libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-02-08 03:02:03 +01:00
Code Issues Projects Releases Wiki Activity
6206 commits 208 branches 105 tags 125 MiB
Commit graph

3423 commits

Author SHA1 Message Date
Richard Hansen
2bc26b8ef8 webaccess: Factor out common code 2020-09-15 10:44:23 +01:00
Richard Hansen
f9087fabd6 security: Check authentication in SecurityManager checkAccess 
In addition to providing defense in depth, this change makes it easier
to implement future enhancements such as support for read-only users.
 2020-09-15 10:43:23 +01:00
Richard Hansen
259b8d891d socketio: Use Error objects for socket.io connection errors 
socket.io expects Error objects, otherwise it won't propagate the
message to the client.

Also do some cleanup.
 2020-09-15 10:42:25 +01:00
Richard Hansen
0a836ced29 css: Line up line numbers with their rows 
Tested with both `no-skin` and `colibris`.
 2020-09-15 09:29:09 +01:00
webzwo0i
ec6b983917
packaging: remove pad_docbar.js (#4286) 
package to reduce http requests: nice-select,
pad_automatic_reconnect, skin_variants, scroll, caretPosition

rename unorm in tar.json so it can be included
 2020-09-13 19:01:28 +01:00
Richard Hansen
d0a16d23cb security: Fix authentication bypass vulnerability 
Before, anyone who could create a socket.io connection to Etherpad
could read, modify, and create pads at will without authenticating
first.

The `checkAccess` middleware in `webaccess.js` normally handles
authentication and authorization, but it does not run for `/socket.io`
requests. This means that the connection handler in `socketio.js` must
handle authentication and authorization. However, before this change:
  * The handler did not require a signed `express_sid` cookie.
  * After loading the express-session state, the handler did not check
    to see if the user had authenticated.

Now the handler requires a signed `express_sid` cookie, and it ensures
that `socket.request.session.user` is non-null if authentication is
required. (`socket.request.session.user` is non-null if and only if
the user has authenticated.)
 2020-09-13 18:56:31 +01:00
Richard Hansen
8b0baa9679 SecurityManager: Refactor checkAccess for readability, correctness 
* Move session validity check and session author ID fetch to a
    separate function. This separate function can be used by hooks,
    making it easier for them to properly determine the author ID.
  * Rewrite the remainder of checkAccess. Benefits:
      - The function is more readable and maintainable now.
      - Vulnerability fix: Before, the session IDs in sessionCookie
        were not validated when checking settings.requireSession. Now,
        sessionCookie must identify a valid session for the
        settings.requireSession test to pass.
      - Bug fix: Before, checkAccess would sometimes use the author ID
        associated with the token even if sessionCookie identified a
        valid session. Now it always uses the author ID associated
        with the session if available.
 2020-09-12 09:42:47 +01:00
Richard Hansen
8756fed80d PadMessageHandler: Use await instead of p.then() 2020-09-11 22:11:03 +01:00
Richard Hansen
3262ff1cb9 PadMessageHandler: Rename createSessionInfo to createSessionInfoAuth 
The function doesn't create the session info -- it creates the auth
property of existing session info.
 2020-09-11 22:11:03 +01:00
Richard Hansen
de792559cb PadMessageHandler: Use === instead of == for comparison 2020-09-11 22:11:03 +01:00
Richard Hansen
7f0770d684 PadMessageHandler: Invert logic to improve readability 2020-09-11 22:11:03 +01:00
Richard Hansen
d4db091d1d PadMessageHandler: Simplify handleClientReady a bit 
Before, this function referred to the same author ID in different ways
in different places. Use one spelling to make the code easier to read.
 2020-09-11 22:11:03 +01:00
Richard Hansen
ed3c82e8c3 Use null, not "null", if sessionID cookie doesn't exist 
`decodeURIComponent(null)` returns the string `'null'`, which we don't
want.
 2020-09-11 22:10:04 +01:00
translatewiki.net
24978daeb0 Localisation updates from https://translatewiki.net. 2020-09-10 18:36:59 +02:00
John McLear
5dfae625b9 Package Lock update 2020-09-09 18:15:47 +01:00
John McLear
c8361a211a bump ueber 2020-09-09 14:41:03 +01:00
Stefan Mueller
e64a269a65 Update version to 1.8.5 2020-09-08 22:09:56 +02:00
John McLear
7258d75cc5 bumping ueber 2020-09-08 16:03:15 +01:00
Richard Hansen
6c2a361935 import: Use the correct author ID when using sessions 
There are two different ways an author ID becomes associated with a
user: either bound to a token or bound to a session ID. (The token and
session ID come from the `token` and `sessionID` cookies, or, in the
case of socket.io messages, from the `token` and `sessionID` message
properties.) When `settings.requireSession` is true or the user is
accessing a group pad, the session ID should be used. Otherwise the
token should be used.

