Alf Eaton
a5637651b5
Add Content-Security-Policy header ( #3783 )
...
* Add Content-Security-Policy header
* Add nonce attribute to script tags
* Use source-map for webpack devtool
* Add ng-csp attribute when CSP is enabled
* Allow overriding CSP settings with environment variables
* Hook into render and allow routes to disable the CSP header
GitOrigin-RevId: a873736a3514198165f1b2f1e18d002b65f20d30
2021-03-26 03:04:55 +00:00
Jakob Ackermann
7609b741fa
Merge pull request #3768 from overleaf/jpa-xss-10
...
[views] mitigate Angular XSS on password reset page
GitOrigin-RevId: 65f423fcb1a3afff0f396bb8e173d1e1bcff056a
2021-03-18 03:04:45 +00:00
Thomas
2d8167fa0a
Merge pull request #3675 from overleaf/tm-main-landmarks-a11y
...
Add main landmark roles to multiple templates
GitOrigin-RevId: 80ae851fae015b21a3210d71d04287c0c9a3024d
2021-03-05 03:05:00 +00:00
Jessica Lawshe
552fb56b74
Merge pull request #3078 from overleaf/jel-log-password-reset-by-token
...
Update audit log when password reset by token
GitOrigin-RevId: 2ae7f59c5cdf2723e541a99c58c36564cc82adbf
2020-08-13 15:46:10 +00:00
Ersun Warncke
d624c29b6f
remove v1 deps for password change/reset
...
GitOrigin-RevId: be25f19ae589c50bfde0b170860127fa8d6f63b7
2019-07-17 15:09:24 +00:00
Simon Detheridge
82672269c4
Merge pull request #1862 from overleaf/em-json-stringify
...
Globally apply StringHelper.stringifyJsonForScript()
GitOrigin-RevId: 82dc812a43a1e6f389471380a6a430c0a18dcec2
2019-06-17 15:14:25 +00:00
Jessica Lawshe
7666c8a481
Merge pull request #1236 from sharelatex/jel-password-reset
...
Reset password via API request to v1
GitOrigin-RevId: 00b0306ca77df650595a762382a8a63b05a945f6
2018-12-14 16:02:14 +00:00
Shane Kilkelly
57cd54bf55
WIP: migrate from jade to pug
2017-01-20 12:03:02 +00:00