Commit graph

2868 commits

Author SHA1 Message Date
Brian Gough
01fd6e9c8a Merge pull request #626 from sharelatex/bg-use-atomic-project-structure-version
use atomic project structure version

GitOrigin-RevId: ac61039a63af3e94fe842031e90e0aac802ff2b8
2019-03-11 11:06:45 +00:00
Douglas Lovell
b9e88c7998 Merge remote-tracking branch 'origin/bg-accept-larger-document-size-on-api-requests'
GitOrigin-RevId: b06511daa7000878646f5cb8132d6077304f5f8c
2019-03-11 11:06:23 +00:00
Douglas Lovell
f090eb6d06 Merge remote-tracking branch 'origin/pr-update-files-to-hash'
GitOrigin-RevId: dec35961f496f14357757248a62fe4c7d7fc1def
2019-03-11 11:06:10 +00:00
Douglas Lovell
ce8695c951 Merge branch 'dcl-i1261b'
GitOrigin-RevId: 2d6c318e12220f39309238a2c7c76650cefa8be6
2019-03-11 11:05:47 +00:00
Simon Detheridge
3553fb2d9d Merge pull request #1581 from sharelatex/spd-wearing-middle
Fix spelling of "middleware"

GitOrigin-RevId: d2b2b20ad8a6871cd6366303e75b340f0f2f2dda
2019-03-11 11:05:12 +00:00
Simon Detheridge
939922485c Merge pull request #1555 from sharelatex/spd-email-escape-html
HTML-escape user-supplied data in HTML emails

GitOrigin-RevId: 7535ee8d0ac2c7c772a175ea5058e8cfc7f20e91
2019-03-11 11:05:01 +00:00
Simon Detheridge
870f183595 Merge pull request #1476 from sharelatex/spd-character-sets
Detect encoding of non-utf8 files and convert during load

GitOrigin-RevId: 1856a42457c52b125793dd001b92a014f358da69
2019-03-11 11:04:22 +00:00
Hugh O'Brien
491c29bad1 Merge pull request #1569 from sharelatex/hb-v2-metrics-email-opt-out
v2 metrics email opt out and last sent tracking

GitOrigin-RevId: d45ac653c26e780dc380883c0ac1da7436bf8c2b
2019-03-11 11:03:39 +00:00
Douglas Lovell
9b6ac8f715 Merge remote-tracking branch 'origin/ta-entity-create-form-fix'
GitOrigin-RevId: e16167515c1c64bb350751fc1e748b719446a5b3
2019-03-11 11:03:28 +00:00
Henry Oswald
b9edc0f414 Merge pull request #1548 from sharelatex/ho-tpds-linode-hosts
read linode_url in for tpdsworker jobs

GitOrigin-RevId: 23d5b36a881e4d96ddc343444802354594d798d7
2019-03-11 11:01:25 +00:00
Simon Detheridge
5d8b8ff012 Merge pull request #1530 from sharelatex/spd-dont-cancel-groups-on-invite
Only prompt for group cancellation if group is personal when accepting invite

GitOrigin-RevId: 921807b25d64f037859d303e28c40cdc12eb7685
2019-03-11 11:00:48 +00:00
Simon Detheridge
838fe00058 Merge pull request #1531 from sharelatex/spd-notify-users-on-affiliation-upgrade
Notify users when affiliations are upgraded

GitOrigin-RevId: 0f9e92b6a49f2ddef559e9e23fc73436910fb9f6
2019-03-11 11:00:01 +00:00
Henry Oswald
d55b38cc05 Merge pull request #1471 from sharelatex/ho-docker2
Move to docker image based builds

GitOrigin-RevId: 992aeaf69bfea4d1847a07c457575a63985d4407
2019-03-11 10:59:20 +00:00
Brian Gough
43899589dc Merge pull request #1514 from sharelatex/bg-avoid-text-html-content-type-in-responses
use explicit json content-type to avoid security issues with text/html

GitOrigin-RevId: 0c8d96a61380231c5f878572ed91b8ab24375f56
2019-03-11 10:58:32 +00:00
Brian Gough
2ab346e762 Merge pull request #1511 from sharelatex/as-inc-linked-file-rev
Increment rev of linked file to fix bug where dropbox not syncing

GitOrigin-RevId: 6779d10f9ed64eeca901590cc888f35382a2b284
2019-03-11 10:58:21 +00:00
Chrystal Maria Griffiths
d52c30f272 Merge pull request #1512 from sharelatex/as-rate-limit-confirm-uni-domain-endpoint
Rate limit confirm university domain endpoint

GitOrigin-RevId: 1d03eec3c0e8208e5f643000693f685957e15442
2019-02-15 13:33:42 +00:00
Chrystal Maria Griffiths
9abea8ae5f Merge pull request #1516 from sharelatex/as-sanitize-team-notice
Show sanitized HTML for team notice on subscription page