Before this change, the `/p/:pad/import` handler was always using the
token, even when `settings.requireSession` was true. This caused the
following error because a different author ID was bound to the token
versus the session ID:

> Unable to import file into ${pad}. Author ${authorID} exists but he
> never contributed to this pad

This bug was reported in issue #4006. PR #4012 worked around the
problem by binding the same author ID to the token as well as the
session ID.

This change does the following:
  * Modifies the import handler to use the session ID to obtain the
    author ID (when appropriate).
  * Expands the documentation for the SecurityManager checkAccess
    function.
  * Removes the workaround from PR #4012.
  * Cleans up the `bin/createUserSession.js` test script.
 2020-09-08 15:04:17 +01:00
Richard Hansen
db0bcb524e SecurityManager: Use constants for returned rejections 
This reduces the chances of a typo-induced bug.
 2020-09-08 14:53:28 +01:00
Sebastian Castro
818194da90
editor/performance: Fix performance for large pads (#4267) 
* Fix line numbers top padding

This old rule was conflicting with new css rules introduced in 1.8.4

* Fixes #4228 Performance degradation for long pads 

Due to layout trashing when calculating new heights
 2020-09-08 14:52:26 +01:00
Richard Hansen
da459888dc plugins: Move plugin definitions to avoid monkey patching 
Also document the plugin data structures.
 2020-09-08 00:50:24 +01:00
Richard Hansen
dcbf876d03 hooks: New mechanism to deprecate hooks 
I plan on splitting authFailure into authnFailure and authzFailure so
that separate authentication and authentication plugins can coexist
peacefully. This change will make it possible to mark the authFailure
hook as deprecated (which simply logs a warning).
 2020-09-08 00:49:10 +01:00
Richard Hansen
8cf2bcaeb4 plugins: Fix type typo 
`exports.parts` is a topologically sorted array, but the intermediate
collection of parts assembled in `plugins.update()` is associative.
 2020-09-08 00:47:32 +01:00
Richard Hansen
c3b2e68dad Revert "Delete redundant token2author DB save" 
Something's weird here; this change shouldn't have any effect. I'll
have to squint at the code some more.

This reverts commit 2bf076043f.

Fixes #4262
 2020-09-08 00:46:01 +01:00
webzwo0i
49a6b1dac2 GroupManager: typo during session deletion 2020-09-08 00:45:39 +01:00
translatewiki.net
efa4ba3cf1 Localisation updates from https://translatewiki.net. 2020-09-07 16:40:05 +02:00
Richard Hansen
68be78ace0 SecurityManager: Simplify checkAccess 2020-09-07 08:34:15 +01:00
Richard Hansen
17096919e0 PadMessageHandler: Delete redundant check 
This check is already made very early in `handleMessage`.
 2020-09-05 22:49:07 +01:00
Richard Hansen
d4162341e7 webaccess: Always sleep for 1s before returning HTTP 401 
Not all authentication plugins require the Authorization header, so it
might not be present in subsequent attempts. (In particular, a reverse
proxy might strip it.)
 2020-09-05 22:45:46 +01:00
Richard Hansen
442fe1e86f pluginfw: Always include the function name in hook_fn_name 
Plugin authors are allowed to omit the function name in the `ep.json`
parts definition. For example:

```
{
  "parts": [
    {
      "name": "ep_example",
      "hooks": {
        "authenticate": "ep_example",
        "authFailure": "ep_example"
      }
    }
  ]
}
```

