Commit Graph

193 Commits (913d5fd0d991d665efbb26cadc6b354b6b0c4704)

Author SHA1 Message Date
muxator 5acbdb83e5 docker: allow to control import/export rate limiting parameters
The newly introduces environment variables are IMPORT_EXPORT_RATE_LIMIT_WINDOW
and IMPORT_EXPORT_MAX_REQ_PER_IP.
2020-04-14 03:36:13 +02:00
muxator f5d9b94ca1 docker: allow to control the maximum file size of an import via IMPORT_MAX_SIZE 2020-04-14 03:36:13 +02:00
muxator 684f374ece runtime: require node >= 10.13.0 LTS
At the moment, NodeJS 10.x is the lowest supported LTS version. NodeJS 8.x is no
longer supported upstream.

Implements #3835.
Planned in #3650.
2020-04-09 04:43:37 +02:00
Paul Tiedtke 79406051fa Settings.js: support newlines in default values when using variable substitution
This allows, among other things, to correctly support the configuration of
defaultPadText in Docker via an environment variable.
2020-04-07 04:32:37 +02:00
Chocobozzz 82b919fc65 api: add getStats() function 2020-04-04 22:03:46 +02:00
Viljami Kuosmanen e821bbcad8 openapi: add documentation, small optimisation 2020-04-03 01:03:11 +02:00
Neil Oosten 7a999ee398 hooks: allow to set the duration of the gritter notification when a new chat message arrives
This is done adding a new "duration" parameter to the chatNewMessage() client
side hook.
2020-03-27 02:39:29 +01:00
muxator 8a01a5e437 doc: fix numbering in chatNewMessage() client hook parameters
This was originally introduced in bcb92f25a6 ("Refactor chat notifications and
the chatNewMessage hook") from 2013-03-19.
2020-03-27 02:39:29 +01:00
John McLear 6fd2bf4472 hooks: introduce goToRevisionEvent(), a new client-side hook
This hook gets fired both on timeslider load (as timeslider shows a new
revision) and when the new revision is showed to a user.
2020-03-24 23:46:17 +01:00
Pierre Prinetti 0b3cf7cc96 docker: Add Run with volume example
Supersedes https://github.com/ether/etherpad-lite/pull/3631

Co-authored-by: RaymondCavallaro <RaymondCavallaro@users.noreply.github.com>
2019-12-25 00:48:30 +01:00
muxator a817acbbcc security: when served over https, set the "secure" flag for "express_sid" and "language" cookie
The mechanism used for determining if the application is being served over SSL
is wrapped by the "express-session" library for "express_sid", and manual for
the "language" cookie, but it's very similar in both cases.

The "secure" flag is set if one of these is true:

1. we are directly serving Etherpad over SSL using the native nodejs
   functionality, via the "ssl" options in settings.json

2. Etherpad is being served in plaintext by nodejs, but we are using a reverse
   proxy for terminating the SSL for us;
   In this case, the user has to be instructed to properly set trustProxy: true
   in settings.json, and the information wheter the application is over SSL or
   not will be extracted from the X-Forwarded-Proto HTTP header.

Please note that this will not be compatible with applications being served over
http and https at the same time.

The change on webaccess.js amends 009b61b338, which did not work when the SSL
termination was performed by a reverse proxy.

Reference for automatic "express_sid" configuration:
https://github.com/expressjs/session/blob/v1.17.0/README.md#cookiesecure

Closes #3561.
2019-12-07 04:36:01 +01:00
muxator 30fd53f1fd docker: move docker/settings.json to /settings.json.docker 2019-11-08 23:50:50 +01:00
Pierre Prinetti dc15f4a43c docker: build from the local working directory
With this change, the Dockerfile builds the Docker image from the code
checked out in the local filesystem, instead of downloading a revision
from git.

