Commit graph

261 commits

Author SHA1 Message Date
Eric Mc Sween
2dbc0e3b3d Merge pull request #11489 from overleaf/em-fix-paypal
Set COOP header to same-origin-allow-popups

GitOrigin-RevId: c8c3751386addb307ee2caf59c228484e8e593c0
2023-01-27 09:05:43 +00:00
Tim Down
9ab12f3b44 Merge pull request #10966 from overleaf/td-add-coop-header
Upgrade Helmet to add some security-related response headers, including COOP

GitOrigin-RevId: fce8538b004f7b3ba6c6ca65ad311957d75b496a
2023-01-24 09:05:27 +00:00
Alf Eaton
8b610d2d1c Use MathJax v3 on the editor page (#11330)
GitOrigin-RevId: 5e51404c54e49735988f399ea080b6cb4be726d3
2023-01-24 09:03:58 +00:00
Miguel Serrano
4a84922a2f Merge pull request #11346 from overleaf/msm-config-history-v1-sp
Configuration changes for FPH in CE/SP

GitOrigin-RevId: 990eb0fa6158d4815740413da085759d2cc5e231
2023-01-20 14:13:46 +00:00
Miguel Serrano
8b723c5363 Merge pull request #11160 from overleaf/msm-replace-uuid-crypto
Replace `uuid`/`node-uuid` with `node:crypto`

GitOrigin-RevId: 1be4f09c4681edac7e8bc58af3b5726d0d5ee322
2023-01-18 15:07:58 +00:00
Eric Mc Sween
f97a543d41 Merge pull request #11255 from overleaf/em-rate-limiter
Introduce rate-limiter-flexible

GitOrigin-RevId: c787397e276fb81015c7d045d191f2ad81ef542d
2023-01-18 09:04:51 +00:00
Mathias Jakobsen
e8c677f7ad Merge pull request #11036 from overleaf/jpa-cdn-blocked-metric
[web] add metric for blocked cdn

GitOrigin-RevId: bee0fa5af0cc3c5d91deb64c8e32bb7e04dbcc2b
2023-01-05 09:04:04 +00:00
Davinder Singh
b7d8fa44b4 Moving out the translate function to helpers folder (#10882)
* Moving out the translate function to helpers

GitOrigin-RevId: 876932308328761bf6b728b3d24a8867d950e9c0
2022-12-22 09:04:27 +00:00
Eric Mc Sween
04d0eabb32 Merge pull request #10772 from overleaf/em-ieee-brand-id
Make the IEEE brand id configurable

GitOrigin-RevId: 3ee286131d6ed8f43247ab1e2954eabec83d75d6
2022-12-07 09:03:58 +00:00
Brian Gough
f8a1da1b47 Merge pull request #10715 from overleaf/jpa-web-share-mongo-pool
[web] share mongo connection pool between Mongoose and native db

GitOrigin-RevId: 8bb2a9dc76880144a8681cb564183906df624cc0
2022-12-02 09:04:02 +00:00
Jakob Ackermann
7fcdd69cee Merge pull request #10735 from overleaf/jpa-mongo-connection-pool-stats
[web] collect metrics for mongo connection pool

GitOrigin-RevId: 71ca95af4e04f124f5ae12c8967ce85d4d9d0428
2022-12-01 09:05:09 +00:00
Jakob Ackermann
648a08b6b8 Merge pull request #10725 from overleaf/jpa-no-cdn-metric
[web] add metric for ?nocdn=true requests

GitOrigin-RevId: 6ca8a5616590f2d4efd8e3d04ef3ae71b67c5b96
2022-12-01 09:05:02 +00:00
Eric Mc Sween
3efcd3e52b Merge pull request #10644 from overleaf/em-chunk-store-mongo
Mongo backend for the history chunk store

GitOrigin-RevId: 8dcfc7e62065785616b7894009368b6acbb4428a
2022-11-29 09:04:40 +00:00
Brian Gough
4589a57774 Merge pull request #10637 from overleaf/bg-delete-user-from-dropbox
delete user data from dropbox