If omitted, the function name is assumed to be the same as the hook
name. Before this change, `hook_fn_name` for the example hooks would
both be `/opt/etherpad-lite/node_modules/ep_example`. Now they are
suffixed with `:authenticate` and `:authFailure`. This improves
logging, and it makes it possible to use `hook_fn_name` to uniquely
identify a particular hook function.
 2020-09-05 22:43:17 +01:00
Richard Hansen
6f3e7d14f6 hooks: Always return a list from aCallFirst and callFirst 
Every existing caller of `aCallFirst` expects a list and will throw an
exception if given `undefined`. (Nobody calls `callFirst`, except
maybe plugins.)
 2020-09-05 20:35:19 +01:00
Richard Hansen
2bf076043f Delete redundant token2author DB save 
See:
https://github.com/ether/etherpad-lite/pull/4012#issuecomment-686005563
https://github.com/ether/etherpad-lite/issues/4006
 2020-09-05 12:40:16 +01:00
Richard Hansen
9962be2450 User list: Use flexbox for #myuser div 
This makes it easier for an eejsBlock_userlist plugin to add something
to that row.
 2020-09-05 12:38:12 +01:00
Richard Hansen
e0d6d17bf0 webaccess: Restructure for readability and future changes 
* Improve the comment describing how the access check works.
  * Move the `authenticate` logic to where it is used so that people
    don't have to keep jumping back and forth to understand how the
    access check works.
  * Break up the three steps to reduce the number of indentation
    levels and improve readability. This should also make it easier to
    implement and review planned future changes.
 2020-09-05 12:37:23 +01:00
Richard Hansen
b044351f0a webaccess: Rename basicAuth to checkAccess 
Thanks to hooks, the function can do much more than just basic
authentication.
 2020-09-05 12:37:23 +01:00
Richard Hansen
2830aaebf1 webaccess: Use === instead of == for comparison 2020-09-05 12:37:23 +01:00
Richard Hansen
f0e5bff84f webaccess: Simplify object construction 2020-09-05 12:37:23 +01:00
Richard Hansen
0a8569d0ad webaccess: Use const or let instead of var 2020-09-05 12:37:23 +01:00
Richard Hansen
a7be5278a3 webaccess: Use arrow functions instead of function keyword 2020-09-05 12:37:23 +01:00
Richard Hansen
726101d6a8 webaccess: Use single quotes everywhere 2020-09-05 12:37:23 +01:00
Richard Hansen
9011207a37 webaccess: Add semicolons after statements 2020-09-05 12:37:23 +01:00
Richard Hansen
e82a3055e6 webaccess: Whitespace fixes 2020-09-05 12:37:23 +01:00
Richard Hansen
f0b7dc7c53
pluginfw: PadMessageHandler: Pass socket.io Socket object to clientVars hook (#4245) 
Also revise the clientVars hook documentation.
 2020-09-05 10:51:39 +01:00
Richard Hansen
b364d12d9b
CSS: User list: Add missing semicolon to CSS property (#4244) 2020-09-04 18:51:42 +01:00
translatewiki.net
3139dd2037 Localisation updates from https://translatewiki.net. 2020-08-31 16:06:56 +02:00
John McLear
12c05c20b2
bugfix/import: doc import bugfix (#4235) 2020-08-30 14:11:12 +01:00
translatewiki.net
431aadf143 Localisation updates from https://translatewiki.net. 2020-08-24 15:23:25 +02:00
translatewiki.net
4eda214ee9 Localisation updates from https://translatewiki.net. 2020-08-17 19:16:56 +02:00
translatewiki.net
