github/overleaf
1
0
Fork 0
mirror of https://github.com/overleaf/overleaf.git synced 2024-09-23 02:55:13 -04:00
Code Issues Projects Releases Packages Wiki Activity
17886 commits 3 branches 7 tags 188 MiB
Commit graph

17886 commits

This branch
This branch
All branches
Author SHA1 Message Date
Brian Gough
60cee0a219 Merge pull request #55 from sharelatex/bg-avoid-text-html-content-type-in-responses 
use explicit json content-type to avoid security issues with text/html
 2019-02-22 10:20:16 +00:00
Brian Gough
11f07d1f09 Merge pull request #45 from sharelatex/bg-avoid-text-html-content-type-in-responses 
use explicit json content-type to avoid security issues with text/html
 2019-02-22 09:24:30 +00:00
Christopher Hoskin
49c9108788 Fix aspell or, te and no. Still need to fix ta 2019-02-21 10:15:23 +00:00
Christopher Hoskin
59c18c470d Clarify which dicts are from Ubuntu 2019-02-21 09:09:07 +00:00
Christopher Hoskin
9869be319e Merge branch 'master' into cmg-csh-ho-docker-spelling 2019-02-21 08:56:17 +00:00
Christopher Hoskin
52b172ae87 Merge pull request #18 from sharelatex/ho-docker 
Move to dual Linode / GKE deploy
 2019-02-20 07:36:15 +00:00
Henry Oswald
5119db43a7 Merge pull request #37 from sharelatex/ho-continual-pub-sub-traffic 
setup continualPubsubTraffic to keep pub sub happy
 2019-02-19 11:28:06 +00:00
Shane Kilkelly
9727c374b7 Update the readme with a short explanation of how this code works 2019-02-19 10:22:40 +00:00
Henry Oswald
26e903f384 setup continualPubsubTraffic 
this keeps the pub sub channel ticking along happily
 2019-02-15 17:04:49 +00:00
Chrystal Maria Griffiths
d0c9c469e8 Merge pull request #36 from sharelatex/cmg-fix-acceptance-test 
Fix test to accommodate changes to anonymous users
 2019-02-15 15:39:11 +00:00
Chrystal Griffiths
507c4e5ce2 Fix test to accommodate changes to anonymous users 2019-02-15 15:18:17 +00:00
Chrystal Maria Griffiths
0b88a63444 Merge pull request #35 from sharelatex/cmg-anonymous-display-name 
Nameless logged in user labelled as anonymous
 2019-02-15 14:53:18 +00:00
Henry Oswald
946beb78f9 Merge pull request #46 from sharelatex/ho-pendingUpdates-key 
use redis cluster key in defaults for pendingupdates
 2019-02-15 14:03:52 +00:00
Henry Oswald
937e8fe071 use redis cluster key in defaults for pendingupdates 2019-02-15 13:58:29 +00:00
Chrystal Maria Griffiths
e379691767 Merge pull request #1521 from sharelatex/as-fix-noreferrer-noopener 
Add some missing rel="noreferrer noopener" attributes

GitOrigin-RevId: 470de17ba724b8ba544b736bf3a7682b3d499a5d
 2019-02-15 13:33:54 +00:00
Chrystal Maria Griffiths
bf5a28b258 Merge pull request #1509 from sharelatex/as-update-google-config 
Use env var for brandPrefix for compatibility with google infrastructure

GitOrigin-RevId: c7749007d3fbd3746cd8f6771d6b394f5864dd9f
 2019-02-15 13:33:49 +00:00
Chrystal Maria Griffiths
d52c30f272 Merge pull request #1512 from sharelatex/as-rate-limit-confirm-uni-domain-endpoint 
Rate limit confirm university domain endpoint

GitOrigin-RevId: 1d03eec3c0e8208e5f643000693f685957e15442
 2019-02-15 13:33:42 +00:00
Chrystal Maria Griffiths
96f283e2c6 Merge pull request #1477 from sharelatex/as-confirm-quick-action-archive-leave 
Confirm archive or leave when clicking quick action buttons

