Commit graph

2600 commits

Author SHA1 Message Date
Alf Eaton
a5637651b5 Add Content-Security-Policy header (#3783)
* Add Content-Security-Policy header
* Add nonce attribute to script tags
* Use source-map for webpack devtool
* Add ng-csp attribute when CSP is enabled
* Allow overriding CSP settings with environment variables
* Hook into render and allow routes to disable the CSP header

GitOrigin-RevId: a873736a3514198165f1b2f1e18d002b65f20d30
2021-03-26 03:04:55 +00:00
Alf Eaton
116f167a6f Merge pull request #3813 from overleaf/ae-user-has-feature-follow-up
Fix React attributes for Add Files modal

GitOrigin-RevId: 8254cdd14accdd8ead710d75a3ad4df75fc05134
2021-03-26 03:04:52 +00:00
Alf Eaton
974fe8fd39 Remove optional hyphens from pug templates (#3788)
GitOrigin-RevId: 2d31719a6aaefb85bba323d65ed66bdb06ec8928
2021-03-25 03:05:05 +00:00
Alf Eaton
54e6053cf9 Fix some aria-hidden attributes (#3790)
GitOrigin-RevId: a48086c01abd937b2e03ced38e8baf6c67753f56
2021-03-25 03:05:01 +00:00
Alf Eaton
ee79728bf9 Only check a user's features for importing from reference provider (#3797)
GitOrigin-RevId: cc5a36be20c673f8941a2694eaeba80eebb4db6a
2021-03-25 03:04:57 +00:00
Paulo Jorge Reis
3f0e897e32 Logs UI variant without popup (#3794)
* Add logs UI without pop-up variant

* Implement frontend for logs UI without pop-up

* Add logs UI variants to admin panel and front user info

* Fix existing UI subvariant window global

GitOrigin-RevId: 075db56032354d782e489b5235925f55b1a67e0b
2021-03-24 03:04:41 +00:00
Jakob Ackermann
535c97e8cf Merge pull request #3774 from overleaf/jpa-meta
[frontend] import meta tag processing from das7pads fork

GitOrigin-RevId: ca74ff9fbbcb51091a626a45468ff3d24d6136ca
2021-03-23 03:05:12 +00:00
Paulo Jorge Reis
15f49994bd New compile UI autocompile (#3762)
* Animate recompile button when autocompile is waiting

* Add code-check failed notice to the new compile UI

GitOrigin-RevId: 83b62f41438e8e5b94bd893c222bec37745c0f57
2021-03-19 03:04:50 +00:00
Alf Eaton
ba4300d9e1 Merge pull request #3518 from overleaf/ae-react-create-file-modal
Migrate "Add Files" modal to React

GitOrigin-RevId: fc5235108ee65294e3176da9c327791c34aa5b3c
2021-03-19 03:04:46 +00:00
Jakob Ackermann
1e2ed05bed Merge pull request #3760 from overleaf/jpa-xss-5
[views] mitigate Angular XSS on new project from template POST gateway

GitOrigin-RevId: a19de060cad0baf2822d1b6df419bbe1a2361ea4
2021-03-18 03:04:54 +00:00
Jakob Ackermann
f353728bda Merge pull request #3755 from overleaf/jpa-xss-2
[views] mitigate Angular XSS via email/new_email

GitOrigin-RevId: 3d127c283ba9f97c5b0e6c53a9d77f7f597058bb
2021-03-18 03:04:50 +00:00
Jakob Ackermann
7609b741fa Merge pull request #3768 from overleaf/jpa-xss-10
[views] mitigate Angular XSS on password reset page

GitOrigin-RevId: 65f423fcb1a3afff0f396bb8e173d1e1bcff056a
2021-03-18 03:04:45 +00:00
Jakob Ackermann
8766c23abb Merge pull request #3767 from overleaf/jpa-xss-9
[views] mitigate Angular XSS in email confirmation post gateway

