Brian Gough
85eab2e967
modify DispatchManager test to allow for slow shutdown
2015-05-19 14:23:32 +01:00
Henry Oswald
f5c39efcac
patched xss hole with messages not setting the content type correctly
2015-05-19 11:04:52 +01:00
Henry Oswald
47d4ed9631
Merge branch 'master' of https://github.com/sharelatex/web-sharelatex
2015-05-18 16:10:07 +01:00
Henry Oswald
2bc39ddf0b
added sigma.js lib used for module spike
2015-05-18 16:09:47 +01:00
Brian Gough
3051d7dab6
modify LockManager test to avoid dependence on timing
2015-05-18 09:14:28 +01:00
Brian Gough
57f6919485
modify LockManager test to avoid dependence on timing
2015-05-18 09:03:51 +01:00
Brian Gough
e379068fa3
upgrade sequelize and mysql
2015-05-15 16:58:27 +01:00
Brian Gough
6ebcd9e8fd
add indexes to db
2015-05-15 16:28:35 +01:00
Brian Gough
66fc2715dc
clean up error handling in UrlFetcher
2015-05-15 16:28:11 +01:00
Brian Gough
608b1dd657
replace deprecated send(code,body) calls
2015-05-15 16:27:39 +01:00
Brian Gough
aa32cbc1ee
clean up stream handling for file copy
2015-05-15 16:25:49 +01:00
Brian Gough
56f1ffa067
only run qpdf for the main output.pdf file
...
was previously matching any pdf file, which caused it to run for
embedded pdf figures produced during the mklatex run
2015-05-15 16:23:58 +01:00
Winston Li
98007ae64c
Merge pull request #11 from overleaf/fix-delete-directory-apart-from-npe
...
avoid NPE if project directory does not exist; fixes #10
2015-05-15 12:34:44 +01:00
James Allen
844b75cd21
Merge pull request #181 from dpasqualin/master
...
Update bcrypt to 0.8.3
2015-05-15 10:53:58 +01:00
Henry Oswald
9329249bc9
Revert "reduce memory capture in http logger"
...
This reverts commit fc2e043b20204e04f240814d4efc05762db7df96.
Had to revert this because req.route.path is not set until a matching
route has been hit, so it was always null inside res.end meaning
statsd data was never sent over.
This commit did not actually stop the memory leak so reverting it
has not short term repocusion
2015-05-14 16:14:24 +01:00
Henry Oswald
7dfdad02f5
change regex checking file request ensure other files can not be accessed
2015-05-12 15:18:09 +01:00
Diego Giovane Pasqualin
7c6ed0ff77
Update bcrypt to 0.8.3
...
This new version compiles successfully on nodejs newer than 0.10.
2015-05-11 16:43:29 -03:00
Brian Gough
1bb7ae3996
always remove the spinner, even if it is not spinning
2015-05-11 14:12:24 +01:00
Brian Gough
604c31ae84
additional validation of requests
2015-05-11 12:10:13 +01:00
Brian Gough
92836f49fc
avoid unnecessary spell checks on session change
2015-05-11 10:07:11 +01:00
Henry Oswald
8fc41e9e05
added templateLinks property to example config for ShareLaTeX server pro
2015-05-10 13:10:03 +01:00
Brian Gough
8ebbacee5a
move pipe after error handler setup
2015-05-08 15:19:45 +01:00
Brian Gough
7e9f8b885b
add support for public files
2015-05-08 15:15:48 +01:00
Brian Gough
3ad517e1c2
Merge pull request #177 from sharelatex/fix-ace-extension-errors
...
prevent loading error for ace language tools extension in development
2015-05-05 14:47:44 +01:00
Brian Gough
6014085e8e
prevent loading error for ace language tools extension in development
2015-05-05 14:33:18 +01:00
Henry Oswald
72af6748c9
Merge pull request #157 from oskanberg/patch-1
...
Rename 'javscript' to 'javascript'
2015-05-05 14:28:27 +01:00
Brian Gough
23e3b279c1
use the latest versions of metrics and smoketest modules
2015-05-05 10:54:59 +01:00
Brian Gough
1e0a991fcd
reduce memory capture in http logger
...
only capture the properties of 'req' that we need, to avoid leaking
the whole req object for responses that never call res.end()
2015-05-05 10:50:59 +01:00
Brian Gough
f7d6c9de31
avoid leak when calling chai.should() repeatedly in smoke test
2015-05-05 10:03:17 +01:00
Brian Gough
b08349e07c
disable sequelize logging by default
...
prevent any leaking of objects to console during debugging
2015-05-05 10:03:17 +01:00
Henry Oswald
d862227314
make startup message consistent
2015-04-30 16:01:22 +01:00
Henry Oswald
91d0f0f2f8
make startup message consistent
2015-04-30 15:07:48 +01:00
Henry Oswald
b37d0dd08a
make startup message consistent
2015-04-30 15:07:11 +01:00
Henry Oswald
800666fcb5
make startup message consistent
2015-04-30 15:05:49 +01:00
Henry Oswald
42e7d5d4b6
make startup message consistent
2015-04-30 15:05:31 +01:00
Henry Oswald
d5f98c9800
make startup message consistent
2015-04-30 15:04:55 +01:00
Henry Oswald
73a73adf62
make startup message consistent
2015-04-30 15:04:26 +01:00
Henry Oswald
b9ceece112
make startup message consistent
2015-04-30 15:03:26 +01:00
Henry Oswald
bb071e99fa
make startup message consistent
2015-04-30 15:03:07 +01:00
Henry Oswald
9764ab258b
added complex password validation to password resets
2015-04-30 12:05:46 +01:00
Henry Oswald
312c56a24e
allow password resets to be performed when site is not public by adding routes into white list
2015-04-30 11:58:26 +01:00
Henry Oswald
a7640b5bbd
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
2015-04-30 11:57:40 +01:00
Brian Gough
6a347a0ebe
remove debugging from tests
2015-04-29 16:05:49 +01:00
Brian Gough
76cd52af70
prevent leak of urlStream on failed downloads
2015-04-29 16:05:49 +01:00
Brian Gough
bb9944e618
log errors when downloading files and clean up failed downloads
2015-04-29 16:05:49 +01:00
Brian Gough
72918fb41b
invalidate the cache if there is an error copying a file
2015-04-29 15:54:38 +01:00
Brian Gough
56b77c300c
log errors when copying files from cache
2015-04-29 15:54:08 +01:00
Henry Oswald
635f79d2f6
added password strength check to change password
2015-04-28 18:30:19 +01:00
Henry Oswald
65b91930d1
field != feild
2015-04-28 17:50:06 +01:00
Henry Oswald
11a5c009a6
make default password rules very permisive
2015-04-28 17:42:30 +01:00