Implements #3657
2019-11-08 22:56:30 +01:00
muxator c008ee36bd docker: incorporate the docker docs into the official documentation
This also means increasing the indentation level.
2019-11-08 23:17:34 +01:00
muxator 312c72c364 formatting: bulk remove trailing whitespaces
Do not touch vendorized files (e.g. libraries that were imported from external
projects).

No functional changes.

Command:
    find . -name '*.<EXTENSION>' -type f -print0 | xargs -0 sed -i 's/[[:space:]]*$//'
2019-10-20 02:09:22 +02:00
Ray Bellis fc661ee13a core: allow URL parameters and POST bodies to co-exist.
Node 8.14.0 prohibits HTTP headers that exceed 8 KB (source:
https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/#denial-of-service-with-large-http-headers-cve-2018-12121).

This patch allows for the parameters within the body of an HTTP POST request to
be used in addition to those within the URL (and will override them).

Closes #3568.

---
Muxator 2019-10-19:
- this commit was cherry-picked from 882b93487f
- it was modified to include the necessary changes in the documentation
2019-06-27 00:52:53 +02:00
muxator 705cc6f5e4 Change everywhere the link to https://etherpad.org (it was plain http) 2019-04-16 00:54:54 +02:00
muxator 9d35d15ae3 node8: require nodejs >= 8.9.0, npm >= 6.4
Next version will be Etherpad 1.8. As planned in #3424, we are going to require
NodeJS >=8.9.0 and npm >= 6.4.

This commit implements that change and updates documentation and scripts.
Subsequent changes will get rid of old idioms, dating back to node < 0.7, that
still survive in the code.
Once migrated to NodeJS 8, we will be able to start working on migrating the
code base from callbacks to async/await, greatly simplifying legibility (see
#3540).

Closes #3557
2019-02-19 22:01:12 +01:00
muxator 4f0a2785da release: prepare for 1.7.5
Written the changelog and updated package.json.
2019-01-26 00:16:03 +01:00
HairyFotr fce55df2b7 Fix typos 2019-01-16 11:14:04 +01:00
muxator aca8fae682 easysync-full-description: regenerate the pdf document
The .tex source was updated to fix some typos, but the corresponding pdf was not
regenerated.

Command used to generate the pdf:
  pdflatex easysync-full-description.tex

The incorporated changes are:
- 49114d2b7a (2014-06-01)
- c7548450c0 (2017-09-14)
2018-12-09 15:56:17 +01:00
muxator 66d87babfa doc: passwordHash does not contain a bcrypted password, but a salted sha512 sum
The documentation was written on 2011-08-03:
    31067f163f17: added a documentation for the database structure

The implementation using sha512 instead of bcrypt was committed two days later,
on 2011-08-10:
    ce1012438ef8: added setPublicStatus, getPublicStatus, setPassword and isPasswordProtected
2018-11-05 22:45:00 +01:00
muxator 23eab79946 pad.html: for each client plugin, add a class to #editorcontainerbox
This commit implements the following behaviour:

1. adds a function clientPluginNames() to hooks.js (mimicking what is done in
   static.js), which returns an array containing the list of currently installed
   client side plugins. The array is eventually empty.

2. calls that function in pad.html at rendering time (thus server-side) to
   populate a class attribute.

Example results:
- with no client-side plugins installed:
  <div id="editorcontainerbox" class="">

- with some client-side plugins installed:
  <div id="editorcontainerbox" class="ep_author_neat ep_adminpads">

Looking at the existing code (src/node/hooks/express/static.js#L39-L57), a
client-side plugin is defined as a plugin that implements at least a client side
hook.

NOTE: there is currently no support for notifying plugin removal/installation
      to the connected clients: for now, in order to get an updated class list,
      the clients will have to refresh the page.