GitOrigin-RevId: 20256eed298a709d663bdfd0057e0d8462722a0c
2019-02-15 13:33:28 +00:00
Brian Gough
cc613f4370 Merge pull request #1507 from sharelatex/mm-pubmodal-show-errors
Return error status to the publish modal on export creation error

GitOrigin-RevId: e46e9c1244ee540a4687240e8ecbb14ff36bd2e8
2019-02-14 15:03:42 +00:00
Shane Kilkelly
349d731745 Merge pull request #1493 from sharelatex/sk-read-write-token-match-on-prefix
Constant-time comparison for read-write tokens

GitOrigin-RevId: ddd83de551c540544fde426d7d5aca9f4c83fcc7
2019-02-14 11:09:40 +00:00
Brian Gough
00cdc008d5 Merge pull request #1508 from sharelatex/bg-add-websocket-fallback-option
add fallback to siteUrl if websocket fails

GitOrigin-RevId: fd866d17475cb974e4158ac7a89e972c66f0dd97
2019-02-13 09:20:35 +00:00
Timothée Alby
b39626751a Merge pull request #1499 from sharelatex/ta-open-redirect-fix
Prevent Open Redirects

GitOrigin-RevId: 8cd2ead74de60f47b728ac227c21440281b111a5
2019-02-12 15:47:41 +00:00
Alasdair Smith
9b97af8977 Merge pull request #1403 from sharelatex/as-swap-brand-prefix
Swap brand prefix so OL is the default

GitOrigin-RevId: 60f4f03598fb6befc1ce790d39f546490612a1db
2019-02-12 11:32:28 +00:00
Simon Detheridge
7dcc807caf Merge pull request #1479 from sharelatex/sk-check-read-token-against-v1
Check generated read-tokens against v1

GitOrigin-RevId: 15749a41a295c0401b0a39968f2c3657f8abebb8
2019-02-11 11:42:29 +00:00
Simon Detheridge
c7f30bdfec Merge pull request #1494 from sharelatex/spd-overleaf-v1-oauth-state
Use 'state' parameter to prefent CSRF attacks when authenticating with v1

GitOrigin-RevId: bf5f8ddffa391d8f3ca84d3588df906b08eb018d
2019-02-11 11:42:20 +00:00
Simon Detheridge
ea807d053e Merge pull request #1489 from sharelatex/spd-mendeley-csrf
Enforce use of csrf token in Mendeley / tpr OAuth

GitOrigin-RevId: b615ee195442123e0cd8ff19a864909ac2e6496d
2019-02-11 11:42:15 +00:00
Simon Detheridge
9e07daba0b Merge pull request #1490 from sharelatex/ns-remove-ip-endpoint
remove /ip endpoint

GitOrigin-RevId: 42ea1ff6db6cba5e74a6e6c133a4d9f2b93d4a2e
2019-02-11 11:42:10 +00:00
Ersun Warncke
81e3db260c Merge pull request #1472 from sharelatex/ew-add-close-site-and-private-disconnect-route
Add close site setting and private disconnect all users route

GitOrigin-RevId: d078c053ba4e5f5c048f30f2a6d509966736b3e0
2019-02-06 14:24:52 +00:00
nate stemen
4840d9e9bd Merge pull request #1469 from sharelatex/ns-ta-refresh-features-on-donmain-confirm
refresh features on donmain confirm

GitOrigin-RevId: e1c29f1c590aafefef188ddfbc50654194b0747f
2019-02-05 15:58:58 +00:00
Chrystal Maria Griffiths
f5a6992aaa Merge pull request #1475 from sharelatex/sk-dont-require-login-email-confirmation
Don't require login for email confirmation action

GitOrigin-RevId: 653baa394a8cdc08e4a52681d64fbd18ae34baca
2019-02-04 16:24:52 +00:00
Chrystal Maria Griffiths
2463fef390 Merge pull request #1454 from sharelatex/hb-subscriptions-page-messaging
Subscription page messaging updates

GitOrigin-RevId: c29999d22636dfe11c55b3f6110a38992645fad3
2019-02-04 16:24:35 +00:00
Chrystal Maria Griffiths
e73a7dbe9c Merge pull request #1431 from sharelatex/mm-pubmodal-show-errors
Show export creation errors to the user

GitOrigin-RevId: fc116cfcfc2ca49d19188f01ef7b3460e4619503
2019-02-04 16:24:30 +00:00
Chrystal Maria Griffiths
d9692b7f91 Merge pull request #1168 from sharelatex/cmg-range-prototype
Rich text track changes pt. 1 view changes

GitOrigin-RevId: a50ba1491a46525894b32b87a8c05be0af90084d
2019-01-30 14:07:06 +00:00
Douglas Lovell
dc60d6b630 Merge remote-tracking branch 'origin/as-validate-email-length'
GitOrigin-RevId: 00f46c637a7563443e903f491ec39446dc570b5f
2019-01-29 20:32:28 +00:00
Timothée Alby
9a0dd31d8c Merge pull request #1061 from sharelatex/ja-remove-domain-license-code
Remove deprecated domain license code

