tildeverse/cryptpad
4
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
12,109 Commits 1 Branch 105 Tags 254 MiB
98df612eb4
Commit Graph

181 Commits

Author SHA1 Message Date
ansuz
3b44c09bc4 check COOP headers for multiple endpoints 
and improve some error reporting in the checkup RPC
 2021-07-01 16:42:09 +05:30
ansuz
942a136886 somewhat stricter httpUnsafeOrigin validation 2021-06-15 03:52:12 +05:30
ansuz
98c8d7086f include instance version in Env 2021-06-09 18:43:31 +05:30
ansuz
87a52b67f5 re-add an incorrectly removed curly brace 2021-06-09 14:23:58 +05:30
ansuz
41db88a360 WIP admin 'network' panel 2021-06-08 20:24:30 +05:30
ansuz
b88963cec2 conditionally log some information about the checkup page when launching the server 2021-06-01 17:53:57 +05:30
ansuz
32494fca0c let NGINX handle its own headers 2021-05-12 14:29:29 +05:30
ansuz
eb32651c67 leave some notes about a minor race condition 2021-05-05 12:07:45 +05:30
ansuz
30fc2a5edf Merge branch 'staging' into restricted-registration 2021-05-01 02:04:22 +05:30
ansuz
bd37e45eb4 disable some seemingly problematic server code 2021-04-30 10:38:03 +05:30
ansuz
15a8284a30 add some logging and avoid some errors 2021-04-29 07:09:16 +05:30
ansuz
50045c08d0 WIP restrict registration 2021-04-26 18:31:33 +05:30
ansuz
e90031b8d1 refined header fix for standalone instances 2021-04-15 19:43:08 +05:30
ansuz
3a0fe6968d refine the header fixes for chrome to avoid breaking standalone instances 2021-04-15 18:03:13 +05:30
ansuz
ae173d31cb fix a chrome header issue 2021-04-15 15:17:08 +05:30
ansuz
34e02a23e7 deduplicate server code for caching rendered API endpoints 2021-04-12 13:19:11 +05:30
ansuz
4e3a7fef24 add notes from our review 2021-04-02 17:14:15 +05:30
yflory
8f679c141c Broadcast update 2021-03-30 17:41:12 +02:00
yflory
96892bff48 Merge branch 'staging' into broadcast 2021-03-30 13:53:49 +02:00
yflory
b108960d67 Rename ooslide and oodoc 2021-03-24 15:01:52 +01:00
ansuz
3141d7add1 remove trailing slashes from configured origins 
in both the server and the example config file
 2021-03-22 14:12:14 +05:30
yflory
7971a6d267 Major broadcast refactoring 2021-03-16 17:00:23 +01:00
yflory
d15c0461cc Add /api/broadcast and improve message deletion 2021-03-12 12:46:11 +01:00
ansuz
1ef6a96cd1 avoid duplicating CSP headers in production environments 2021-03-03 11:11:06 +05:30
ansuz
3c4b2ffad0 avoid setting headers for /api/config that will be duplicated by nginx 2021-03-03 09:59:04 +05:30
ansuz
929159a0f4 implement server offline mode (no ws) 2021-01-08 14:49:04 +05:30
yflory
396eb4d263 Stop autodownloading big mediatags 2020-11-24 16:38:31 +01:00
ansuz
ebc394c4b3 expose defaultStorageLimit via /api/config 2020-11-17 18:09:34 +05:30
ansuz
aa547a7b76 align nodejs http headers with example nginx 2020-11-03 16:48:31 +05:30
ansuz
804443e5f7 send basic team info along with support tickets 
...and fix a server bug that had broken /api/config.supportMailbox
 2020-10-15 15:12:12 +05:30
ansuz
369c92c01d initialize Env from server and deduplicate several attributes 2020-10-12 17:39:53 +05:30
ansuz
c99de4ffc2 expose the canonical representation of adminKeys via /api/config 2020-10-12 14:56:09 +05:30
ansuz
b5d3a10dc2 guard against possible typeErrors from unvalidated config input 2020-10-09 13:28:13 +05:30
ansuz
6519f8242e Merge branch 'signing-key-format' into staging 2020-06-30 14:52:57 -04:00
ansuz
ebcc9a069b add server-side support for the new format of public signing keys 2020-06-25 13:14:26 -04:00
yflory
b94a596751 remove unsafe-inline requirement in pad 2020-06-22 18:45:16 +02:00
ansuz
5196440e65 guard against a typeError when httpSafeOrigin is not defined 2020-04-06 10:16:02 -04:00
ansuz
9fa93172cf tolerate trailing slashes in httpSafeDomain 2020-04-03 10:37:23 -04:00
ansuz
3b05d24f10 wip csp issue 2020-04-02 17:46:29 -04:00
Jason Heard
9b3013278b Check httpSafeOrigin in config variable 2020-03-10 14:21:23 -06:00
ansuz
53ed247bc2 expose maxUploadSize and premiumUploadSize via /api/config 2020-03-03 16:47:44 -05:00
ansuz
e70c3ff0ab add some default config values and warn if provided values seem incorrect 2020-02-28 12:01:52 -05:00
ansuz
74771f13f5 implement caching for /api/config responses 2020-02-27 13:48:19 -05:00
ansuz
80c012f34d prepare to merge history keeper and rpc 2020-01-27 17:57:39 -05:00
ansuz
c388641479 drop support for 'retainData' configuration 2020-01-23 15:13:19 -05:00
ansuz
f45de2b52f move some server deps from repo root to lib/ 2020-01-23 15:01:56 -05:00
ansuz
671999c600 treat onlyoffice iframes specially with regard to CSP 2020-01-21 08:39:55 -05:00
yflory
47768112b4 Merge branch 'staging' into communities-oo 2020-01-16 14:52:37 +01:00
Ludovic Dubost
d593f3961c Updated OnlyOffice editors, Updated x2t.js to 5.4.2 2020-01-05 20:32:34 +01:00
Ludovic Dubost
1065ef5d4c Fix security policy for ooslide and oodoc which would break x2t wasm export on Chrome 2020-01-04 02:03:30 +01:00