Commit Graph

6300 Commits (029f2f765e7936e79f66e7ed0896ae0841b3ca9d)

Author SHA1 Message Date
Richard Hansen ed5a635f4c Add `req` to EJS render args when possible
This makes it possible for EJS templates and `eejsBlock_*` hook
functions to access the user's express-session state.
2020-11-02 16:05:01 +00:00
Richard Hansen cf43156390 Remove `src/static/js/jquery.js` from `.gitignore`
That file is checked in so there's no reason to ignore it.
2020-11-02 16:03:58 +00:00
translatewiki.net 127923eb54 Localisation updates from https://translatewiki.net. 2020-11-02 12:40:50 +01:00
Gabriel Medeiros Coelho ce77c48475 remove unnecessary conditional
if animationState evaluates to -1 or 0, it would end up in a conditional that assign its value to itself. Since this is redundant, it is better to remove this conditional, to avoid an extra check
2020-11-01 01:41:09 -05:00
Richard Hansen a95145d12c Merge branch 'master' into develop 2020-11-01 01:34:59 -05:00
Richard Hansen 2c8769a6fd Fix typo in session check (sesion -> session)
(cherry picked from commit 4332affba6)
2020-11-01 01:33:00 -05:00
Richard Hansen 2249b9ae19 SessionManager: Fix session expiration check
This bug was introduced in 8b0baa9679.

(cherry picked from commit 3886e95c83)
2020-11-01 01:33:00 -05:00
webzwo0i b67c9cc136
tests: Speed up and fix travis (#4453)
Various test runner fixes.
2020-10-30 10:40:11 +00:00
Richard Hansen b41d9762fa tests: Clear auth hooks before running import/export unit tests
Also fix some ESLint complaints.
2020-10-29 19:06:24 -04:00
Richard Hansen 03d8882383 tests: Clear auth hooks before running socket.io unit tests 2020-10-29 18:53:10 -04:00
Richard Hansen 4829bb8962 tests: Delete unnecessary `describe()` wrapper 2020-10-29 18:53:10 -04:00
Richard Hansen dbe9151d89 tests: Clear hooks before running webaccess tests
Also factor out common test setup code.
2020-10-29 15:33:05 -04:00
Richard Hansen 6961e0e05b .travis.yml: Factor out common plugin install command 2020-10-29 15:32:32 -04:00
Richard Hansen f6516d62ef .travis.yml: Don't install ep_comments_page
The tests need work.
2020-10-29 15:32:32 -04:00
Richard Hansen 8969b6ba7f .travis.yml: Sort plugins 2020-10-29 15:32:32 -04:00
Richard Hansen ef60a4234d .travis.yml: Wrap long plugin install lines 2020-10-29 15:32:32 -04:00
John McLear d21afba45a
security: lockfile lint check (#4446) 2020-10-29 14:07:36 -04:00
John McLear 99d5c7c943
docs: Migrate from Travis-ci.org to .com 2020-10-28 11:05:33 +00:00
webzwo0i 66a3647579 remove broken async inclusion in tar.json 2020-10-27 20:33:09 +00:00
Richard Hansen 2f65987ba2 webaccess: Remove user's password from session info
This prevents the password from being logged or stored in the
database.
2020-10-27 20:30:01 +00:00
chandi 30b1273853 docs: fix key in padUpdate context 2020-10-26 23:43:09 +00:00
translatewiki.net 50c22f0ae4 Localisation updates from https://translatewiki.net. 2020-10-26 15:56:46 +01:00
Viljami Kuosmanen c502ca3259 Use isHttpError utility provided by http-errors
This new utility method was introduced in http-errors v1.8.0. Let's use
that instead of instanceof. This also upgrades the http-errors dependency
2020-10-25 10:45:58 +00:00
Viljami Kuosmanen aef4cce0c9 Use correct constructor for 404,501 error handlers
Fixes error message mentioned in #4378.
2020-10-25 10:45:58 +00:00
Sebastian Castro 5a1110d0d6 Display outline when toolbar button focused 2020-10-25 10:34:51 +00:00
Richard Hansen 193028702d pad: Don't paste when middle-clicking on a link 2020-10-25 07:06:29 +00:00
Andrew Dassonville bee1ae06d8 utils: Fix commit checking on detached HEAD 2020-10-24 16:22:01 -04:00
John McLear cb5fcbb74e
editor: allow paste into links (#3802) 2020-10-24 16:59:03 +01:00
Richard Hansen 36aceb3aba hooks: Rewrite `callAll` and `aCallAll` for consistency
Rewrite the `callAll` and `aCallAll` functions to support all
reasonable hook behaviors and to report errors for unreasonable
behaviors (e.g., calling the callback twice).