GitOrigin-RevId: d586c73b4500f4fe718927f537ae770356eaefc1
2022-11-29 09:04:33 +00:00
Brian Gough
495dd9016d Merge pull request #10290 from overleaf/bg-clear-feedbacks-collection
add script to clear old messages from mongo feedbacks collection

GitOrigin-RevId: a4986f432a12e801f41ff9bdf11b8771ef2b601f
2022-11-07 09:03:25 +00:00
Simon Detheridge
3d9c8f80f4 Merge pull request #10227 from overleaf/spd-td-opentelementry
Add opentelemetry to dev environment

GitOrigin-RevId: 31a8234197337a264412b411429692525793c8b0
2022-11-01 09:04:53 +00:00
Jessica Lawshe
ebed539e6d Merge pull request #10045 from overleaf/jel-new-css
[web] Load new CSS if split test enabled

GitOrigin-RevId: 87ef524affa58d931b622d2f70ca6dcff7adc53c
2022-10-25 08:03:57 +00:00
Miguel Serrano
74f44e655a Merge pull request #9617 from overleaf/msm-audit-log-collections
Move project/user audit logs to their own collections

GitOrigin-RevId: f6f89b3e2815c0fe5691a79eceb35b77b3c370d8
2022-09-30 08:04:17 +00:00
June Kelly
8f44f69a80 Merge pull request #9679 from overleaf/jk-fix-the-module-system
[web] Fix how imports work in the Module system

GitOrigin-RevId: 00cb3bfa19c6af979216b9d5e6104d489c18244b
2022-09-23 08:04:15 +00:00
June Kelly
73e8fd115b Merge pull request #9466 from overleaf/jk-add-labs-program-for-galileo
[web] Add a new "Overleaf Labs" program, for Galileo

GitOrigin-RevId: 8f6c79c37c1719a59bd8405998cc3de2fd29960d
2022-09-22 08:03:59 +00:00
Alexandre Bourdin
a0fabee3b4 Merge pull request #9245 from overleaf/integration-project-dashboard-react-migration
[Integration branch] Project Dashboard React Migration

GitOrigin-RevId: 3c3db39109a8137c57995f5f7c0ff8c800f04c4e
2022-09-14 08:04:03 +00:00
Miguel Serrano
e414c65028 Disable rolling sessions in web-admin (#9307)
GitOrigin-RevId: 7f098d5222d21187f219c0906757b913890e85e7
2022-09-01 08:03:53 +00:00
Mathias Jakobsen
f5b2cdc3cb Merge pull request #9319 from overleaf/mj-deferred-recurly-email
[web] Use bull queues for deferred cancellation email

GitOrigin-RevId: a104f9940badcffc15f1f237a1cefd5dd912f4e0
2022-08-24 08:04:36 +00:00
Jakob Ackermann
7225f3ea75 Merge pull request #9291 from overleaf/jpa-dropbox-project-id
[third-party-datastore] tracking of dropboxId for project folder

GitOrigin-RevId: fd47441c81ba1a845dac6d34557ceed2dcbdd7fe
2022-08-18 08:03:38 +00:00
Jakob Ackermann
e293c627a1 Merge pull request #9212 from overleaf/jpa-record-dropbox-file-id
[third-party-datastore] start recording dropbox id for docs/files

GitOrigin-RevId: 699fe63994848b65aa4d9cbc7966b867de56eabf
2022-08-12 08:06:04 +00:00
Simon Detheridge
9953822175 Merge pull request #6661 from overleaf/spd-local-tests
Move acceptance test mocks to nonstandard ports and add options for running locally

GitOrigin-RevId: bd8f70ac8d80599daccc51cfe7b90a2ad8d8c3d8
2022-08-10 08:03:45 +00:00
Jakob Ackermann
e5e6be99f8 Merge pull request #9099 from overleaf/jpa-web-graceful-shutdown
[web] introduce graceful shutdown

GitOrigin-RevId: f42793a96f1e0304c57a855241bffa32bb291864
2022-08-05 08:03:27 +00:00
Jakob Ackermann
f11e1a83cd Merge pull request #8776 from overleaf/jpa-drop-service-worker
[web] goodbye service worker