Fixes #3488
2018-10-02 21:22:13 +02:00
muxator 6620014b77 skins: describe the skins in the documentation 2018-08-26 21:17:04 +02:00
"muxator ext:(%22) d499e1b046 docs: direct link to measured.Collection from stats.md 2018-08-14 13:27:31 +02:00
muxator e9fb63f426 docs: "```js" -> "```json" in Markdown of some json blocks 2018-08-09 22:27:56 +02:00
muxator 7544585908 runtime: enforce minimal node version to 6.9.0
Etherpad 1.6.6 does not run on node <= 5 already.
Node 6.9 is the first LTS release in the 6 series, and comes with npm 3.10.8.

Declarations in package.json are advisory unless the user has set
`engine-strict` config flag.

Updated the docs accordingly.
2018-07-28 23:33:24 +02:00
John McLear 2765a95774
Merge pull request #3218 from klausweiss/develop
Feature: New server-side hook: onAccessCheck
2018-04-03 13:38:47 +01:00
HairyFotr c7548450c0
Typos and minor fixes in bin, doc, and root 2017-09-14 13:33:27 +02:00
Mikołaj Biel 5c8a15c3d7 fix `sessionCookie` number in onAccessCheck 2017-07-12 00:28:51 +02:00
Mikołaj Biel 35702a0589 [feat] New server-side hook: onAccessCheck 2017-07-10 20:54:32 +02:00
Luiza Pagliari fc89034a55 [feat] New server-side hook: padCopy
Let plugins know when a pad is copied.
2017-05-18 18:52:14 -03:00
Luiza Pagliari d78681350b Merge pull request #3149 from AdamNiederer/patch-1
Remove an extra space
2017-03-13 06:55:07 -03:00
Adam Niederer cb8fe92df7 Fix typo 2017-03-11 22:09:49 -05:00
Adam Niederer 7520377026 Spelling fixes 2017-03-11 21:38:50 -05:00
Adam Niederer 52d5fc713e Spelling fixes 2017-03-11 21:36:37 -05:00
Adam Niederer 867e2d69d4 Spelling, grammar, and style improvements 2017-03-11 21:35:00 -05:00
Adam Niederer 6d279f0ee1 Spelling fix
Also removes an extra space
2017-03-11 21:34:34 -05:00
Adam Niederer a5e576c564 Grammar fix 2017-03-11 21:30:32 -05:00
Adam Niederer eeb8e82771 Remove an extra space 2017-03-11 21:27:34 -05:00
Sjoerd Langkemper d48395089c Update called from for two hooks
`expressCreateServer` and `expressConfigure` are called from `express.js`, not
from `server.js`.
2017-01-17 14:59:24 +01:00
Alexander Lorz cd7f01f40a minor changes in docs
- correct link to doc generation tool.
 - fixed incomplete sentence regarding API client libraries
2016-12-26 20:18:34 +01:00
Luiza Pagliari 01d23b1f6a Merge pull request #2929 from xavidotron/develop
Pass through the "item" parameter to registerAceCommand callbacks.
2016-12-13 06:12:26 -02:00
Luc Didry 2341d09807 Add undocumented API function restoreRevision to doc
This commit is dedicated to Schoumi. Thx for supporting me on Tipeee :-)
2016-11-16 10:36:18 +01:00
John McLear f09e10b122 Merge pull request #2944 from storytouch/aceRegisterNonScrollableEditEvents
Create hook to register events that won't scroll editor after aceEditEvt
2016-06-20 10:36:53 +01:00
Luiza Pagliari 69ac8e1722 Include usage example for aceRegisterNonScrollableEditEvents 2016-06-20 06:31:11 -03:00
Xavid 56b851a46f Pass through the "item" parameter to registerAceCommand callbacks. 2016-05-06 21:58:24 -04:00
Luiza Pagliari 3fb695a7a0 Create hook to register events that won't scroll editor after aceEditEvt 2016-03-30 11:51:18 -03:00
John McLear 4846798528 extend attributesonselection method 2016-03-26 22:00:34 +08:00
Ted Mielczarek c70d655b96 Add appendText API (from #2810) to docs. 2016-01-13 07:26:20 -05:00