Richard Hansen
a000a93dc6
Refactor startup/shutdown for tests
...
* `src/node/server.js` can now be run as a script (for normal
operation) or imported as a module (for tests).
* Move shutdown actions to `src/node/server.js` to be close to the
startup actions.
* Put startup and shutdown in functions so that tests can call them.
* Use `await` instead of callbacks.
* Block until the HTTP server is listening to avoid races during
test startup.
* Add a new `shutdown` hook.
* Use the `shutdown` hook to:
* close the HTTP server
* call `end()` on the stats collection to cancel its timers
* call `terminate()` on the Threads.Pool to stop the workers
* Exit with exit code 0 (instead of 1) on SIGTERM.
* Export the HTTP server so that tests can get the HTTP server's
port via `server.address().port` when `settings.port` is 0.
2020-09-22 11:07:21 +01:00
Joas Souza
8c04fe8775
Feature: Copy Pad without history ( #4295 )
...
New feature to copy a pad without copying entire history. This is useful to perform a low CPU intensive operation while still copying current pad state.
2020-09-16 19:24:09 +01:00
Richard Hansen
b80a37173e
security: Fix authorization bypass vulnerability
...
Before, a malicious user could bypass authorization restrictions
imposed by the authorize hook:
* Step 1: Fetch any resource that the malicious user is authorized to
access (e.g., static content).
* Step 2: Use the signed express_sid cookie generated in step 1 to
create a socket.io connection.
* Step 3: Perform the CLIENT_READY handshake for the desired pad.
* Step 4: Profit!
Now the authorization decision made by the authorize hook is
propagated to SecurityManager so that it can approve or reject
socket.io messages as appropriate.
This also sets up future support for per-user read-only and
modify-only (no create) authorization levels.
2020-09-15 21:40:25 +01:00
Richard Hansen
80639fdc6a
webaccess: Pass settings.users
to the authenticate hook
...
Authentication plugins almost always want to read and modify
`settings.users`. The settings can already be accessed in a few other
ways, but this is much more convenient.
2020-09-15 19:26:24 +01:00
Richard Hansen
362b567276
docs: Revise documentation for handleMessage and handleMessageSecurity
2020-09-15 19:25:04 +01:00
Richard Hansen
9f288480e8
docs: Revise hooks overview section
2020-09-05 20:34:47 +01:00
Richard Hansen
55f201a2aa
docs: Document the authFailure hook
2020-09-05 12:37:46 +01:00
Richard Hansen
f0b7dc7c53
pluginfw: PadMessageHandler: Pass socket.io Socket object to clientVars hook ( #4245 )
...
Also revise the clientVars hook documentation.
2020-09-05 10:51:39 +01:00
Richard Hansen
4c0ab8a14e
docs: Document the authorize hook ( #4233 )
2020-09-04 18:52:25 +01:00
Richard Hansen
aee1c3e7c5
docs: Document the authenticate hook ( #4232 )
2020-08-27 12:57:38 +01:00
b_b
66a56234fa
docs: index hooks / ref #3978 ( #4077 )
2020-06-03 10:55:44 +01:00
b_b
35f0217056
typo on index.html hooks ( #3982 )
...
just a typo, maybe the smallest commit in this repo :p
2020-05-13 11:25:57 +01:00
Chocobozzz
82b919fc65
api: add getStats() function
2020-04-04 22:03:46 +02:00
Viljami Kuosmanen
e821bbcad8
openapi: add documentation, small optimisation
2020-04-03 01:03:11 +02:00
Neil Oosten
7a999ee398
hooks: allow to set the duration of the gritter notification when a new chat message arrives
...
This is done adding a new "duration" parameter to the chatNewMessage() client
side hook.
2020-03-27 02:39:29 +01:00
muxator
8a01a5e437
doc: fix numbering in chatNewMessage() client hook parameters
...
This was originally introduced in bcb92f25a6
("Refactor chat notifications and
the chatNewMessage hook") from 2013-03-19.
2020-03-27 02:39:29 +01:00
John McLear
6fd2bf4472
hooks: introduce goToRevisionEvent(), a new client-side hook
...
This hook gets fired both on timeslider load (as timeslider shows a new
revision) and when the new revision is showed to a user.
2020-03-24 23:46:17 +01:00
muxator
312c72c364
formatting: bulk remove trailing whitespaces
...
Do not touch vendorized files (e.g. libraries that were imported from external
projects).
No functional changes.
Command:
find . -name '*.<EXTENSION>' -type f -print0 | xargs -0 sed -i 's/[[:space:]]*$//'
2019-10-20 02:09:22 +02:00
Ray Bellis
fc661ee13a
core: allow URL parameters and POST bodies to co-exist.
...
Node 8.14.0 prohibits HTTP headers that exceed 8 KB (source:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/#denial-of-service-with-large-http-headers-cve-2018-12121 ).
This patch allows for the parameters within the body of an HTTP POST request to
be used in addition to those within the URL (and will override them).
Closes #3568 .