GitOrigin-RevId: c9eebe1a657b07b69d618cdb5e73b64782109714
2019-01-29 12:08:29 +00:00
Timothée Alby
bc2ee419eb Merge pull request #1451 from sharelatex/ns-check-institution-users-patch
remove extra emails call in mongo query

GitOrigin-RevId: d64ab2ef72fe7691bc29e56210de0e04743ee917
2019-01-29 12:08:24 +00:00
Timothée Alby
b311f997aa Merge pull request #1444 from sharelatex/ta-ns-check-institution-users
add script to check all if users on institution are upgraded

GitOrigin-RevId: 903f3a65fc038862178a82f43d97a5a4630cf470
2019-01-28 14:38:29 +00:00
Douglas Lovell
d2bccbec25 Merge remote-tracking branch 'origin/sk-admin-panel-projects'
GitOrigin-RevId: 56f17fe3bec6252bd3d933899e540813550a36ff
2019-01-24 12:13:16 +00:00
Douglas Lovell
bd9adbae52 Merge remote-tracking branch 'origin/bg-case-sensitive-import'
GitOrigin-RevId: d8d4fff4b4803f3cae6195ce1b60628cca326296
2019-01-24 12:13:11 +00:00
Alasdair Smith
f32ecc744c Merge pull request #1425 from sharelatex/spd-rate-limit-on-project-upload
Add rate limit on project upload

GitOrigin-RevId: e2da5fb1815d85d8e82fe2f4498786f1fc5b5727
2019-01-22 11:38:59 +00:00
Alasdair Smith
3af1ef48c2 Merge pull request #1423 from sharelatex/as-fix-non-existent-v1-token
Fix import page showing for non-existent v1 token

GitOrigin-RevId: cdce007b64d153505a15ec7b16fb4b9311ebf11b
2019-01-22 11:38:55 +00:00
Ersun Warncke
ef9875c5a6 Merge pull request #1427 from sharelatex/ew-recaptcha
add recaptcha validate middleware to reg and add recaptcha v3

GitOrigin-RevId: 35375b7887832b40bc570cf848cab9c62243443b
2019-01-21 17:27:54 +00:00
Simon Detheridge
64f69529e0 Merge pull request #1406 from sharelatex/spd-more-rate-limits
Add additional rate limits to prevent resource-exhaustion attacks

GitOrigin-RevId: 428cf8a16e062267dd92e7fba73ef5c192a8e668
2019-01-18 10:37:18 +00:00
Brian Gough
205da19173 Merge pull request #1408 from sharelatex/bg-increase-timeout-on-clone-project
increase timeout for cloning project to 5 minutes

GitOrigin-RevId: 949c7553f331573b391ff37f180e80b60c260cf5
2019-01-16 13:17:46 +00:00
Ersun Warncke
330f878085 Merge pull request #1378 from sharelatex/ew-post-logout
POST logout instead of GET

GitOrigin-RevId: b502a6ed945acd336d1a921e5c4c5433d8b7c7b7
2019-01-15 16:48:00 +00:00
Brian Gough
f1179f0fa7 Merge pull request #1384 from sharelatex/bg-use-queued-lock
use queued locks

GitOrigin-RevId: b5a3bfb55af201392a50ffb3fe30e740e56da30d
2019-01-15 10:55:32 +00:00
Brian Gough
724e2e8fcd Merge pull request #1344 from sharelatex/bg-handle-filestore-errors
handle non-sucess responses from filestore copy

GitOrigin-RevId: f00766066a5a2cf20116aa9c8d876f78fae8953f
2019-01-15 10:55:27 +00:00
Simon Detheridge
da6711dc99 Merge pull request #1275 from sharelatex/hb-authorization-flags
Authorization flags for metrics

GitOrigin-RevId: 651587c11317bfc8bb7b1e8143e8c2c820683cb5
2019-01-11 14:44:17 +00:00
Simon Detheridge
4c191953d3 Merge pull request #1356 from sharelatex/spd-password-complexity
Make password validation more consistent between backend and frontend

GitOrigin-RevId: 6ba729da842bf474cf7e9b5e0b2435db0544737c
2019-01-11 14:43:49 +00:00
Simon Detheridge
a107b0cc33 Merge pull request #1380 from sharelatex/ew-fix-project-getter-error
fix callback is not a function error

GitOrigin-RevId: 1bbe80f4086a17576f21ca9fc7b96f59d1b0614c
2019-01-11 14:43:34 +00:00
Simon Detheridge
4360a55fdc Merge pull request #1383 from sharelatex/spd-rate-limits
Add rate limits to email-related endpoints

GitOrigin-RevId: 05a8b40eb65a55aba35788e2401e6988b672b389
2019-01-11 14:43:29 +00:00