GitOrigin-RevId: 95d728f22284bab17887a5ac7bc7461d501db7a2
 2019-02-15 13:33:38 +00:00
Chrystal Maria Griffiths
b1c40d2c58 Merge pull request #1501 from sharelatex/cmg-anonymous-display-name 
Label only truly anonymous users as anonymous

GitOrigin-RevId: c33a5c0584bd8a0603921fcf1579204b5fcac009
 2019-02-15 13:33:33 +00:00
Chrystal Maria Griffiths
9abea8ae5f Merge pull request #1516 from sharelatex/as-sanitize-team-notice 
Show sanitized HTML for team notice on subscription page

GitOrigin-RevId: 20256eed298a709d663bdfd0057e0d8462722a0c
 2019-02-15 13:33:28 +00:00
Chrystal Maria Griffiths
778af6ca40 Merge pull request #1510 from sharelatex/ns-moar-contrast 
better contrast in github modal

GitOrigin-RevId: b841f18933bfa2c916c8d2092578a895db0346dd
 2019-02-15 13:33:23 +00:00
Jessica Lawshe
429e392fbb Merge pull request #1518 from sharelatex/jel-search-result-url 
encodeURIComponent on wiki search result

GitOrigin-RevId: 87cb53784de691677a56a5e3fc139a35ad7ae941
 2019-02-14 18:24:27 +00:00
Jessica Lawshe
c9eab36031 Merge pull request #1455 from sharelatex/jel-cms-color-block 
Add color block feature to CMS pages

GitOrigin-RevId: 51a9828d62275308422bdb0d6e2e90cfef0a638a
 2019-02-14 18:24:22 +00:00
Brian Gough
cc613f4370 Merge pull request #1507 from sharelatex/mm-pubmodal-show-errors 
Return error status to the publish modal on export creation error

GitOrigin-RevId: e46e9c1244ee540a4687240e8ecbb14ff36bd2e8
 2019-02-14 15:03:42 +00:00
Brian Gough
1940e9b061 Merge pull request #1523 from sharelatex/bg-avoid-unwanted-fallback-on-network-errors 
avoid fallback to old websocket if initial connection succeeded

GitOrigin-RevId: 1b3f38d0a0f4889b9a15fa071de90a0a9c9a5699
 2019-02-14 14:39:19 +00:00
Shane Kilkelly
e78487922e Merge pull request #1513 from sharelatex/sk-migrate-read-and-write-token-prefix-post-deploy 
Script to re-activate token access for select projects

GitOrigin-RevId: df379f49ec840948ec1afc0864b35b5b5746ebc1
 2019-02-14 11:09:45 +00:00
Shane Kilkelly
349d731745 Merge pull request #1493 from sharelatex/sk-read-write-token-match-on-prefix 
Constant-time comparison for read-write tokens

GitOrigin-RevId: ddd83de551c540544fde426d7d5aca9f4c83fcc7
 2019-02-14 11:09:40 +00:00
Shane Kilkelly
25a0ea8752 Merge pull request #1495 from sharelatex/sk-migrate-read-and-write-token-prefix 
Add migrations for new project property: `tokens.readAndWritePrefix`

GitOrigin-RevId: 276a9e53533ae76e04e20fd94234f65999874662
 2019-02-14 10:27:02 +00:00
Brian Gough
00cdc008d5 Merge pull request #1508 from sharelatex/bg-add-websocket-fallback-option 
add fallback to siteUrl if websocket fails

GitOrigin-RevId: fd866d17475cb974e4158ac7a89e972c66f0dd97
 2019-02-13 09:20:35 +00:00
Brian Gough
038c81f868 use explicit json content-type to avoid security issues with text/html 2019-02-12 16:54:59 +00:00
Brian Gough
8c5d74faef use explicit json content-type to avoid security issues with text/html 2019-02-12 16:45:11 +00:00
Timothée Alby
c4dd8b5da8 Merge pull request #1502 from sharelatex/jel-social-metatags 
Update `og` metatags and add protocol to image URL

GitOrigin-RevId: 9548ca5f378cb770e454bc75062e80bd1c3da9ac
 2019-02-12 15:48:00 +00:00
Timothée Alby
fb5caf7b63 Merge pull request #1504 from sharelatex/jel-portal-sign-in-redirect 
Add redircts when signing in/up via portal