5c3f8cd4e1 Localisation updates from https://translatewiki.net. 2020-08-13 19:15:16 +02:00
translatewiki.net
13c5bdf75f Localisation updates from https://translatewiki.net. 2020-08-07 09:39:00 +02:00
translatewiki.net
d3e45e3890 Localisation updates from https://translatewiki.net. 2020-08-03 19:40:25 +02:00
translatewiki.net
451b82536a Localisation updates from https://translatewiki.net. 2020-07-30 15:27:14 +02:00
webzwo0i
d25cd891ae
remove json2, all supported browsers have JSON now (#4198) 
cf. https://developer.mozilla.org/de/docs/Web/JavaScript/Reference/Global_Objects/JSON
 2020-07-28 00:52:25 +01:00
translatewiki.net
f64310d700 Localisation updates from https://translatewiki.net. 2020-07-27 18:21:36 +02:00
Joas Souza
0835bfeabb
Bugfix: wait promise finish on hooks (#4194) 
This commit fixes the error of not waiting the async code to finish.
As the forEach did not wait until the async code finish we may get a
hook set up incorrectly. To fix it, we use an "Array.map" to iterate and
wait the promises to be resolved and then returned
 2020-07-23 20:47:59 +01:00
translatewiki.net
ae1b6442d8 Localisation updates from https://translatewiki.net. 2020-07-20 19:45:28 +02:00
John McLear
1e5680a870
tests / bugfix: Timeslider Chrome 55 Further scroll fix (#4186) 2020-07-20 14:14:02 +01:00
John McLear
3d89eed31a
tests: Further scroll fix for bug in Chrome 55-59 with scrollTo not working (#4185) 2020-07-20 09:49:40 +01:00
John McLear
c394b65e75
tests: Further scroll frontend test fix- use var instead of let (#4184) 2020-07-20 09:08:40 +01:00
John McLear
bf24063234
Feature: Timeslider follow (#4133) 
When new edits come in changes are followed in the time slider.
 2020-07-19 23:46:58 +01:00
John McLear
40014d8230
Rate limit Socket IO communication - WIP (#4036) 
Includes settings
    Includes i18n
    Includes a nice notification
    Disconnects on rate limit
    Includes feeding into metrics/stats
    Include console warn to server console.
 2020-07-19 22:44:24 +01:00
John McLear
4f5cf2dc63
tests and bugfix: test coverage and fix for 4165 - bad HTML export of list items (#4180) 
Also fix for test max value for ratelimiter
 2020-07-19 16:31:13 +01:00
John McLear
3ddce87ee4
bugfix / timeslider: only update timeslider on correct message type -- resolves #4100 2020-07-17 16:40:24 +01:00
John McLear
d1330a1e1c
Bugfix: Async bump part 2 
Sorry, not sure what happened but having kids jump all over the keyboard while I do this probably didn't help... :|
 2020-07-17 10:08:40 +01:00
webzwo0i
b3680058ff
getChangesetInfo: print error message (#4172) 2020-07-16 23:54:15 +01:00
John McLear
410d20417d
Bumping async (#4171) 
Resolves #3940
 2020-07-16 17:37:42 +01:00
John McLear
78c97d811c
Script to create session and store token <> author more throughly (dont create ghosts) (#4012) 2020-07-16 10:51:02 +01:00
John McLear
9bf1b9f2a2
bugfix / testing: Ie11 warning for not having Promises (#4167) 
Makes IE11 work again but may cause an issue for plugin testing in IE11.  IE plugin tests in IE11 will probably fail as the plugin code will not execute.
 2020-07-16 09:31:35 +01:00
John McLear
e24ef6969e
Bugfix / tests: Specs list type (#4169) 
* remove cruft..  ugh

