049231e4af
Feature/axios ( #5776 )
...
* Move from deprecated request package to axios.
* Fixed package.json
* Another check.
* Fixing npm - hopefully the last.
* Remove double parsing of JSON.
* Bump bundled npm to also get rid of request in the bundled npm.
* Revert "Bump bundled npm to also get rid of request in the bundled npm."
This reverts commit b60fa4f435c141bca332a5b344c36204eb0cc7b4.
2023-06-27 21:20:53 +02:00
1e98033632
Security: Fix revision parsing ( #5772 )
...
A carefully crated URL can cause Etherpad to hang.
2023-06-26 18:17:06 +01:00
159434b759
tests: drop windows 7 test coverage & use chrome latest for admin tests instead of safari ( #5752 )
2023-06-23 10:22:09 +01:00
d6abab6c74
tests: allow ret_nodes to be global for mocha
2023-06-22 11:33:24 +01:00
86d3eabcd8
tests: flaky language test
2022-09-24 20:29:25 +02:00
111ad5c52e
fix cypress config
2022-09-24 18:44:15 +02:00
88c0ab8255
ExportEtherpad: Support custom subkeys
2022-05-05 19:33:21 -04:00
4b2e2dd9f2
tests: Add tests for `exportEtherpadAdditionalContent` hook
2022-05-05 19:33:21 -04:00
7c6746612c
tests: Missing chat messages should cause check failure
2022-04-15 23:52:16 -04:00
06f0318dc4
Stream: New utility library for iterables
2022-04-15 19:14:59 -04:00
1ad7e4601f
load test: Increase startup timeout
2022-03-22 20:07:55 -04:00
1c29dcc62d
load test: Don't suppress Etherpad output
2022-03-22 20:07:55 -04:00
4c6d547e10
load test: Fix argument processing
2022-03-22 20:07:55 -04:00
e4ed4a0d42
load test: Exit on error
2022-03-22 20:07:55 -04:00
8053875d45
pad_utils: Factor out author token generation
2022-03-16 06:10:28 -04:00
cfb68e5725
pad_utils: Rate limit identical `warnDeprecated` calls
2022-02-27 02:55:35 -05:00
908175d1ca
pad_utils: Custom logger interface for `warnDeprecated`
2022-02-27 02:55:09 -05:00
b733ed9ab0
Pad: Convert line endings in text from `padDefaultContent` hook
2022-02-24 17:40:04 -05:00
cd43625be8
tests: Add some tests for `src/node/db/Pad.js`
2022-02-24 17:40:04 -05:00
b276eb0a23
PadMessageHandler: Improve message sanity checking
...
Use exceptions instead of silent drops so that the client can detect
the error and react appropriately.
2022-02-24 17:39:38 -05:00
32c82917e3
Merge branch 'master' into develop
2022-02-23 17:25:38 -05:00
ba370b0e05
PadMessageHandler: Don't trust user-provided `padId`
2022-02-23 16:11:21 -05:00
daee90d2af
lint: Close function args on same line as final arg
2022-02-21 14:53:48 -05:00
c8211f2898
lint: Run `eslint --fix`
2022-02-21 14:36:58 -05:00
aa286b7dbd
API: Add optional `authorId` param to mutation functions
2022-02-19 14:55:42 -05:00
50fafe608b
tests: Basic test for `restoreRevision` API
2022-02-19 14:55:42 -05:00
945e6848e2
SessionStore: Delete DB record when session expires
...
This only deletes records known to the current Etherpad instance --
old records from previous runs are not automatically cleaned up.
2022-01-17 21:45:56 -05:00
72cd983f0f
SessionStore: Option to update DB record on `touch()`
2022-01-17 21:45:52 -05:00
b991948e21
SessionStore: Don't write DB record if already expired
2022-01-17 21:33:58 -05:00
4d498725c7
SessionStore: Improve cookie expiration check
...
* Don't mutate `sess.cookie.expires`.
* Allow `sess.cookie` to be nullish.
* Always compare `Date` objects.
2022-01-17 18:17:40 -05:00
928c598ecf
tests: Add SessionStore backend tests
2022-01-17 17:51:08 -05:00
d3984aa621
express: Move `preAuthorize` hook after `express-session`
...
The `ep_openid_connect` plugin needs access to session state before
authorization checks are made (to securely redirect the user back to
the start page when authentication completes). Now that the
`expressPreSession` hook exists, the rationale for moving
`preAuthorize` before the `express-session` middleware is gone.
This change undoes the following commits:
* bf35dcfc500b1ec20c5c30544b564e
2022-01-14 00:44:54 -05:00
6495b1e6f4
tests: Disable deprecation warnings when testing deprecated functions
2021-12-31 22:15:03 -05:00
c0471dd238
tests: Avoid deprecated `Changeset.opIterator`
2021-12-31 22:14:07 -05:00
0af728ffee
textLinesMutator: coverage for changed attributes in multiline keeps
2021-12-30 18:44:29 -05:00
93447b7493
easysync tests: cover more string operation scenarios
2021-12-30 18:44:29 -05:00
55c47efd4c
easysync tests: add some more smartOpAssembler tests
2021-12-30 18:44:29 -05:00
02a56dc58c
PadMessageHandler: Allow `handleMessageSecurity` to grant one-time write access
2021-12-21 17:23:56 -05:00
696f9c3367
specialpages: New `/health` endpoint for health checking
...
This endpoint is intended to conform with:
https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html
2021-12-21 17:19:56 -05:00
649fbdccf5
express: Move static handlers to `expressPreSession`
...
This avoids the need to exempt the paths from authentication checks,
and it eliminates unnecessary express-session state.
2021-12-20 20:08:19 -05:00
472eddc821
webaccess: Skip checks if `next` is called in `preAuthenticate`
2021-12-20 20:08:18 -05:00
fc498f0ae6
tests: Delete test pad before attempting import
2021-12-20 20:08:18 -05:00
02d1b90d30
tests: Factor out USER_CHANGES/ACCEPT_COMMIT helpers
...
This will make it possible for other tests to reuse the code.
2021-12-19 16:53:24 -05:00
748d661495
Changeset: Fix off-by-one bug in `makeSplice`
2021-12-16 00:48:07 -05:00
cff089e54e
PadMessageHandler: Accept retransmissions of USER_CHANGES
2021-12-14 01:02:00 -05:00
a370cfa5c6
Pad: Don't create no-op revisions
2021-12-14 01:02:00 -05:00
dbacc73c36
tests: Basic USER_CHANGES backend tests
2021-12-14 01:02:00 -05:00
6cca27dea6
API: `getText` with old revision should only return text, not atext
...
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-05 18:50:39 -05:00
6beb5dcaf5
tests: Disable deprecation warnings when testing deprecated functions
2021-11-30 23:17:35 -05:00
a02e45499d
Use the new AttributeMap and Changeset APIs
2021-11-28 23:47:27 -05:00
SamTV12345
John McLear
webzwo0i
Richard Hansen