GitOrigin-RevId: ce85d4850faba15c5877ce1f3e78026de30c6eae
2022-07-11 08:03:57 +00:00
Alexandre Bourdin
3d26c4bb6f [web] Add new admin tool for surveys (#8356)
* Setup survey module and admin page skeleton

* Replace survey staff access permission with admin-only

* Manage survey config with admin tool

* Display configurable survey in project list + add preview in admin

* Fix linting errors and unit tests

* Add acceptance tests for survey module

* Move survey-form to survey components

* Add configuration option for Recurly group subscription users on surveys

* Change survey pre-link text to a lighter gray for accessibility

* Cleanup survey options implementation after review

GitOrigin-RevId: 8f621951efeae458d1ab081fe98b8d0d539cca1a
2022-06-23 08:02:37 +00:00
Brian Gough
2970a09d19 Merge pull request #8423 from overleaf/briangough-issue8388
increase lock and timeout for history resync to 6 minutes

GitOrigin-RevId: 2aea0cbc26c92ed0aad8f815ccd41a2abc0b752e
2022-06-20 08:04:03 +00:00
Brian Gough
b6ab0792a9 Merge pull request #8401 from overleaf/bg-use-redis-locker-in-web
extract web LockManager implementation into redis-wrapper

GitOrigin-RevId: 60144d1b1136bab90475cb4b4a6597e1b3f6af22
2022-06-17 08:03:00 +00:00
Eric Mc Sween
fd8bd62f54 Merge pull request #7933 from overleaf/em-analytics-failed-jobs-headroom
Increase the number of retained failed jobs in analytics queues

GitOrigin-RevId: 384a70b46d4eef5e07216664d6f5b94d52ca3152
2022-05-18 08:04:55 +00:00
Jakob Ackermann
f0bd6dda23 Merge pull request #7986 from overleaf/jpa-eslint-8
[misc] upgrade eslint packages to the latest version everywhere

GitOrigin-RevId: f1480d4a171acef82fb26c4aa54be3a6088b0ab3
2022-05-17 08:05:59 +00:00
Eric Mc Sween
e0d91eaa26 Merge pull request #7906 from overleaf/em-downgrade-logs
Downgrade all INFO logs to DEBUG

GitOrigin-RevId: 05ed582ef0721fcada059f0ad158565f50feca27
2022-05-17 08:05:26 +00:00
Timothée Alby
cf2dfc6bf1 Merge pull request #7593 from overleaf/ta-settings-migration
[SettingsPage] Integration Branch

GitOrigin-RevId: 5a3c26b2a02d716c4ae3981e3f08b811ae307725
2022-04-25 08:05:12 +00:00
June Kelly
90303f2f8c Merge pull request #7367 from overleaf/tm-add-singapore-currency-mapping
Add Singapore/Singapore Dollar to currency mappings

GitOrigin-RevId: 1ba2cf35435a8a7ce31ac92c9dd0d92a2cf2e4bf
2022-04-14 08:03:07 +00:00
Jakob Ackermann
58e9194be4 Merge pull request #7471 from overleaf/jpa-read-var
[web] read TPDS_DROPBOX_APP_NAME into the settings

GitOrigin-RevId: 314dd2a750a55d204b03976fb99525d5c90abd4c
2022-04-08 08:05:15 +00:00
Jakob Ackermann
8b8b15bffb Merge pull request #7455 from overleaf/jpa-dropbox-app-name
[web] use an environment specific app name for dropbox

GitOrigin-RevId: 22f8fb911e04f8dd24dc01be9dd3bea9e05fd150
2022-04-08 08:05:08 +00:00
Eric Mc Sween
3235119302 Merge pull request #7228 from overleaf/em-node-16
Upgrade to Node 16

GitOrigin-RevId: 3db1ae57ffb02f8a2b9012ffbb3efecfc01d2b04
2022-04-05 12:20:52 +00:00
Eric Mc Sween
7119141524 Merge pull request #7304 from overleaf/em-split-queues
Split the config for web and analytics queues

GitOrigin-RevId: fa3fc86c874e653649aefad030607105d514a52b
2022-04-05 12:19:32 +00:00
Jakob Ackermann
4d18dcb377 Merge pull request #7210 from overleaf/jpa-switch-to-admin
[web] add a button for switching to the admin domain from www.