* housekeeping: close stale issues

* fix issue #3945
 2020-07-15 17:37:03 +01:00
John McLear
ab8320d15b
WIP - Test Coverage: Import & Export include LibreOffice Test Coverage (#4163) 
Runs on Travis
Will only run locally is ``allowAnyoneToImport`` and ``soffice`` or ``abiword`` is set.
 2020-07-14 18:44:53 +01:00
translatewiki.net
9d69caa8dc Localisation updates from https://translatewiki.net. 2020-07-14 10:15:56 +02:00
Florian Rittmeier
c7581ba6f3
fixes jQuery.Deferred exception as reported in #4132 (#4158) 2020-07-10 15:28:32 +01:00
translatewiki.net
908ce78e70 Localisation updates from https://translatewiki.net. 2020-07-10 11:30:55 +02:00
John McLear
b15154cc23
Same site cookie fix - Ready for testing / merge (#3990) 
* initial fix for httpprefs

* token

* express_sid fix
 2020-07-10 08:43:20 +01:00
b_b
3ea8d571e7
Fix PDF import with libreoffice (#4156) 
Fix #4151
 2020-07-09 23:50:45 +01:00
b_b
358af5fea1
Fix typo in comment (#4154) 2020-07-09 12:32:54 +01:00
John McLear
a3386e3e55
Dont use jquery in import handler (#4153) 
I think jQ3 update broke imports a bit, so this removes jQuery and also ensures only .etherpad does reload of page.
 2020-07-08 14:50:48 +01:00
translatewiki.net
2f7e097711 Localisation updates from https://translatewiki.net. 2020-07-06 18:44:49 +02:00
John McLear
313bba09d6
Update ueberdb big update (#4149) 2020-07-05 11:05:32 +01:00
translatewiki.net
4b721785e0 Localisation updates from https://translatewiki.net. 2020-07-02 17:44:57 +02:00
translatewiki.net
18494dd657 Localisation updates from https://translatewiki.net. 2020-06-29 16:18:59 +02:00
webzwo0i
2814ebfe65
i18n: include about and poweredBy in locales (#4140) 2020-06-27 20:12:37 +01:00
webzwo0i
b7dff552f0
cruft: Remove unecessary consolelogs (#4141) 2020-06-27 20:12:06 +01:00
John McLear
168737b6d8
pluginfw: Move Timeslider eejs block to correct location (#4139) 2020-06-27 09:52:53 +01:00
axlevxa
0e2749831a
UX: Add prefers-reduced-motion query for Colibris skin #4136 (#4137) 2020-06-27 09:49:37 +01:00
John McLear
8a13bde535
bugfix: #4067 openapi incorrect syntax (#4138) 
https://github.com/ether/etherpad-lite/issues/4067#issuecomment-650423412 