GitOrigin-RevId: 11cd752d520054e448b3eeea431fe27f3c02fa00
2021-03-18 03:04:41 +00:00
Jakob Ackermann
115fe20184 Merge pull request #3766 from overleaf/jpa-xss-8
[views] mitigate Angular XSS in affiliations section of user settings

GitOrigin-RevId: bad444cea136c51f54546770653f21cec6fa70e3
2021-03-18 03:04:38 +00:00
Jakob Ackermann
58841ecbe9 Merge pull request #3765 from overleaf/jpa-xss-6
[views] mitigate Angular XSS in subscription dashboard

GitOrigin-RevId: 4ac0c431d520957aabd53436ae29a30c2aef3870
2021-03-18 03:04:34 +00:00
Jakob Ackermann
18eea6d024 Merge pull request #3763 from overleaf/jpa-xss-7
[views] mitigate XSS on new subscription page

GitOrigin-RevId: 74baa58527aa9b2f9e434c280885b627f73898b6
2021-03-13 03:05:14 +00:00
Alf Eaton
d9576189a3 Merge pull request #3636 from overleaf/ae-share-modal-split
Migrate Share modal to React

GitOrigin-RevId: 96a52df6ffd751cfcca2bbb68eb9e7a6dc31ff28
2021-03-13 03:05:10 +00:00
Miguel Serrano
a555f0d309 [ReactNavToolbar] Project name + pdf and share project buttons (#3709)
* Added project name, pdf toggle and share project buttons to navigation toolbar

* Added PropTypes check to `useChatContext()`

* React context updates for project name/rename, pdf view and share moda

* Hide PDF button when pdfLayout != 'flat'

GitOrigin-RevId: 3f4a1b072259df7148d3417cd22116702bdd79ac
2021-03-11 03:05:33 +00:00
Alexandre Bourdin
8001e55b88 Merge pull request #3716 from overleaf/ta-tried-to-confirm-saml
Show Descriptive Error Mesage When Trying To Confirm SAML Email

GitOrigin-RevId: bb816d3774c18f2952851affb1f8d7c174570ba1
2021-03-11 03:05:08 +00:00
Thomas
fc4f71a0c0 Merge pull request #3704 from overleaf/jel-reconfirm-disable-btn
Disable "Make Primary" button when reconfirmation needed

GitOrigin-RevId: df821185ce84c64ed1a8f4d413dd35ef18aa9e0c
2021-03-09 03:04:43 +00:00
Thomas
99834f0d7e Merge pull request #3738 from overleaf/jpa-fix-xss-registration
[misc] fix angular xss on user registration page

GitOrigin-RevId: 5dcc2aa0212371f154fba563d21018379292b9fe
2021-03-09 03:04:40 +00:00
Alf Eaton
59f6f34083 Merge pull request #3710 from overleaf/ae-refactor-hotkeys-modal
Refactor "HotKeys" modal

GitOrigin-RevId: 1df86322bac229bb04092e872300e5f1ee4cbddc
2021-03-06 03:04:46 +00:00
Alf Eaton
1707a2555b Merge pull request #3705 from overleaf/ae-refactor-clone-modal
Refactor "Copy Project" modal

GitOrigin-RevId: b6039d57c29c04a7cd20dd4a2ab5216d485c05ed
2021-03-06 03:04:39 +00:00
Thomas
2d8167fa0a Merge pull request #3675 from overleaf/tm-main-landmarks-a11y
Add main landmark roles to multiple templates

GitOrigin-RevId: 80ae851fae015b21a3210d71d04287c0c9a3024d
2021-03-05 03:05:00 +00:00
Alasdair Smith
dc9841cb69 Merge pull request #3723 from overleaf/as-fix-team-invite-xss
Prevent stored XSS on team invite page

GitOrigin-RevId: 0f79b96efcb86d121654a95da52da1c40550d3ae
2021-03-05 03:04:42 +00:00
Alf Eaton
869bdf89e0 Merge pull request #3722 from overleaf/as-fix-project-invite-xss
Prevent stored XSS on project invite page

