivate settings.json in Admin dashboard
 2016-05-22 21:12:21 +05:30
Stefan
835bca7967 Use fs.statSync instead of fs.existsSync (deprecated) 2016-05-16 16:51:12 +02:00
Brian Lim
26aeb7b705 Added pad shortcut disabling feature 2016-01-21 07:38:41 -05:00
Brian Lim
295672f598 Set language cookie on initial load 2016-01-17 21:44:03 -05:00
Chris Birk
d6033de0da Use new exportAvailable() check to include check for SOffice along with Abiword in importexport hook 2015-12-18 00:14:13 -06:00
Stefan
f6cebdad98 Fix decode error if pad name contains special characters and is sanitized 2015-10-08 20:46:15 +02:00
John McLear
818408cf49 other bits required for read only 2015-05-19 16:57:53 +01:00
Simon Gaeremynck
5a7750781b Use the cookie parser middleware 2015-05-07 18:35:21 +01:00
John McLear
254edffa9c fixes #2547 2015-04-24 14:17:49 +01:00
Andreas Åkre Solberg
ec7b3fc787 Adding support for providing intermediate CA certificates when running etherpad-lite with ssl through Node/expressjs 2015-04-22 20:29:19 +02:00
Tom Hunkapiller
133188320a fix: only match /javascript/* for caching middleware 2015-04-11 09:54:40 -05:00
Tom Hunkapiller
2e4374c08d clearer comments about the path handling behavior 2015-04-10 20:19:26 -05:00
Tom Hunkapiller
3ebb19d8a2 fix an issue in the path handling that allowed directory traversal 2015-04-10 20:03:00 -05:00
John McLear
402e53d88e Merge pull request #2584 from devoidfury/express4 
Express 4 support
 2015-04-11 00:13:45 +01:00
Stefan
db5bdc8719 Log version number and git-sha on server start 2015-04-11 00:13:04 +02:00
Stefan
8e4c961207 Add version number to plugins-info page 2015-04-10 23:52:17 +02:00
Tom Hunkapiller
fd1d285a77 fix the rest of the deprecation warnings 2015-04-10 14:18:30 -05:00
Tom Hunkapiller
de67714cf8 fix minify route path; update deprecated calls 2015-04-10 05:52:58 -05:00
Tom Hunkapiller
d0b39c01fb update for express 4.x 2015-04-08 23:12:11 -05:00
John McLear
c705a058fb Merge branch 'feature/append-chat-api' of github.com:derosm2/etherpad-lite into append-chat-api 2015-04-01 13:32:07 +01:00
John McLear
ec6a2b5ba9 allow for load testing connections to hit by a setting 2015-02-16 23:02:19 +00:00
John McLear
ddc69831b2 working, need to test though 2015-02-11 17:59:05 +00:00
Mike DeRosa
4c6bd37286 Adding api call for appending a chat message. 2015-02-09 00:18:12 -05:00
John McLear
aca745ddf6 tell installer if old etherpad needs updating during plugin install 2015-01-25 02:44:10 +00:00
John McLear
689ced8443 and this one.. 2015-01-18 20:15:17 +00:00
John McLear
036b7d2890 Merge pull request #2418 from ether/etherpad-export-and-import 
Full Pad portability (Export/Import)
 2014-12-31 13:32:09 +00:00
webzwo0i
b0da214ad5 hack to avoid warnings in swagger usage 2014-12-30 18:06:41 +01:00
John McLear
3773b6346b semi working requires browser refresh 2014-12-29 20:57:58 +01:00
John McLear
c4959b089f resolve merge conflict 2014-12-29 01:54:44 +01:00
John McLear
ae22332f71 removing dokuwiki 2014-12-27 14:08:45 +01:00
webzwo0i
b204aa2085 remove more dead requires. 2014-12-16 19:10:01 +01:00
John McLear
cfa3f15f94 Merge pull request #2373 from webzwo0i/avoid-global-vairables 
dont make local variables global
 2014-12-16 00:41:41 +00:00
webzwo0i
5d15f655f0 dont make local variables global 2014-12-14 22:01:28 +01:00
luto
5c3874c0a1 really recreate socketio-client in expressCreateServer, fixes #2342 
When using plugins, the express server gets restarted. When we do that,
the socketio-server should also get restarted. It doesn't. That means
that all the events in SocketIORouter.js are bound twice, which causes
chaos all over etherpad.