Thanks to @tom-chase
 2020-06-27 09:47:16 +01:00
translatewiki.net
75ecb3f49b Localisation updates from https://translatewiki.net. 2020-06-22 17:19:38 +02:00
translatewiki.net
774a075cfc Localisation updates from https://translatewiki.net. 2020-06-18 21:14:49 +02:00
John McLear
beccf677a4
bugfix: Fix #4120 where an author might not be populated on restart - if this is the case don't push the author to the array. 2020-06-17 10:54:10 +01:00
translatewiki.net
d19937fa06 Localisation updates from https://translatewiki.net. 2020-06-15 22:11:47 +02:00
Stefan
9a22144a83
staleCode: Remove unnecessary robots.txt entry (#4113) 2020-06-14 20:49:13 +01:00
John McLear
045ac70db8
pluginfw: Make the NEW_CHANGES payload include the message in handleClientMessage 2020-06-12 12:26:33 +01:00
translatewiki.net
85383a316d Localisation updates from https://translatewiki.net. 2020-06-11 19:23:22 +02:00
John McLear
93829b9e33
pluginfw/performance: Dont cache if max age is 0 (#4098) 2020-06-08 17:21:55 +01:00
translatewiki.net
497704eb03 Localisation updates from https://translatewiki.net. 2020-06-08 17:03:38 +02:00
John McLear
f1e3aff72f stale code: use terser instead of uglify 2020-06-07 20:09:10 +00:00
John McLear
166e1371da socket.io bump to 2.3.0 2020-06-07 19:12:11 +00:00
John McLear
512a51149d Revert "Merge branch 'develop' of github.com:ether/etherpad-lite into develop" 
This reverts commit 6fad0210f8, reversing
changes made to 128f3e15eb.
 2020-06-07 18:46:41 +00:00
John McLear
564e8fee07 forcing back to last known stable before parent merge 2020-06-07 18:44:01 +00:00
John McLear
49cd270592 including terser, again 2020-06-07 17:09:48 +00:00
John McLear
0ab9e1e8c3 ffs npm how you get so broke 2020-06-07 16:53:49 +00:00
John McLear
4b37034f0c ugh attempt to overwrite package files due to weirdness 2020-06-07 16:38:50 +00:00
John McLear
b1ce372035 bump package lock 2020-06-07 13:57:58 +00:00
John McLear
009e1d01f7
staleCode: Async update 2020-06-07 14:56:45 +01:00
John McLear
0669280af0 Revert "socketio230" 
This reverts commit fbb7b5123b.
 2020-06-07 13:46:53 +00:00
John McLear
fbb7b5123b socketio230 2020-06-07 12:57:28 +00:00
John McLear
6fad0210f8 Merge branch 'develop' of github.com:ether/etherpad-lite into develop 2020-06-07 12:56:20 +00:00
John McLear
128f3e15eb
stalecode: jQuery 3 (#3903) 2020-06-07 12:01:14 +01:00
John McLear
ea9a9cd883 Revert "Revert "stale: Terser instead of uglify (#4075)"" 
This reverts commit 423be7f081.
 2020-06-07 10:08:11 +00:00
John McLear
c5584fb5b4
editor: outdent on ol removal (#4088) 2020-06-07 09:51:12 +01:00
John McLear
2cd3dccc4d Revert "Revert "Revert "editor: ul/ol/li - outdent on ol and ul button press""" 
This reverts commit fd3980133d.
 2020-06-06 20:51:17 +00:00
John McLear
fd3980133d Revert "Revert "editor: ul/ol/li - outdent on ol and ul button press"" 
This reverts commit 82fb6ddc99.
 2020-06-06 20:38:08 +00:00
John McLear
82fb6ddc99 Revert "editor: ul/ol/li - outdent on ol and ul button press" 
This reverts commit fc88f12bba.
 2020-06-06 18:34:51 +00:00
John McLear
aff93d24dd
export: txt import include correct OL prefix (#4086) 
Includes test coverage
Final part of solving https://github.com/ether/etherpad-lite/issues/3447
 2020-06-06 14:30:13 +01:00
John McLear
423be7f081 Revert "stale: Terser instead of uglify (#4075)" 
This reverts commit 552b6d7adb.
 2020-06-05 23:55:14 +00:00
John McLear
552b6d7adb
stale: Terser instead of uglify (#4075) 2020-06-05 23:10:24 +01:00
John McLear
56f6973209
import/export: Timeslider export links numeric pad IDs (#4073) 
Fixes #4071
 2020-06-05 22:50:55 +01:00
John McLear
6dbfe5e43c
editor/ux: Clearauthorship on full doc selected 2020-06-05 22:47:12 +01:00
John McLear
d4fcc23fb3
backups: include the pool every 100 revs stored (#3991) 2020-06-05 22:46:12 +01:00
John McLear
33ad48714c stale code: update package-lock.json and force re-run tests 2020-06-05 20:04:50 +00:00
John McLear
a4bdcc3392
tests/editor/ul/li/ol/import/export: Introduce contentcollector.js tests & various OL/UL/LI related bugfixes 
