libre-service.eu/pad.libre-service.eu-etherpad
libre-service.eu/pad.libre-service.eu-etherpad
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-01-19 14:13:34 +01:00
Code Issues Projects Releases Wiki Activity
7779 commits 206 branches 105 tags 123 MiB
Commit graph

7779 commits

This branch
This branch
All branches
Author SHA1 Message Date
Richard Hansen
cb50156fe0 WIP: webpack 2022-01-21 00:12:25 -05:00
Richard Hansen
bf831576ea ace2_inner: Avoid global padeditbar variable 2022-01-21 00:05:37 -05:00
Richard Hansen
b325a145d6 Pad: Deprecate use of global variables 2022-01-21 00:05:37 -05:00
Richard Hansen
2b53c69749 Pad: Defer module loading until plugins are loaded 2022-01-21 00:05:36 -05:00
Richard Hansen
b805143d1a changesettracker: Surface handleUserChanges() errors 2022-01-21 00:05:36 -05:00
Richard Hansen
b9bea963e4 changesettracker: Plumb author ID to avoid global pad variable 2022-01-21 00:05:20 -05:00
Richard Hansen
2dfb1c494b Chat: Don't rely on global pad variable 2022-01-21 00:00:47 -05:00
Richard Hansen
d5583559c0 Chat: Move onClick attributes to chat.js 
This avoids the reliance on the global `chat` variable, and it is a
step toward supporting a strict Content Security Policy (#4401).
 2022-01-21 00:00:47 -05:00
Richard Hansen
f5c2ea853c tests: Don't rely on global pad variable 2022-01-21 00:00:47 -05:00
Richard Hansen
e99eb6366c pad_userlist: Don't rely on global pad variable 2022-01-21 00:00:47 -05:00
Richard Hansen
bf6ab3bba8 plugins: Don't load plugin defs in inner window 
They're not used there.
 2022-01-21 00:00:47 -05:00
Richard Hansen
283c04aca9 lint: Clean up the code in pad.html 2022-01-21 00:00:47 -05:00
Richard Hansen
c1ea2ddccc Delete commented-out code 2022-01-21 00:00:47 -05:00
Richard Hansen
c7195b1133 docker: Add variables for cookie settings 2022-01-19 23:08:32 -05:00
Richard Hansen
861a929a43 docker: Sync settings.json.docker with .template 2022-01-19 23:06:56 -05:00
Richard Hansen
692749d1cf express-session: Extend session lifetime if user is active 2022-01-17 21:45:56 -05:00
Richard Hansen
9c1f52f1b0 express-session: Install package from @etherpad scope 
This allows us to use some in-progress features.
 2022-01-17 21:45:56 -05:00
Richard Hansen
023e58cfe6 express-session: Set a finite cookie lifetime 2022-01-17 21:45:56 -05:00
Richard Hansen
ec10700dff express-session: Don't save uninitialized sessions 
This should avoid frivolous session records, such as when the user
gets a 404 (unless login was required to see the 404).
 2022-01-17 21:45:56 -05:00
Richard Hansen
7255dd7ef0 express-session: Inherit proxy trust from Express 2022-01-17 21:45:56 -05:00
Richard Hansen
945e6848e2 SessionStore: Delete DB record when session expires 
This only deletes records known to the current Etherpad instance --
old records from previous runs are not automatically cleaned up.
 2022-01-17 21:45:56 -05:00
Richard Hansen
72cd983f0f SessionStore: Option to update DB record on touch() 2022-01-17 21:45:52 -05:00
Richard Hansen
b991948e21 SessionStore: Don't write DB record if already expired 2022-01-17 21:33:58 -05:00
Richard Hansen
4d498725c7 SessionStore: Improve cookie expiration check 
* Don't mutate `sess.cookie.expires`.
  * Allow `sess.cookie` to be nullish.
  * Always compare `Date` objects.
 2022-01-17 18:17:40 -05:00
Richard Hansen
928c598ecf tests: Add SessionStore backend tests 2022-01-17 17:51:08 -05:00
Richard Hansen
efab3aed0c deps: Update ueberdb2 to 2.0.1 to get proper JSON support 2022-01-14 00:45:47 -05:00
Richard Hansen
d3984aa621 express: Move preAuthorize hook after express-session 
The `ep_openid_connect` plugin needs access to session state before
authorization checks are made (to securely redirect the user back to
the start page when authentication completes). Now that the
`expressPreSession` hook exists, the rationale for moving
`preAuthorize` before the `express-session` middleware is gone.