This changes our socketio.js so it fully recreates the io-instance when
we restart the server.

introduced in 95e7b0f156, but catching
that would have been hard.
 2014-11-25 22:38:22 +01:00
John McLear
73bcbbcb89 final commit 2014-11-23 14:15:03 +00:00
John McLear
ae7da122d7 fix session management 2014-11-23 14:14:01 +00:00
John McLear
3e8f3cd938 hrm I dont trust this security 2014-11-18 14:56:40 +00:00
John McLear
ff603d7b58 stability restored now to handle the auth issues 2014-11-18 14:12:02 +00:00
John McLear
020b636b1f template of a semi-fix 2014-11-18 14:08:44 +00:00
John McLear
9fa77cdea2 working handling of setting client ip and anonymizing etc 2014-11-04 23:25:18 +00:00
John McLear
95e7b0f156 transports 2014-11-04 19:11:06 +00:00
John McLear
5d0ccb5f8f auth fix 2014-11-04 18:17:39 +00:00
John McLear
2c801cc558 no errors but no connections 2014-11-01 22:36:19 +00:00
John McLear
a67e805da0 basics, still not working 2014-11-01 21:25:49 +00:00
John McLear
c627608ea5 Merge pull request #1619 from ether/stricter-transport 
Enable HSTS on TLS connections
 2014-06-17 12:58:47 +01:00
Marcel Klehr
897f5189b0 Enable HSTS for TLS connections 
Don't use X-Frame-Options: deny for now
 2014-06-17 13:21:38 +02:00
Marcel Klehr
6054cda473 Create a customizable timeslider toolbar 2014-03-30 13:02:41 +02:00
John McLear
e1fa43e640 quick formatting clean up 2014-03-17 19:20:32 +00:00
Marcel Klehr
a369347d86 Merge branch 'pr/1579' into toolbar-test 
Conflicts:
	settings.json.template
	src/static/js/pad_editbar.js
 2014-03-16 13:30:22 +01:00
Luc Didry
3d8452b143 Replace tabs indentation with spaces indentation 
Some files are obviously external libraries, I didn't touch them
 2013-12-05 08:41:29 +01:00
Marcel Klehr
3ad4b1b837 stats: Add http500, memoryUsage, pendingEdits gauges 
and turn edits metric into a timer instead of a simple meter
 2013-10-27 21:43:32 +01:00
Marcel Klehr
387091c5c9 Expose current stats at /stats 2013-10-27 18:11:50 +01:00
Marcel Klehr
940f114a84 Record metrics with 'measured' 2013-10-27 17:42:55 +01:00
Marcel Klehr
b7c7685dc7 Polish logging of client-side errors on the server 2013-10-10 18:45:22 +02:00
Marcel Klehr
7b17bd58ae Merge branch 'pr/1756' into develop 
Conflicts:
	src/node/handler/SocketIORouter.js
 2013-09-29 16:45:12 +02:00
Eric Schrijver
b34224559d ‘Etherpad Lite’ -> ‘Etherpad’ 2013-09-29 13:57:37 +02:00
vileda
43e1af93c1 allow users to have colons in password 2013-09-10 16:00:36 +02:00
Spruce (Felix Fichte)
fb0bc31056 updated to use settings 
updated handler/SocketIORouter.js to use new setting
updated hooks/express.js to use new setting
updated utils/Settings.js to accept new setting
updated settings.json.template so new setting is present
 2013-04-24 12:19:41 +02:00
cohitre
90837437c5 Moving the toolbar plugin calls. 2013-04-13 12:06:51 -07:00
John McLear
c6041bf0c2 Merge pull request #1675 from ether/fix/process-uncaughtException-event-handler-leak 
Don't leak event listeners for process:uncaughtException
 2013-03-27 12:06:30 -07:00
Marcel Klehr
c4d9a71156 /admin/plugins: Fix update check 2013-03-27 12:02:19 +01:00
Marcel Klehr
ac0018cdfa Don't leak event listeners for process:uncaughtException 2013-03-26 21:19:09 +01:00
Marcel Klehr
638cea5fd6 Install and uninstall plugins with style 
- Don't block the whole page when installing a plugin
