692749d1cf
express-session: Extend session lifetime if user is active
2022-01-17 21:45:56 -05:00
023e58cfe6
express-session: Set a finite cookie lifetime
2022-01-17 21:45:56 -05:00
ec10700dff
express-session: Don't save uninitialized sessions
...
This should avoid frivolous session records, such as when the user
gets a 404 (unless login was required to see the 404).
2022-01-17 21:45:56 -05:00
945e6848e2
SessionStore: Delete DB record when session expires
...
This only deletes records known to the current Etherpad instance --
old records from previous runs are not automatically cleaned up.
2022-01-17 21:45:56 -05:00
02a56dc58c
PadMessageHandler: Allow `handleMessageSecurity` to grant one-time write access
2021-12-21 17:23:56 -05:00
31b025bd9d
PadMessageHandler: Pass session info to `handleMessageSecurity` hook
2021-12-21 17:23:56 -05:00
1b52c9f0c4
PadMessageHandler: Deprecate `client` context property
2021-12-21 17:23:56 -05:00
f1856cf95a
Docker: Use new `/health` endpoint for HEALTHCHECK
2021-12-21 17:19:56 -05:00
696f9c3367
specialpages: New `/health` endpoint for health checking
...
This endpoint is intended to conform with:
https://www.ietf.org/archive/id/draft-inadarei-api-health-check-06.html
2021-12-21 17:19:56 -05:00
649fbdccf5
express: Move static handlers to `expressPreSession`
...
This avoids the need to exempt the paths from authentication checks,
and it eliminates unnecessary express-session state.
2021-12-20 20:08:19 -05:00
72f4ae444d
express: New `expressPreSession` server-side hook
2021-12-20 20:08:19 -05:00
8b73f2ee70
padurlsanitize: Don't crash if `sanitizePadId()` throws
...
Let Express send a 500 status code to the user instead.
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-18 18:47:01 -05:00
d94f380141
API: Fix race conditions in `setText`, `appendText`, `restoreRevision`
2021-12-14 01:02:00 -05:00
4d457f6296
ImportHandler: Pass `ImportError` to `import` hook
2021-12-10 02:34:13 -05:00
6cca27dea6
API: `getText` with old revision should only return text, not atext
...
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-12-05 18:50:39 -05:00
99fae2ec6e
pad: Fix application of `padOptions` values from `settings.json`
2021-12-04 23:06:17 -05:00
f00b1ae89b
Merge branch 'master' into develop
2021-11-28 23:10:45 -05:00
142a47cbbc
Release v1.8.16
2021-11-28 23:03:58 -05:00
777d045246
GroupManager: Clean up any mappings when deleting a group
2021-11-28 14:06:47 +00:00
b7065eb9a0
Add notable enhancements/fixes to 1.8.15 changelog
2021-11-25 18:39:01 -05:00
bbd71cea22
Refine `CHANGELOG.md`
2021-11-25 18:39:01 -05:00
89fe40e080
Changeset: Migrate from `OpIter` to `deserializeOps()`
2021-11-23 01:21:49 -05:00
657492e191
Changeset: Turn `newOp()` into a real class
2021-11-23 01:21:12 -05:00
dab881139d
Pad: Fix `copyPadWithoutHistory` apool corruption bug
2021-11-22 18:40:22 -05:00
d74dd235a4
Changeset: Replace `appendATextToAssembler()` with a generator
2021-11-22 18:10:37 -05:00
f1eb7a25a6
Changeset: Migrate to the new attribute API
2021-11-21 04:11:41 -05:00
6cf2055199
Changeset: New API to simplify attribute processing
2021-11-21 04:11:41 -05:00
8274e01d34
Add notable enhancements/fixes to 1.8.15 changelog
2021-11-21 01:40:24 -05:00
978555653b
Refine `CHANGELOG.md`
2021-11-21 01:40:24 -05:00
b540c2bc48
release: Add version to changelog
2021-11-19 15:27:40 +00:00
a65498e849
Changeset: Move `SmartOpAssembler.appendOpWithText()` to a standalone function
2021-11-14 04:17:00 -05:00
4a65c2c8ff
Changeset: Unexport unnecessarily exported functions
...
These functions aren't used outside of this file.
2021-11-13 17:44:38 -05:00
085bc8cbb3
plugins: Don't create `.ep_initialized` files
...
These files cause problems with Docker images and read-only
directories/mounts, and they have dubious value (any install-time
setup should instead be done at startup).
2021-11-13 17:43:33 -05:00
dd8ec4e291
Changeset: Remove unused `lastIndex()` method from op iterator
2021-11-07 23:24:39 -05:00
0fd2a46783
Changeset: Remove unused start index parameter for `opIterator()`
2021-11-07 23:24:39 -05:00
26675c5019
chat: New `chatNewMessage` server-side hook
2021-11-01 01:54:29 -04:00
9fbd2e5c3d
chat: New `chatSendMessage` client-side hook
2021-11-01 01:54:28 -04:00
f1f4ed7c58
chat: Allow `chatNewMessage` hook to control rendering
2021-11-01 01:54:28 -04:00
2597b940f4
chat: Give `chatNewMessage` hook access to the raw message object
2021-11-01 01:54:28 -04:00
e28c9ffc97
tests: Support injecting hook functions during pad load
2021-11-01 01:54:28 -04:00
9aaf781548
PadMessageHandler: Modernize `userLeave` hook context properties
2021-10-30 03:07:44 -04:00
a6d060d67b
PadMessageHandler: Replace `clientReady` hook with new `userJoin` hook
2021-10-30 03:07:44 -04:00
5cbbcbcee6
pad: Simplify reload after `.etherpad` import
...
The old "switch to pad" logic looked buggy, and it complicates pad
initialization. Forcing a refresh after importing an `.etherpad` file
isn't much of a UX downgrade.
2021-10-29 19:27:33 -04:00
aec619cc0b
log4js: Deprecate the `logconfig` setting
...
This will make it possible to upgrade log4js in a future version.
2021-09-28 04:30:26 -04:00
dbd76f0c5d
export: Don't leak writeable pad ID when exporting
...
Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2021-09-15 18:32:06 -04:00
0d65dc8a44
pad: Add `clientVars` to `postAceInit` hook context
...
This allows plugins to avoid the `clientVars` global variable.
2021-08-25 14:59:17 -04:00
c816c20bc7
HTML import: Replace cheerio with jsdom to simplify contentcollector
...
Cheerio provides jQuery-like objects but they wrap DOM Node-like
objects that are not 100% API compatible with the DOM spec. Because of
this, contentcollector, which is used in browsers and in Node.js
during HTML import, has until now needed to support two different
APIs. This commit modifies HTML import to use jsdom instead of cheerio
and simplifies contentcollector.
2021-08-12 13:53:23 -04:00
f55ccd2cdd
changelog 1.8.14
2021-07-04 07:01:07 +02:00
ef1ba21104
deps: Drop support for Node.js < 12.13.0
2021-06-14 23:17:17 +02:00
de0a450aec
Docker: If `DB_*` env var is unset, remove the corresponding setting
2021-06-06 14:00:52 -04:00
Richard Hansen
webzwo0i
John McLear