---
Muxator 2019-10-19:
- this commit was cherry-picked from 882b93487f
- it was modified to include the necessary changes in the documentation
2019-06-27 00:52:53 +02:00
muxator
705cc6f5e4
Change everywhere the link to https://etherpad.org (it was plain http)
2019-04-16 00:54:54 +02:00
HairyFotr
fce55df2b7
Fix typos
2019-01-16 11:14:04 +01:00
muxator
e9fb63f426
docs: "``js" -> "
``json" in Markdown of some json blocks
2018-08-09 22:27:56 +02:00
John McLear
2765a95774
Merge pull request #3218 from klausweiss/develop
...
Feature: New server-side hook: onAccessCheck
2018-04-03 13:38:47 +01:00
HairyFotr
c7548450c0
Typos and minor fixes in bin, doc, and root
2017-09-14 13:33:27 +02:00
Mikołaj Biel
5c8a15c3d7
fix sessionCookie
number in onAccessCheck
2017-07-12 00:28:51 +02:00
Mikołaj Biel
35702a0589
[feat] New server-side hook: onAccessCheck
2017-07-10 20:54:32 +02:00
Luiza Pagliari
fc89034a55
[feat] New server-side hook: padCopy
...
Let plugins know when a pad is copied.
2017-05-18 18:52:14 -03:00
Adam Niederer
cb8fe92df7
Fix typo
2017-03-11 22:09:49 -05:00
Adam Niederer
7520377026
Spelling fixes
2017-03-11 21:38:50 -05:00
Adam Niederer
6d279f0ee1
Spelling fix
...
Also removes an extra space
2017-03-11 21:34:34 -05:00
Sjoerd Langkemper
d48395089c
Update called from for two hooks
...
`expressCreateServer` and `expressConfigure` are called from `express.js`, not
from `server.js`.
2017-01-17 14:59:24 +01:00
Alexander Lorz
cd7f01f40a
minor changes in docs
...
- correct link to doc generation tool.
- fixed incomplete sentence regarding API client libraries
2016-12-26 20:18:34 +01:00
Luiza Pagliari
01d23b1f6a
Merge pull request #2929 from xavidotron/develop
...
Pass through the "item" parameter to registerAceCommand callbacks.
2016-12-13 06:12:26 -02:00
Luc Didry
2341d09807
Add undocumented API function restoreRevision to doc
...
This commit is dedicated to Schoumi. Thx for supporting me on Tipeee :-)
2016-11-16 10:36:18 +01:00
John McLear
f09e10b122
Merge pull request #2944 from storytouch/aceRegisterNonScrollableEditEvents
...
Create hook to register events that won't scroll editor after aceEditEvt
2016-06-20 10:36:53 +01:00
Luiza Pagliari
69ac8e1722
Include usage example for aceRegisterNonScrollableEditEvents
2016-06-20 06:31:11 -03:00
Xavid
56b851a46f
Pass through the "item" parameter to registerAceCommand callbacks.
2016-05-06 21:58:24 -04:00
Luiza Pagliari
3fb695a7a0
Create hook to register events that won't scroll editor after aceEditEvt
2016-03-30 11:51:18 -03:00
John McLear
4846798528
extend attributesonselection method
2016-03-26 22:00:34 +08:00
Ted Mielczarek
c70d655b96
Add appendText API (from #2810 ) to docs.
2016-01-13 07:26:20 -05:00
Mikk Andresen
4ad759dd25
Add postToolbarInit documentation and usage examples
2015-12-18 13:33:49 +02:00
Mikk Andresen
03a4828d31
Update aceEditorCSS hook documentation
2015-12-02 13:15:27 +02:00
Luiza Pagliari
92a8253449
Create hook exportHtmlAdditionalTagsWithData
...
The new hook does the same as exportHtmlAdditionalTags, but is declared
in another hook to avoid confusion about how to export tags when they
are stored as ['tag', 'value'] on attribute pool.
This complements #2762 , as per @Gared suggestions.
2015-11-03 07:16:55 -02:00
John McLear
c337a0585c
Merge pull request #2724 from xavidotron/develop
...
Add a aceSelectionChanged hook to allow plugins to react when the cursor moves
2015-10-22 16:19:07 +01:00
Stefan
504cc102a0
Merge pull request #2762 from storytouch/exportTagsAsArrays
...
Accepting Arrays on 'exportHtmlAdditionalTags'
2015-10-17 18:24:18 +02:00
Stefan
9d29b15def
Merge pull request #2730 from emilyxxie/clientready_hook
...
added clientReady hook
2015-10-10 13:30:36 +02:00
Luiza Pagliari
1d134f0b13
Fixing ed52626
. It was closing the span with </span data-TAG=VALUE>, not </span>
2015-09-17 15:30:09 -03:00
Luiza Pagliari
ed5262650a
Generating pad HTML with tags like <span data-TAG="VALUE"> instead of <TAG:VALUE>
2015-09-07 03:55:56 -07:00
Luiza Pagliari
1a5985dc75
Accepting Arrays on 'exportHtmlAdditionalTags' to handle attributes stored as ['key', 'value'] (and not only ['key', 'true'])
2015-08-24 07:58:45 -07:00
Stefan
c8d7e6e0b8
Add appendChatMessage API to docs
2015-08-15 22:41:09 +02:00