mirrors/etherpad-lite
1
0
Fork 0
mirror of https://github.com/ether/etherpad-lite.git synced 2025-04-24 17:36:14 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions 33
8298 commits 214 branches 107 tags 73 MiB
Commit graph

648 commits

Author SHA1 Message Date
Stefan
f9a3a6aaae
Improve update check (#5945) 
* Send etherpad version in update check request
* Cache etherpad informations for one hour
* Change format of User-Agent
* Improve exception handling
 2023-09-25 13:05:33 +02:00
Richard Hansen
2bb431e7e5
express-session: Implement and enable key rotation (#5362) by @rhansen 
* SecretRotator: New class to coordinate key rotation

* express-session: Enable key rotation

* Added new entry in docker.adoc

* Move to own package.Removed fallback as Node 16 is now lowest node version.

* Updated package-lock.json

---------

Co-authored-by: SamTV12345 <40429738+samtv12345@users.noreply.github.com>
 2023-07-03 22:58:49 +02:00
DanielHabenicht
675c0130b9
allow option to make pad names case-insensitive (#5501) by @DanielHabenicht 
* New option to make pad names case-insensitive

fixes #3844

* fix helper.gotoTimeslider()

* fix helper.aNewPad() return value

* Update src/node/utils/Settings.js

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

* remove timeout

* rename enforceLowerCasePadIds to lowerCasePadIds

* use before and after hooks

* update with socket specific test

* enforce sanitizing padID for websocket connections

- only enforce for newly created pads, to combat case-sensitive pad name hijacking

* Added updated package.json file.

---------

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
Co-authored-by: SamTV12345 <40429738+samtv12345@users.noreply.github.com>
 2023-07-03 20:52:49 +02:00
SamTV12345
049231e4af
Feature/axios (#5776) 
* Move from deprecated request package to axios.

* Fixed package.json

* Another check.

* Fixing npm - hopefully the last.

* Remove double parsing of JSON.

* Bump bundled npm to also get rid of request in the bundled npm.

* Revert "Bump bundled npm to also get rid of request in the bundled npm."

This reverts commit b60fa4f435.
 2023-06-27 21:20:53 +02:00
John McLear
1e98033632
Security: Fix revision parsing (#5772) 
A carefully crated URL can cause Etherpad to hang.
 2023-06-26 18:17:06 +01:00
Richard Hansen
2facf3a0c5 ExportEtherpad: New importEtherpad, exportEtherpad hooks 2022-05-06 02:54:34 -04:00
Richard Hansen
44fd70491d ImportEtherpad: Batch database writes 2022-05-05 20:49:52 -04:00
Richard Hansen
c1652fd695 ImportEtherpad: Process records in batches 
This enables ueberdb to combine multiple queries into a single message
to the database backend.
 2022-05-05 20:49:52 -04:00
Richard Hansen
10117bc988 ImportEtherpad: Use a real ueberdb object for the temp Pad 
Now plugin authors have access to the full set of DB operations.
 2022-05-05 20:49:52 -04:00
Richard Hansen
6a183db850 ExportEtherpad: Parallelize record reads 2022-05-05 19:33:21 -04:00
Richard Hansen
88c0ab8255 ExportEtherpad: Support custom subkeys 2022-05-05 19:33:21 -04:00
Richard Hansen
78b44daaa8 ExportEtherpad: Fix exportEtherpadAdditionalContent hook docs 
When exporting, only records like `comments:padId` are supported, not
records like `comments:padId:foo`.
 2022-05-05 19:33:21 -04:00
Richard Hansen
936185e3b6 ExportEtherpad: Use Pad API to collect data 2022-05-05 19:33:21 -04:00
Richard Hansen
4a6e77839e ExportEtherpad: Process pad record separately 
to improve readability.
 2022-05-05 19:33:21 -04:00
Richard Hansen
56a60a34fb ExportEtherpad: Simplify attribute pool iteration 2022-05-05 19:33:21 -04:00
Richard Hansen
3004bc1583 ExportEtherpad: Invert conditions to improve readability 
Also delete unnecessary comments.
 2022-05-05 19:33:21 -04:00
Richard Hansen
06f0318dc4 Stream: New utility library for iterables 2022-04-15 19:14:59 -04:00
Richard Hansen
daee90d2af lint: Close function args on same line as final arg 2022-02-21 14:53:48 -05:00
Richard Hansen
c8211f2898 lint: Run eslint --fix 2022-02-21 14:36:58 -05:00
Richard Hansen
3b8549342a Pad: Plumb author ID through mutation operations 2022-02-19 14:55:42 -05:00
Richard Hansen
9db3424403 deps: Bump rehype and rehype-minify-whitespace 2022-01-27 01:27:10 -05:00
Richard Hansen
692749d1cf express-session: Extend session lifetime if user is active 2022-01-17 21:45:56 -05:00
Richard Hansen
023e58cfe6 express-session: Set a finite cookie lifetime 2022-01-17 21:45:56 -05:00
Richard Hansen
fa8bdb0348 promises: Add a comment explaining a subtlety in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
a115c475ad promises: Expose reject in Gate 2022-01-02 18:57:44 -05:00
Richard Hansen
b72db7ebd6 promises: Return a Promise from Gate.then() 
It doesn't make sense to return a `Gate` from `Gate.then()`, and this
eliminates the semantically confusing constructor parameter.
 2022-01-02 18:57:44 -05:00
Richard Hansen
78a67801f3 promises: Move Gate from server.js (to enable reuse) 2022-01-02 18:57:44 -05:00
Richard Hansen
a370cfa5c6 Pad: Don't create no-op revisions 2021-12-14 01:02:00 -05:00
Richard Hansen
8c857a85ac pad: Use null as default for userName, userColor options 
These options are used as strings, so it doesn't make sense to default
them to a boolean value.

