John McLear
|
1e98033632
|
Security: Fix revision parsing (#5772)
A carefully crated URL can cause Etherpad to hang.
|
2023-06-26 18:17:06 +01:00 |
|
Richard Hansen
|
2d53b9f150
|
PadMessageHandler: Plumb author ID to more pad creation locations
|
2022-02-24 17:40:04 -05:00 |
|
Richard Hansen
|
363a48b6d5
|
ChatMessage: Log deprecation warnings for .userId, .authorId
|
2022-02-24 17:39:38 -05:00 |
|
Richard Hansen
|
b4d9252bfe
|
PadMessageHandler: Don't get Pad object multiple times
|
2022-02-24 17:39:38 -05:00 |
|
Richard Hansen
|
b276eb0a23
|
PadMessageHandler: Improve message sanity checking
Use exceptions instead of silent drops so that the client can detect
the error and react appropriately.
|
2022-02-24 17:39:38 -05:00 |
|
Richard Hansen
|
fcfa51bda6
|
PadMessageHandler: Convert complex if to switch
|
2022-02-24 17:39:38 -05:00 |
|
Richard Hansen
|
32c82917e3
|
Merge branch 'master' into develop
|
2022-02-23 17:25:38 -05:00 |
|
Richard Hansen
|
ba370b0e05
|
PadMessageHandler: Don't trust user-provided padId
|
2022-02-23 16:11:21 -05:00 |
|
Richard Hansen
|
bdbde88fed
|
PadMessageHandler: Fix USER_CHANGES queue identifier
`message.padId` is normally undefined for `USER_CHANGES` messages.
|
2022-02-23 16:11:16 -05:00 |
|
Richard Hansen
|
daee90d2af
|
lint: Close function args on same line as final arg
|
2022-02-21 14:53:48 -05:00 |
|
Richard Hansen
|
c8211f2898
|
lint: Run eslint --fix
|
2022-02-21 14:36:58 -05:00 |
|
Richard Hansen
|
3b8549342a
|
Pad: Plumb author ID through mutation operations
|
2022-02-19 14:55:42 -05:00 |
|
Richard Hansen
|
692749d1cf
|
express-session: Extend session lifetime if user is active
|
2022-01-17 21:45:56 -05:00 |
|
Richard Hansen
|
02a56dc58c
|
PadMessageHandler: Allow handleMessageSecurity to grant one-time write access
|
2021-12-21 17:23:56 -05:00 |
|
Richard Hansen
|
31b025bd9d
|
PadMessageHandler: Pass session info to handleMessageSecurity hook
|
2021-12-21 17:23:56 -05:00 |
|
Richard Hansen
|
1b52c9f0c4
|
PadMessageHandler: Deprecate client context property
|
2021-12-21 17:23:56 -05:00 |
|
Richard Hansen
|
cff089e54e
|
PadMessageHandler: Accept retransmissions of USER_CHANGES
|
2021-12-14 01:02:00 -05:00 |
|
Richard Hansen
|
a370cfa5c6
|
Pad: Don't create no-op revisions
|
2021-12-14 01:02:00 -05:00 |
|
Richard Hansen
|
56b7671422
|
Pad: Return new rev number from appendRevision()
|
2021-12-14 01:02:00 -05:00 |
|
Richard Hansen
|
c05ee7ce72
|
PadMessageHandler: Move ACCEPT_COMMIT after changeset save
|
2021-12-14 01:02:00 -05:00 |
|
Richard Hansen
|
89fe40e080
|
Changeset: Migrate from OpIter to deserializeOps()
|
2021-11-23 01:21:49 -05:00 |
|
Richard Hansen
|
f1eb7a25a6
|
Changeset: Migrate to the new attribute API
|
2021-11-21 04:11:41 -05:00 |
|
Richard Hansen
|
ae1741c25b
|
PadMessageHandler: Add missing parseNum() for attribute lookup
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
a052580bd1
|
PadMessageHandler: Stop the USER_CHANGES timer on exception
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
97e382e5d2
|
PadMessageHandler: Move USER_CHANGES processing inside try
This improves the accuracy of the timing stats, and it simplifies
error handling.