1. Introduce contentcollector.js backend tests
1. Fix issue with OL LI items not being properly numbered after import
1. Fix issue with nested OL LI items being improperly numbered on export
1. Fix issue with new lines not being introduced after lists in on import #3961
1. Sanitize HTML on the way in (import)
1. Fix ExportHTML CSS because it needs to support OL > LI > OL not OL > OL [The latter being the correct format]
1. Fix backend tests.
 2020-06-05 20:54:16 +01:00
John McLear
fc88f12bba
editor: ul/ol/li - outdent on ol and ul button press 2020-06-05 20:00:21 +01:00
John McLear
13bd859f31
Import/export: Fix3032 - importing document botches pad options (#3769) 
Fixes #3032
 2020-06-05 19:58:25 +01:00
translatewiki.net
c9ffe59b55 Localisation updates from https://translatewiki.net. 2020-06-04 17:46:31 +02:00
Chocobozzz
c854cced65
performance: Use worker threads to minify JS/CSS files (#3823) 2020-06-04 14:00:50 +01:00
Gerrit Pape
f925d5fc74
ui: Add a home icon (#4076) 
This commit adds the fontawesome "home" icon, codepoint e80b
 2020-06-03 10:56:24 +01:00
Sebastian Castro
7aa7e02e27
Various UI improvement (#4017) 2020-06-02 10:25:43 +01:00
Alex
f45d85f615
editor: fix the wrong URL when we use etherpad without /p/ in the URL (#4070) 2020-06-01 22:12:42 +01:00
translatewiki.net
b1e50ab835 Localisation updates from https://translatewiki.net. 2020-06-01 22:30:02 +02:00
John McLear
0d51e71578
ux: Better ux for if cookies are disabled or not available. 2020-06-01 20:17:48 +01:00
Richard Hansen
07c73d4f2d
webaccess: Log authentication attempts (#4022) 
Addresses issue #4016.
 2020-06-01 20:11:57 +01:00
John McLear
addb9b957a
import: Resolve error handling import causes instance crash 2020-06-01 20:09:10 +01:00
b_b
f84837ef9b
plugins: add hooks for index.html template 
ref #3978
 2020-06-01 19:43:11 +01:00
John McLear
2c944eba34
minification: use mime lookup for mime types (#3979) 2020-06-01 19:37:54 +01:00
John McLear
71bffed190
tests: fix for fuzz tests (#4068) 2020-06-01 18:52:46 +01:00
ssendev
0b7ace83d5
ui: hide create/open pad buttons on index page (#3974) 
if requireSession or editOnly is set these buttons always fail
 2020-06-01 18:28:13 +01:00
John McLear
bfca481b0b
import: setting for allowing import without author existing 2020-06-01 18:19:06 +01:00
Stefan
cffd04446e
admin: Add etherpad update check 
This update check notifies admin on startup (via console) or in /admin UI that they need to update Etherpad.
 2020-06-01 17:57:53 +01:00
John McLear
8deac52c84 tests: include mocha froth in package lock and better syntax for package.json 2020-06-01 16:35:38 +00:00
John McLear
dc11b85e62
tests: fuzzing, binary imports 2020-06-01 17:26:55 +01:00
Chocobozzz
59b1a2d5e0
performance: add template cache for quicker page renders 2020-06-01 15:00:47 +01:00
John McLear
7273778e5f doh, recommit package-lock 2020-05-30 18:40:44 +00:00
John McLear
add3b23f66 tests: load testing into core 2020-05-30 18:17:33 +00:00
John McLear
2011c24f57
editor: Don't restrict plugins from being able to bring in newline content 
#2412 broke this, it was discovered in https://github.com/JohnMcLear/ep_copy_paste_images/issues/20.

The limitation means that images can't be pasted within lists which IMHO is fine.  I could refine this down to OL only but I think images within lists would be fine not to include.
 2020-05-29 16:53:08 +01:00
John McLear
00b6a1d9fe
Remove top console logs to stop hosted iFrames being broken. 2020-05-29 12:56:03 +01:00
John McLear
b2a723e57f
editor: Don't allow edits during reconnecting 
Not the best fix but better than the current status quo.
 2020-05-29 12:35:00 +01:00
John McLear
40f36d7eb5
Tests: ShowChat fix (#4049) 
Resolves https://github.com/ether/etherpad-lite/issues/3541
 2020-05-28 15:18:13 +01:00
John McLear
bcdb331c79
tests: Embed test fix (#4020) 
* quick fix for iframe code wihch someone broke

* Also fix cookie test
 2020-05-27 16:54:20 +01:00
translatewiki.net
66a43646a7 Localisation updates from https://translatewiki.net. 2020-05-26 17:05:30 +02:00