Note that this change has no effect due to a bug in how pad options
are processed; that bug will be fixed in a future commit.
 2021-12-04 23:06:16 -05:00
Richard Hansen
61b608e264 pad: Use null as default for lang option 
It doesn't make sense to override the browser's language with `en-gb`
by default.

Note that this change has no effect due to a bug in how pad options
are processed; that bug will be fixed in a future commit.
 2021-12-04 23:06:16 -05:00
Richard Hansen
f00b1ae89b Merge branch 'master' into develop 2021-11-28 23:10:45 -05:00
Richard Hansen
77bcb507b3 ImportEtherpad: Limit in-flight DB queries 2021-11-28 22:28:55 -05:00
Richard Hansen
5b3575acf0 ImportEtherpad: Use AttributePool to check attributes 2021-11-28 22:28:55 -05:00
Richard Hansen
19909eae53 ImportEtherpad: Rigorously check imported data 2021-11-28 22:28:55 -05:00
Richard Hansen
ad78b24113 ImportEtherpad: Warn about unsupported attrib at encounter 2021-11-28 22:28:55 -05:00
Richard Hansen
23f8a12922 ImportEtherpad: Don't make any changes if data is bad 2021-11-28 22:28:55 -05:00
Richard Hansen
a2e77a7128 ImportEtherpad: Enforce single-pad records 2021-11-28 22:28:54 -05:00
Richard Hansen
33778281b9 ImportEtherpad: Simplify attribute key iteration 2021-11-28 22:28:54 -05:00
Richard Hansen
00fc7c8e86 ImportEtherpad: Reject unknown DB records 2021-11-28 22:27:44 -05:00
Richard Hansen
8e9bc8d325 ImportEtherpad: Avoid false positives when checking apool 2021-11-28 19:00:44 -05:00
Richard Hansen
003e5cbd4b ImportEtherpad: Fix DB key pad ID transformation 2021-11-28 19:00:44 -05:00
Richard Hansen
fea7948b05 ImportEtherpad: Fix author info processing 2021-11-28 19:00:44 -05:00
Richard Hansen
2f0561abc0 ImportEtherpad: Remove unnecessary variable 2021-11-25 18:39:07 -05:00
Richard Hansen
9bc90128cb ImportEtherpad: Fix async logic 2021-11-25 18:39:07 -05:00
Richard Hansen
d3427240c6 tests: Serve all of src/tests/frontend/, not just specs 2021-11-23 21:07:07 -05:00
Richard Hansen
89fe40e080 Changeset: Migrate from OpIter to deserializeOps() 2021-11-23 01:21:49 -05:00
Richard Hansen
657492e191 Changeset: Turn newOp() into a real class 2021-11-23 01:21:12 -05:00
Richard Hansen
2fc06a0884 Changeset: Add TODO comments for issues noticed 2021-11-21 04:11:41 -05:00
Richard Hansen
f1eb7a25a6 Changeset: Migrate to the new attribute API 2021-11-21 04:11:41 -05:00
Richard Hansen
1f227200da Replace separate attrib key, value calls with single pair call 2021-11-21 04:11:41 -05:00