GitOrigin-RevId: ada89c46d62e64d794edacc9be3c08b622ce433c
2021-03-05 03:04:39 +00:00
Alf Eaton
248e860757 Merge pull request #3721 from overleaf/as-fix-register-xss
Prevent XSS on registration page

GitOrigin-RevId: 93e5a345752c3c5c42f488d9c75c70a9036bf53c
2021-03-05 03:04:35 +00:00
Brian Gough
bc4f5a687a Merge pull request #3682 from overleaf/bg-check-maintenance-file
check maintenance file periodically to close site

GitOrigin-RevId: 8e29f40a23df96198c6e4603ede2bab852b98740
2021-02-26 03:04:07 +00:00
Miguel Serrano
d55e46d3c0 Merge pull request #3642 from overleaf/msm-history-track-changes-toggles
[ReactNavToolbar] Track changes and History toggle buttons.

GitOrigin-RevId: a67a9a488c0960dba3f3d374cde4db0080ed2952
2021-02-24 03:04:17 +00:00
Eric Mc Sween
e5c49ea19a Merge pull request #3681 from overleaf/em-group-plans
Configure group plans for additional licenses

GitOrigin-RevId: 57822de9f490505c4b083afa80220e4d5b4c7d23
2021-02-23 03:04:43 +00:00
Eric Mc Sween
2138bd2a80 Merge pull request #3680 from overleaf/as-em-tm-remove-uiconfig
Remove unused uiConfig global variable from frontend and tests

GitOrigin-RevId: 390abdc097cd9904f7a1c1849e58baf70bea5c72
2021-02-23 03:04:39 +00:00
Jessica Lawshe
0f7b268cdf Merge pull request #3683 from overleaf/bg-admin-open-editor
Allow admin to reopen editor after closing

GitOrigin-RevId: 9bf0c4234a9d510785aa4bddbb9f239d678ba503
2021-02-23 03:04:31 +00:00
Jessica Lawshe
37e3ff4310 Merge pull request #3630 from overleaf/jel-ui-reconfirm-portal
Show reconfirm notification on the portals

GitOrigin-RevId: 3899edce2699ce7206bc264f9b58bc790d80dd3d
2021-02-23 03:04:24 +00:00
Jessica Lawshe
54c471bc1c Merge pull request #3629 from overleaf/jel-ui-reconfirm-dash
Show reconfirm notification on the dash

GitOrigin-RevId: 4640513a299853a63c5f36b3e11b41ee66af61de
2021-02-23 03:04:20 +00:00
Jessica Lawshe
ddb6163b65 Merge pull request #3623 from overleaf/jel-ui-reconfirm-settings
Add reconfirm UI to settings

GitOrigin-RevId: cf9c4648cab07784782e24d752154089dc32196a
2021-02-23 03:04:17 +00:00
Timothée Alby
cbd4df6e29 Merge pull request #3669 from overleaf/ta-file-tree-history-fix
[ReactFileTree] Use Angular File Tree for v1 History

GitOrigin-RevId: a5deb9e6412f2176f74f74e33149a3a2359f8ff6
2021-02-19 03:04:25 +00:00
Timothée Alby
6e8a4e70dd Merge pull request #3641 from overleaf/ta-saml-integration
SAML Misc Changes

GitOrigin-RevId: 89fe8704d8effb6299d841be00efc653f6800fab
2021-02-19 03:04:18 +00:00
Eric Mc Sween
1c0b897835 Merge pull request #3638 from overleaf/em-dropbox-duplicate-projects
Unlink Dropbox when two projects have the same name

GitOrigin-RevId: b16dbeb6841eaebd8553884eebc87e681d17a9c8
2021-02-18 03:05:12 +00:00
Eric Mc Sween
c79d9ce8c5 Merge pull request #3672 from overleaf/em-wfh2021
Updated notifications for WFH2021