- allow people to search and install other plugins meanwhile

Why? http://i.imgur.com/XoX6uYS.jpg
 2013-03-26 15:11:30 +01:00
Marcel Klehr
aca5d150e4 /admin/plugins: Don't list installed plugins as available 2013-03-26 11:58:31 +01:00
Marcel Klehr
e8bae61cf5 /admin/plugins: Add progress indicators and report errors 2013-03-26 11:19:36 +01:00
Marcel Klehr
773293991b admin/plugins: Allow people to sort search results 2013-03-25 23:09:03 +01:00
Marcel Klehr
079fdf0f38 Revamp /admin/plugins 
- dry up the client-side code
- use the new saner API of pluginfw/installer.js on the server
- Improve UX: allow user to infinitely scroll to display their results
 2013-03-25 17:20:10 +01:00
Marcel Klehr
0070eab416 Fix caching of npm search results and only make one registry request on /admin/plugins 
fixes #1488
 2013-03-25 12:45:23 +01:00
Marcel Klehr
a628317b55 Log http on debug log level 
... and additionally log the response time
 2013-03-19 18:34:21 +01:00
Marcel Klehr
2bc45de106 Fix #1639 by removing bodyParser middleware introduced with swagger REST API 2013-03-18 22:09:47 +01:00
John McLear
ffe7e65db6 allow strict transport if ssl is on and stop x-frame-options, this might break embedded pads, please test 2013-03-14 19:03:20 -03:00
Marcel Klehr
5fe60e7221 redirect /admin to /admin/ so that the relative links work 2013-03-14 15:59:39 +01:00
nelson.silva
a5987285e0 Multiple REST endpoints (one per version) 2013-03-06 10:10:21 +00:00
Nelson Silva
8f279a6710 Added some fixes to make it work with the codegen 2013-03-06 10:10:21 +00:00
Nelson Silva
1cfc8eda19 Initial work on swagger 2013-03-06 10:10:21 +00:00
John McLear
6d7e709ecb Merge branch 'develop' of github.com:ether/etherpad-lite into store-sessions-in-db 2013-02-17 23:44:26 +00:00
John McLear
efce99c3a1 session key in settings file OR generate temp key for instance 2013-02-13 21:51:09 +00:00
John McLear
5c9d081391 Begin supporting the database but still have a problem where it generates new key on restart... 2013-02-13 01:33:22 +00:00
Manuel Knitza
e855bafdf9 Update src/node/hooks/express/apicalls.js 2013-02-12 21:47:40 +01:00
John McLear
da0b331502 Make async and cleaner 2013-02-04 00:00:39 +00:00
John McLear
8b8cf01785 put tests in static folder, still have a race condition no biggy 2013-02-03 13:53:44 +00:00
John McLear
0ff9f53297 correct path 2013-02-03 00:18:24 +00:00
John McLear
594d272334 allow plugins to specify frontend test specs 2013-02-03 00:14:17 +00:00
Marcel Klehr
0549a4fec7 Add checkUpdates endpoinnt for /admin/plugins 2013-01-26 22:13:28 +01:00
Marcel Klehr
b6c9b4ec30 Fix #1309 : Fix support for node v0.6 2012-12-31 15:47:42 +01:00
Marcel Klehr
369e24682b Merge pull request #1297 from marcelklehr/migrate-to-html10n 
Migrate to html10n and allow plugin l10n
 2012-12-27 07:56:41 -08:00
John McLear
746396951d Resolve #1301 startup pointing at old bitly URL 2012-12-26 00:17:43 +00:00
Marcel Klehr
220e084484 Simplify local locale file format 2012-12-23 22:43:32 +01:00
Marcel Klehr
7aba02f0cf Don't break if a plugin hasn't got a locales dir 2012-12-23 18:17:12 +01:00
Marcel Klehr
cf24e53eae Simplify server-side i18n code and make it a bit more understandable 2012-12-23 18:17:10 +01:00
Marcel Klehr
e34036513e There's no utf8, but there's utf-8 2012-12-23 18:17:03 +01:00
Marcel Klehr
3c3c1630b1 Revert "Don't tell IE it's utf8. Just send it. Otherwise it'll snuff it!" 