This change undoes the following commits:
  * bf35dcfc50
  * 0b1ec20c5c
  * 30544b564e
 2022-01-14 00:44:54 -05:00
Richard Hansen
75637708c0 express: Move up cookie-parser middleware 
This makes it possible for the `preAuthorize` and `preExpressSession`
hooks to easily read or set cookies.
 2022-01-14 00:44:54 -05:00
Richard Hansen
ab85db4426 webaccess: Silence prototype pollution warning 2022-01-14 00:44:54 -05:00
Richard Hansen
dcd43e9849 webaccess: Use .startsWith() instead of .search() 2022-01-14 00:44:54 -05:00
translatewiki.net
b9118c22ba Localisation updates from https://translatewiki.net. 2022-01-13 13:02:54 +01:00
Richard Hansen
fd9b770579 PadManager: Refactor padList to avoid duplicate loads 2022-01-02 20:44:42 -05:00
Richard Hansen
66ce2b50a9 openapi: Convert Promise.catch() to catch block 2022-01-02 19:17:20 -05:00
Richard Hansen
fa8bdb0348 promises: Add a comment explaining a subtlety in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
a115c475ad promises: Expose reject in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
b72db7ebd6 promises: Return a Promise from Gate.then() 
It doesn't make sense to return a `Gate` from `Gate.then()`, and this
eliminates the semantically confusing constructor parameter.
 2022-01-02 18:57:44 -05:00
Richard Hansen
78a67801f3 promises: Move Gate from server.js (to enable reuse) 2022-01-02 18:57:44 -05:00
Richard Hansen
c8d45586c1 server: Fix stop Gate creation and check 2022-01-02 18:57:44 -05:00
Richard Hansen
10c55a2328 Changeset: Explain why number of removals doesn't matter 2021-12-31 22:53:59 -05:00
Richard Hansen
6495b1e6f4 tests: Disable deprecation warnings when testing deprecated functions 2021-12-31 22:15:03 -05:00
Richard Hansen
c0471dd238 tests: Avoid deprecated Changeset.opIterator 2021-12-31 22:14:07 -05:00
webzwo0i
0af728ffee textLinesMutator: coverage for changed attributes in multiline keeps 2021-12-30 18:44:29 -05:00
webzwo0i
93447b7493 easysync tests: cover more string operation scenarios 2021-12-30 18:44:29 -05:00
webzwo0i
395cbc01bb Changeset.js: refine comments 2021-12-30 18:44:29 -05:00
webzwo0i
55c47efd4c easysync tests: add some more smartOpAssembler tests 2021-12-30 18:44:29 -05:00
webzwo0i
12ebca897d easysync: add clear method to stringAssembler 2021-12-30 18:44:29 -05:00
Chocobozzz
0cc15df9b9 Prevent pad translation and crash 
Prevent "TypeError: Cannot read properties of null (reading 'sheet')"
exception because google chrome can translate `<style type="text/css" title="dynamicsyntax"></style>` title attribute
 2021-12-22 17:46:32 +01:00
Richard Hansen
cb257de8f9 Bump version to v1.9.0 for plugin peerDependencies 
This allows plugins to depend on the not-yet-released API by bumping
their `peerDependencies` to `>=1.9.0`.

IMPORTANT: v1.9.0 IS NOT RELEASED YET. I tried to bump the version to
1.9.0-alpha.0 instead, but unfortunately that doesn't satisfy
`>=1.8.6` which would break just about every plugin.
 2021-12-21 17:23:56 -05:00
Richard Hansen
02a56dc58c PadMessageHandler: Allow handleMessageSecurity to grant one-time write access 2021-12-21 17:23:56 -05:00
Richard Hansen
31b025bd9d PadMessageHandler: Pass session info to handleMessageSecurity hook 2021-12-21 17:23:56 -05:00