GitOrigin-RevId: cfe50f04f1a837b070fcbf1486071ef1ff490ff0
2021-02-18 03:05:08 +00:00
Thomas
126c9c02a8 Merge pull request #3654 from overleaf/tm-remove-v1-connection-error-message
Remove V1 connection error warning from projects dashboard

GitOrigin-RevId: 0820adfe385362f2854381bce94db8e953251573
2021-02-17 03:04:10 +00:00
Miguel Serrano
d78644e02c Merge pull request #3632 from overleaf/msm-navbar-collaborator-widget
[ReactNavToolbar] Collaborators widget

GitOrigin-RevId: 65f2484962591103f02eb7624a974d0806b1abf0
2021-02-11 03:04:36 +00:00
Miguel Serrano
260b878b7d [ReactNavToolbar] Chat Toggle Button + chat-context (#3625)
* Added toggle chat button to navigation header

* new `useBrowserWindow` hook to work with browser title and focus

* react2angular chat toggle button plumbing

GitOrigin-RevId: 4380f1db9c7cc9a25bfb8d7a33e18d61b1d32993
2021-02-10 03:04:39 +00:00
Hugh O'Brien
8d88b4ab5f Merge pull request #3574 from overleaf/hb-admin-improvements
Fix spacing issue on subscriptions page

GitOrigin-RevId: 7f071cb3050d93781c853a175512cd29caf9d594
2021-02-04 03:04:28 +00:00
Jessica Lawshe
2dd860c431 Merge pull request #3581 from overleaf/jel-dash-consolidate-emails-requests
Consolidate emails requests on the dashboard

GitOrigin-RevId: acfaf92dee257712e1eb3ffbf75b536fd1619e1d
2021-02-03 03:05:11 +00:00
Jessica Lawshe
2c200d9e76 Merge pull request #3587 from overleaf/jel-ip-notification-sso
Enable SSO auto-link via IP matcher notification

GitOrigin-RevId: 292a13f8ed7f82987e0583c8d404073e1224daea
2021-02-03 03:05:05 +00:00
Jessica Lawshe
2bef6cd2e5 Merge pull request #3605 from overleaf/jel-disabled-delete-primary
Add disabled delete button for the primary email

GitOrigin-RevId: 8cb3285bdfce0909796ae60c13d8e8ebb1236d00
2021-02-03 03:05:00 +00:00
Paulo Jorge Reis
a31e8a7525 Add address and postal code to the payment form (#3604)
* Add address and postal code fields to the payment form

* Add validation styling for address line 2

GitOrigin-RevId: fe5467f1b3de608ccac4d9fa9fae861528b8cb2f
2021-02-02 03:04:25 +00:00
Miguel Serrano
37d45d64b3 [ReactNavToolbar] Integration branch (#3513)
* Created ng-controller for react shared context and set editor.loading

* toolbar-header component with menu button (and story)

* Added editor-navigation-toolbar-root and react2angular plumbing

* Added eslint-disable exception to use <a/> instead of <button/>

* added 'menu' to extracted translation

* [ReactNavToolbar] Added cobranding and back to projects buttons (#3515)

GitOrigin-RevId: 27c3bba85cbc96a123d58c66a0bd5d6a2cfd8aca
2021-01-28 03:05:28 +00:00
Alf Eaton
0d349aa4b1 Call buildCssPath with empty string for default template (#3594)
* Call buildCssPath with empty string for default template

Call buildCssPath with an empty string instead of null for the default template

* Remove unused options argument

This means we can also remove the empty strings for the themeModifier arg,
instead passing undefined, to get the default arg

GitOrigin-RevId: 78cd14ae7ab9d58f66c27cb54477d24b4bd494c7
2021-01-28 03:04:52 +00:00
Eric Mc Sween
78b7c8de9b Merge pull request #3558 from overleaf/pr-logs-ui-beta-icon
Logs UI beta icons

GitOrigin-RevId: 2d22dea3625ed24b87a1ae9e48cbbe77ad8a1827
2021-01-22 03:04:55 +00:00