Commit graph

1121 commits

Author SHA1 Message Date
Brian Gough
e51cdb81bd port leak fixes from smoke-test-sharelatex module 2015-05-26 10:54:55 +01:00
Henry Oswald
f5c39efcac patched xss hole with messages not setting the content type correctly 2015-05-19 11:04:52 +01:00
Brian Gough
3ad517e1c2 Merge pull request #177 from sharelatex/fix-ace-extension-errors
prevent loading error for ace language tools extension in development
2015-05-05 14:47:44 +01:00
Brian Gough
6014085e8e prevent loading error for ace language tools extension in development 2015-05-05 14:33:18 +01:00
Henry Oswald
72af6748c9 Merge pull request #157 from oskanberg/patch-1
Rename 'javscript' to 'javascript'
2015-05-05 14:28:27 +01:00
Henry Oswald
9764ab258b added complex password validation to password resets 2015-04-30 12:05:46 +01:00
Henry Oswald
312c56a24e allow password resets to be performed when site is not public by adding routes into white list 2015-04-30 11:58:26 +01:00
Henry Oswald
a7640b5bbd changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist 2015-04-30 11:57:40 +01:00
Henry Oswald
635f79d2f6 added password strength check to change password 2015-04-28 18:30:19 +01:00
Henry Oswald
f385a7a4b5 open chat links in new window 2015-04-28 16:20:24 +01:00
Henry Oswald
6669884f44 Merge branch 'tpds-cleanup' 2015-04-23 10:06:26 +01:00
Henry Oswald
31a51b73d8 improved linkify so data is correctly sanitized, used inbuilt angular lib
don't know how I missed that last time!
2015-04-22 17:58:33 +01:00
James Allen
af85c83877 Buffer updates when only a single user is editing a document
Add in 5 second delay between flushing updates when only a single user
is editing a document. As soon as an update is received from another user
we switch to sending updates immediately again so there is no latency
between collaborators. The logic applies to individual docs, so two users
can be editing different docs and will still buffer updates since they
will not affect each other.
2015-04-17 11:24:28 +01:00
Brian Gough
396644d314 proposed fix to delete tpds dump files after use 2015-04-15 14:41:38 +01:00
James Allen
5c30a7de67 Add in option for global login requirement (defaults to on) 2015-04-15 11:14:53 +01:00
James Allen
893ff85521 Don't allow password resets for holding accounts 2015-04-14 13:11:49 +01:00
James Allen
33f56b71a2 Remove redundant body parser line 2015-04-14 13:04:49 +01:00
James Allen
8b4ccae60a Read cookie session length from settings file 2015-04-14 13:04:29 +01:00
Brian Gough
0684fa36fd upgrade pdfjs to version 1.0.1040 2015-03-31 14:53:27 +01:00
James Allen
8483f249ee Actually proxy websocket connections 2015-03-20 19:08:48 +00:00
Brian Gough
b0a32b1ef8 make new pdf viewer the default for all users
remove old pdf viewer
2015-03-20 11:28:28 +00:00
James Allen
ff55e4c5ed Merge branch 'private_registration' 2015-03-20 10:34:17 +00:00
James Allen
393169bc2a Create a grunt task to create the admin user 2015-03-19 17:36:50 +00:00
James Allen
e2d515f957 Allow public registration module to hook into email system 2015-03-19 17:19:56 +00:00
James Allen
9b8cf7bcfa Remove public registration and require that a user be registered by an admin 2015-03-19 14:22:48 +00:00
James Allen
d76ef86077 Tell user to contact admin email to register 2015-03-18 16:20:26 +00:00
James Allen
93a088618a Return proper error from registration handler 2015-03-18 16:19:48 +00:00
James Allen
cb948fede2 Move email sending into registration controller 2015-03-18 15:57:01 +00:00
Brian Gough
adb98d05b5 sentry 1.1.16 does not yet support release parameter, use build tag instead 2015-03-18 15:50:26 +00:00
Brian Gough
5d788ca7c5 add grunt version target to report version to sentry
it writes the git commit id and Jenkins build number into the sentry
configuration
2015-03-17 16:59:17 +00:00
Oliver Skånberg-Tippen
5df9f49a4e Rename 'javscript' to 'javascript' 2015-03-10 18:56:46 +00:00
James Allen
0f69ee0f22 Add in proxy for /socket.io so that we don't need to faff with real-time service location 2015-03-09 14:09:09 +00:00
James Allen
bb61dfe34a Show nice error page if socket.io could not be loaded 2015-03-09 13:57:13 +00:00
James Allen
d376acdaa9 Allow an __appName__ parameter in translations 2015-03-09 12:14:30 +00:00
Henry Oswald
97f0fad525 add vat number option to payment form 2015-03-04 18:08:06 +00:00
Henry Oswald
80dc2f9224 send coupon code server side to be applied to users subscription 2015-03-04 17:50:24 +00:00
Henry Oswald
9805c6a9ff doc model no longer has lines or rev in it 2015-03-04 11:10:59 +00:00
Henry Oswald
fe3b9bf07a clients can not rename docs/files/folders to blank name.
Client and server side checks added
2015-03-04 11:10:59 +00:00
Brian Gough
edc83b905c remove circular references when reporting to sentry 2015-03-03 16:41:21 +00:00
Brian Gough
c1cde643ef use send build identifier to clsi only for new pdf viewer
old pdf viewer will continue to use the main ouput.pdf file
2015-03-02 14:59:53 +00:00
Brian Gough
0315954b47 Merge branch 'master' into support-cached-pdfs 2015-03-02 09:20:00 +00:00
Brian Gough
5b9f2e8fc1 pass build id through to clsi when requesting pdf 2015-02-26 16:21:44 +00:00
Henry Oswald
40b30b957a Merge branch 'master' of https://github.com/sharelatex/web-sharelatex 2015-02-24 22:07:43 +00:00
Henry Oswald
161f24ffdf add flag which requires login for /learn 2015-02-24 22:07:36 +00:00
Henry Oswald
387a8b8ae3 hide some forms in user settings if authentication is managed by external system 2015-02-24 13:41:46 +00:00
Henry Oswald
5028665913 ignore errors from https://pstatic.datafastguru.info its malware we have
no control over
2015-02-23 17:29:38 +00:00
Henry Oswald
8638b531a5 fire off register to newsletter on user registration as it can be slow 2015-02-23 16:03:45 +00:00
Henry Oswald
c33956c0af fix jade warnings about missing space, need to escape the module html
insertions a different way. != func rather than !{func}
2015-02-23 10:18:48 +00:00
Henry Oswald
e4121d8a28 forgot comma in ignoreUrls 2015-02-19 11:25:06 +00:00
Henry Oswald
4eed88c1ab broken a err and null check into 2 lines 2015-02-19 10:54:28 +00:00