Now a hook function like the following works as expected when invoked
by `aCallAll`:

```
exports.myHookFn = (hookName, context, cb) => {
  cb('some value');
  return;
};
```
2020-10-24 16:08:50 +01:00
Richard Hansen 79119baf58 hooks: Call the callback when done
If a hook function neither calls the callback nor returns a
(non-undefined) value then there's no way for the hook system to know
if/when the hook function has finished.
2020-10-24 16:08:50 +01:00
Richard Hansen 55939a0d7e hooks: Delete unused `flatten` function 2020-10-24 16:08:50 +01:00
John McLear b5c759cbac
tests: remove ep_webrtc for now until it's stable 2020-10-24 15:14:30 +01:00
Wouter bd2343f131 Added nl translations for adminpage 2020-10-23 16:18:57 -04:00
John McLear 9f5fb022b9
Create FUNDING.yml 2020-10-23 20:31:17 +01:00
webzwo0i 069e9997dd
tests: 10 sec maximum wait time for timeslider (#4430) 2020-10-23 12:43:38 +01:00
Wouter b3b3040204
docs: Discord channel link in README (#4429) 2020-10-22 16:39:03 +01:00
webzwo0i 047dfcdee9
tests: relaxed constraint on the number of interval triggers (#4427) 2020-10-22 16:01:51 +01:00
translatewiki.net 73dd3ffdf4 Localisation updates from https://translatewiki.net. 2020-10-22 12:58:59 +02:00
webzwo0i 69c7033a86
tests: refactor some frontend tests (#4408)
* don't include sendkeys in index.html as it's included in helper.init
mocha opts: add default timeout and replace ignoreLeaks with checkLeaks,
as the former is deprecated

* introduce helper.edit to write to a pad

* add test to check if helper.edit() supports line numbers

* helper tests: waitFor/waitForPromise seem to be a little bit faster sometimes

* tests: refactor chat.js

* tests: refactor timeslider_numeric_padID

* tests: refactor timeslider_labels

* tests: refactor timeslider_follow

* ensure followContents is enabled, although it should be by default

* timeslider_follow: increase number of revision for Edge

* make textLines() depend on linesDiv()

Co-authored-by: Richard Hansen <rhansen@rhansen.org>

* make linesDiv return standard Array

* use `contain` instead of `indexOf`

* more fixes from the review

* review fixes

* align waitFor and waitForPromise behaviour

* timeslider_follow: check if it's following to the correct lines

* lower expected waitFor/waitForPromise interval check

* disable responsivness and regression test in timeslider_follow

* timeslider_follow: fix Range detection

* more explicit test for linesDiv

Co-authored-by: Richard Hansen <rhansen@rhansen.org>
2020-10-21 18:43:17 +01:00
chandi 94cb000e8f
plugins: include more data within padUpdate hook (#4425)
* Including more data at pad update event

* docs: new context fields in padUpdate

Co-authored-by: Pedro Beschorner Marin <pedrobmarin@gmail.com>
2020-10-21 18:04:03 +01:00
webzwo0i 1e7a9e1791
tests: better timeslider follow contents (#4421) 2020-10-21 10:05:58 +01:00
Richard Hansen 0eb0a07914 Use an ellipsis instead of two periods 2020-10-20 11:02:37 +01:00
Richard Hansen 2379ade7e9 Move out pad.modals.reconnecttimer trailing space 2020-10-20 11:02:37 +01:00
Richard Hansen 734fe9c297 Use jQuery methods to build DOM elements 2020-10-20 11:02:37 +01:00
Richard Hansen a2554fff22 pad: Pop up an error message dialog box upon socket.io error 2020-10-20 10:01:49 +01:00
Richard Hansen 5b887396c3 pad: Check for null collabClient in socket.io event handlers 2020-10-20 10:01:49 +01:00
Richard Hansen b1acf6143a pad: Delete do-nothing `sendClientReady` wrapper 2020-10-20 10:01:49 +01:00
Richard Hansen a712ce457d gritter: Treat strings as text, not HTML
This forces users to use jQuery or DOM objects if they want
formatting, which helps avoid XSS vulnerabilities.
2020-10-20 10:01:49 +01:00
Richard Hansen 8463134125 pad: Improve rendering of uncaught exceptions
* Use jQuery to build the message HTML so that special characters in
    the error message, URL, etc. are properly escaped. This helps
    avoid XSS vulnerabilities.
  * Use bold text for the error message to make it stand out.
  * Add a line break between the error message and "in <url> at line
    <line>" so that the error message stands out more.
  * Use `<p>...</p>` instead of `</br>` to separate the parts of the
    popup.
  * Use CSS for spacing instead of `</br>`.
  * Grammar fixes (add a missing comma, "at" instead of "in").
2020-10-20 10:01:49 +01:00
Richard Hansen d35dbaaacc gritter: Accept jQuery or DOM objects for title and text
Teach Gritter to accept anything that jQuery's `.append()` method
accepts for the title and text of a popup message. This makes it
easier to safely build HTML messages with proper escaping of special
characters (to prevent XSS vulnerabilities).
2020-10-20 10:01:49 +01:00