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
b1c1501e1e
|
PadMessageHandler: Use object destructuring
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
e961718ff2
|
PadMessageHandler: Improve error logging
Use a log4js logger instead of `console`, and clean up some of the log
messages.
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
1447ab8899
|
PadMessageHandler: Factor out common USER_CHANGES error message formatting
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
35b2aeb3b1
|
PadMessageHandler: Factor out duplicate bad USER_CHANGES handling
This also fixes a double-count bug.
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
85919ff914
|
PadMessageHandler: Replace channels package with async-friendly class
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
5c1177a3d9
|
PadMessageHandler: Switch from nodeify to util.callbackify
|
2021-11-20 01:24:30 -05:00 |
|
Richard Hansen
|
caefd2184a
|
PadMessageHandler: Don't fire userLeave if user hasn't joined yet
|
2021-11-07 01:30:39 -04:00 |
|
Richard Hansen
|
56cb08f4c5
|
pad: Pass color and display name in CLIENT_READY
|
2021-11-05 18:14:27 -04:00 |
|
Richard Hansen
|
26675c5019
|
chat: New chatNewMessage server-side hook
|
2021-11-01 01:54:29 -04:00 |
|
Richard Hansen
|
4c2f7f9a11
|
chat: Rename userId to authorId, userName to displayName
|
2021-11-01 01:54:28 -04:00 |
|
Richard Hansen
|
0f47ca9046
|
chat: Plumb message object end to end
This will make it possible for future commits to add hooks that allow
plugins to augment chat messages with arbitrary metadata.
|
2021-11-01 01:54:28 -04:00 |
|
Richard Hansen
|
9aaf781548
|
PadMessageHandler: Modernize userLeave hook context properties
|
2021-10-30 03:07:44 -04:00 |
|
Richard Hansen
|
a6d060d67b
|
PadMessageHandler: Replace clientReady hook with new userJoin hook
|
2021-10-30 03:07:44 -04:00 |
|
Richard Hansen
|
c98910e1c5
|
PadMessageHandler: Populate session info as early as possible
|
2021-10-30 03:07:44 -04:00 |
|
Richard Hansen
|
b7de24c85f
|
PadMessageHandler: Fix readability of duplicate user check
|
2021-10-30 03:07:44 -04:00 |
|
Richard Hansen
|
00e7b04518
|
PadMessageHandler: Improve readability of changeset loading
|
2021-10-30 03:07:44 -04:00 |
|
Richard Hansen
|
50b9e0df1f
|
PadMessageHandler: Use values from session info object
This is more consistent with the rest of the code, and it provides a
single source of truth.
|
2021-10-30 03:07:40 -04:00 |
|
Richard Hansen
|
10e930408c
|
PadMessageHandler: Delete unnecessary CLIENT_READY checks
The checks are already performed by the security manager.
|
2021-10-30 03:06:57 -04:00 |
|
Richard Hansen
|
0992f19570
|
PadMessageHandler: Improve readability of historical author fetch
|
2021-10-30 03:06:57 -04:00 |
|
Richard Hansen
|
d36a37d666
|
PadMessageHandler: Delete unnecessary protocolVersion
We can assume that the client code is always in sync with what the
server expects.
|
2021-10-30 03:06:57 -04:00 |
|
Richard Hansen
|
ce730b0493
|
PadMessageHandler: Inline createSessionInfoAuth()
This function is only used once so it doesn't need to be separate.
|
2021-10-30 03:06:57 -04:00 |
|
Richard Hansen
|
fa54dc1053
|
PadMessageHandler: Run the clientReady hook asynchronously
|
2021-10-30 03:06:57 -04:00 |
|
Richard Hansen
|
5d30e0b1b2
|
PadMessageHandler: Run the userLeave hook asynchronously
|
2021-10-30 03:06:57 -04:00 |
|
Richard Hansen
|
f2a118b311
|
PadMessageHandler: Inline unnecessary variables
Also delete some unneccessary comments.
|
2021-10-30 03:06:15 -04:00 |
|
Richard Hansen
|
7522d76c40
|
PadMessageHandler: Invert condition to improve readability
|
2021-10-30 03:03:19 -04:00 |
|