GitOrigin-RevId: 7e14b9c1415ef6cad5f369d77530599bac3148e7
2022-04-05 12:19:00 +00:00
Jakob Ackermann
e82a053c85 Merge pull request #6614 from overleaf/jpa-msm-separate-admin-app
[misc] move admin capability from www. to admin. subdomain

GitOrigin-RevId: e0daeacf3c06b856ffb9fd35dce76e71f14e8459
2022-04-05 12:18:24 +00:00
Thomas
76beba4393 Add cookie banner (#6627)
* Add cookie banner

Co-authored-by: Alf Eaton <alf.eaton@overleaf.com>
Co-authored-by: Miguel Serrano <mserranom@users.noreply.github.com>
GitOrigin-RevId: a3625d4e6357ff58c7c47532901c382bedbe07e0
2022-04-05 12:17:25 +00:00
Jakob Ackermann
29aa7c622a Merge pull request #7105 from overleaf/jpa-static-no-csp
[web] remove CSP header from static assets

GitOrigin-RevId: 2f12974f490ff22796ed74c38a466fe4649877c1
2022-03-18 09:03:07 +00:00
Jakob Ackermann
224edddad4 [web] set a default, strict CSP on ALL endpoints (#6271)
* Remove use of CSP_PERCENTAGE

* Move header calculation earlier

* Set a default policy and add comments

* Apply the CSP header to all responses

* Enable CSP in dev environment

* [web] set a default, strict CSP on ALL endpoints

* [misc] enable CSP in dev-env

* Only build the default policy once

* Update docker-compose.yml

* [web] webpack: set default CSP header on webpack assets

This aligns the webpack dev-server with production in nocdn=true mode.

Co-authored-by: Alf Eaton <alf.eaton@overleaf.com>
GitOrigin-RevId: 088a6082ad21c5b3f229887ba0ab3eca8d0528cd
2022-03-18 09:03:01 +00:00
Alf Eaton
4610734f07 Add new fat footer (#6260)
GitOrigin-RevId: 64c50caac2ec8d56b3f49d6f97c8a1c4d4b3a496
2022-03-02 09:02:45 +00:00
Thomas
c47eefae5e Re-add dropbox webhook signature verification and decaf cleanup (#6735)
* Re-apply #6352 dropbox webhook signature verification/ decaf cleanup

* Add verification for Sharelatex legacy dropbox app signature

* Add SL and OL dropbox app secrets to web secrets

GitOrigin-RevId: 0aa2e8371069a09330850218124937d4e03e75bb
2022-03-01 09:04:27 +00:00
Thomas
347649ebaa Merge pull request #6570 from overleaf/revert-6352-tm-dropbox-webhook-signature-verification
Revert "Add dropbox webhook signature verification and decaf cleanup"

GitOrigin-RevId: eb1fab093d7979a010700f0bc3e1e696f3cba6ae
2022-02-02 09:03:18 +00:00
Thomas
7a445eb489 Add dropbox webhook signature verification and decaf cleanup (#6352)
* Decaf: move functions to top level, removing unused vars

* Decaf: fix camelcase identifiers

* Decaf: remove unnecessary code created because of implicit returns

* Decaf: remove next() fallback callbacks

* Decaf: shorten null checks, remove decaf/eslint comments

* Add signature verification for Dropbox webhook

* Add overleaf dropbox app secret to web (staging+prod)

* Add simple acceptance test for dropbox webhook events processing

* Add method for modules to register app middleware prior to bodyParser call, move rawBody middleware to Dropbox module

GitOrigin-RevId: 736f489e2eb5906f7b202c1049c4ce143deea74e
2022-02-02 09:03:03 +00:00
Jakob Ackermann
b2e18c92a6 Merge pull request #6418 from overleaf/ta-ga-optimize-remove
Cleanup Google Optimize

GitOrigin-RevId: d8cf8008179ad2c355c09f06d947fb2b89cf5a3c
2022-01-26 09:03:02 +00:00