etherpad-lite

libretic/etherpad-lite

Fork 0

Commit graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Richard Hansen	b8d07a42eb	lint: Run `eslint --fix` on `bin/` and `tests/`	2020-11-24 20:06:12 +00:00
webzwo0i	b71b606774	tests: Switch from Travis to Github Actions Travis placed an unnecessary breaking restriction on our tests and failed to respond within 72 hours to our complaint. This has forced us to introduce Github Actions to manage our testing. This is hopefully a temporary measure while Travis either gets itself together or we find a non-Github requirement.	2020-11-24 18:12:41 +00:00
webzwo0i	ceb09ce99a	security: Support proxy with rate limiting and include CI test coverage for nginx rev proxy (#4373 ) Previously Etherpad would not pass the correct client IP address through and this caused the rate limiter to limit users behind reverse proxies. This change allows Etherpad to use a client IP passed from a reverse proxy. Note to devs: This header can be spoofed and spoofing the header could be used in an attack. To mitigate additional steps should be taken by Etherpad site admins IE doing rate limiting at proxy. This only really applies to large scale deployments but it's worth noting.	2020-10-01 10:39:01 +01:00

Richard Hansen

b8d07a42eb

lint: Run eslint --fix on bin/ and tests/

2020-11-24 20:06:12 +00:00

webzwo0i

b71b606774

tests: Switch from Travis to Github Actions

Travis placed an unnecessary breaking restriction on our tests and failed to respond within 72 hours to our complaint.  This has forced us to introduce Github Actions to manage our testing.  This is hopefully a temporary measure while Travis either gets itself together or we find a non-Github requirement.

2020-11-24 18:12:41 +00:00

webzwo0i

ceb09ce99a

security: Support proxy with rate limiting and include CI test coverage for nginx rev proxy (#4373 )

Previously Etherpad would not pass the correct client IP address through and this caused the rate limiter to limit users behind reverse proxies.  This change allows Etherpad to use a client IP passed from a reverse proxy.

Note to devs: This header can be spoofed and spoofing the header could be used in an attack.  To mitigate additional *steps should be taken by Etherpad site admins IE doing rate limiting at proxy.*  This only really applies to large scale deployments but it's worth noting.

2020-10-01 10:39:01 +01:00

3 commits