This reverts commit 5fb7a03fb34078a75fe5932563e5a9fe44c57015.
 2012-12-23 18:17:01 +01:00
Iván Eixarch
bc0d9c854b use relativa path in import definitions of locales.json 2012-12-23 18:16:54 +01:00
Marcel Klehr
d9d0312a9e Don't tell IE it's utf8. Just send it. Otherwise it'll snuff it! 
(As if we wouldn't look forward to that...)
 2012-12-23 18:16:52 +01:00
Marcel Klehr
e3f9ed37b4 Hacky solution for exploreDir error 
We should only traverse the directories of actual plugins instead
of traversing the whole node_modules folder
 2012-12-23 18:16:45 +01:00
Iván Eixarch
2b860986e8 support for json in i18n 2012-12-23 18:16:37 +01:00
Wikinaut
5bf79971b8 merged upstream develop 2012-12-07 08:59:13 +01:00
Marcel Klehr
377ff1eade Fix #1219: Make api work if requireAuth is enabled 2012-12-05 14:04:48 +01:00
Iván Eixarch
a2b22652ce added direction language in English 2012-12-04 13:02:23 +01:00
Iván Eixarch
5f949b8457 Update language4translatewiki 0.1.3 2012-12-04 12:12:58 +01:00
Iván Eixarch
b21c4403b2 Merge remote branch 'ether/develop' into languages4translatewiki 2012-12-04 11:40:17 +01:00
Iván Eixarch
657322db91 fixed git merge confict 2012-12-03 01:39:59 +01:00
John McLear
8a9045b335 remove ssl not enabled message 2012-12-02 18:33:31 +00:00
Wikinaut
8b044254cc add socketTransportProtocols parameter 2012-12-02 18:28:28 +01:00
Marcel Klehr
719fb7e045 Let socket.io decide which transport is best for the browser 2012-11-29 13:42:37 +01:00
Iván Eixarch
795a20b3f2 get languages availables through translatewiki API 2012-11-28 23:54:23 +01:00
Iván Eixarch
9ec8a6e3d3 back to globalize... don't work :S 2012-11-28 04:02:55 +01:00
Iván Eixarch
6fe6103632 added languages for translatewiki 2012-11-26 23:40:31 +01:00
Iván Eixarch
460200981e Merge remote branch 'ether/develop' 2012-11-26 02:21:18 +01:00
Iván Eixarch
0250f8d55c Merge remote branch 'ether/develop' 2012-11-23 22:57:05 +01:00
Iván Eixarch
cc60b82a6e Import html by default and allow basic import/export features without abiword 2012-11-23 22:55:25 +01:00
Wikinaut
eed6b752d4 initial https version fix #1148 2012-11-22 10:12:58 +01:00
Hyacinthe Cartiaux
d6027726e6
Fix urls, use github.com/ether 
Signed-off-by: Hyacinthe Cartiaux <hyacinthe.cartiaux@uni.lu>
 2012-11-22 01:12:30 +01:00
Iván Eixarch
1e71797ad5 Replace Globalize with languages module 2012-11-20 19:46:17 +01:00
John McLear
d6c0f96084 Merge pull request #1177 from marcelklehr/fix/optimize-l10n-loading-times 
optimize l10n loading times
 2012-11-17 07:31:21 -08:00
Marcel Klehr
364e6928b5 Make tests work on windows 2012-11-17 16:28:54 +01:00
Marcel Klehr
e131f60071 Serve English strings directly with /locales.ini 2012-11-17 14:33:01 +01:00
Marcel Klehr
f5563ab704 Move locale detection to the client 
* l10n.js is doing locale detection already, so
we shouldn't interfere but help it do its job
* this should also fix the ?lang embed parameter
* Set language from cookie on page init for l10n
to load the right translation
 2012-11-14 17:01:59 +01:00
Peter 'Pita' Martischka
6de7634357 merged develop back in 2012-11-13 07:43:48 -08:00
Peter 'Pita' Martischka
4c095202bd Merged branch feature/frontend-tests 2012-11-13 07:29:57 -08:00