GitOrigin-RevId: b84105f35b5f1c14fa57ca91e766b8b6de00ccd7
 2019-02-12 15:47:53 +00:00
Timothée Alby
f01f80c2bb Merge pull request #1505 from sharelatex/ns-fix-regex 
remove unecessary $ from regex

GitOrigin-RevId: 5998536f71298daeab2845d070150451bbb4a858
 2019-02-12 15:47:47 +00:00
Timothée Alby
b39626751a Merge pull request #1499 from sharelatex/ta-open-redirect-fix 
Prevent Open Redirects

GitOrigin-RevId: 8cd2ead74de60f47b728ac227c21440281b111a5
 2019-02-12 15:47:41 +00:00
Henry Oswald
6fb6086ba1 remove console.log 2019-02-12 14:28:42 +00:00
Henry Oswald
8bc3ff69e1 Merge pull request #30 from sharelatex/ho-docker 
Dockerised
 2019-02-12 14:15:18 +00:00
Chrystal Griffiths
26acdfd072 Add comment explaining why not sending anon data up 2019-02-12 14:06:59 +00:00
Chrystal Griffiths
bb06f82e04 Still send cursorData for logged in users 2019-02-12 14:00:47 +00:00
Henry Oswald
fa40e2c95f Merge pull request #44 from sharelatex/ho-docker-no-keychange 
docker build script minimal
 2019-02-12 13:45:49 +00:00
Henry Oswald
0a0fc91f28 Update app.coffee 2019-02-12 13:27:13 +00:00
Alasdair Smith
9b97af8977 Merge pull request #1403 from sharelatex/as-swap-brand-prefix 
Swap brand prefix so OL is the default

GitOrigin-RevId: 60f4f03598fb6befc1ce790d39f546490612a1db
 2019-02-12 11:32:28 +00:00
Chrystal Griffiths
2ec760403f Revert to method not sending cursorData because of duplication 2019-02-11 11:52:14 +00:00
Simon Detheridge
255981bdc2 Merge pull request #1486 from sharelatex/ta-subscription-dash-fix 
Fix Subscirption Dashboard Messaging

GitOrigin-RevId: 601b0df74c6f9f6bcc1c3ba6ecbf64721bc6fb99
 2019-02-11 11:42:34 +00:00
Simon Detheridge
7dcc807caf Merge pull request #1479 from sharelatex/sk-check-read-token-against-v1 
Check generated read-tokens against v1

GitOrigin-RevId: 15749a41a295c0401b0a39968f2c3657f8abebb8
 2019-02-11 11:42:29 +00:00
Simon Detheridge
78b79999e9 Merge pull request #1492 from sharelatex/spd-dropbox-unlink-csrf 
Add csrf protection for unlinking Dropbox accounts

GitOrigin-RevId: 00bbf0b8d4dc9f97098a645267bf23a6c3e5eea3
 2019-02-11 11:42:24 +00:00
Simon Detheridge
c7f30bdfec Merge pull request #1494 from sharelatex/spd-overleaf-v1-oauth-state 
Use 'state' parameter to prefent CSRF attacks when authenticating with v1

GitOrigin-RevId: bf5f8ddffa391d8f3ca84d3588df906b08eb018d
 2019-02-11 11:42:20 +00:00
Simon Detheridge
ea807d053e Merge pull request #1489 from sharelatex/spd-mendeley-csrf 
Enforce use of csrf token in Mendeley / tpr OAuth

GitOrigin-RevId: b615ee195442123e0cd8ff19a864909ac2e6496d
 2019-02-11 11:42:15 +00:00
Simon Detheridge
9e07daba0b Merge pull request #1490 from sharelatex/ns-remove-ip-endpoint 
remove /ip endpoint

GitOrigin-RevId: 42ea1ff6db6cba5e74a6e6c133a4d9f2b93d4a2e
 2019-02-11 11:42:10 +00:00
Chrystal Griffiths
cb12e1c6f6 Send an empty string for every nameless user 2019-02-08 15:39:51 +00:00