blitzwing/cryptpad
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
15761 commits 72 branches 132 tags 541 MiB
Commit graph

122 commits

Author SHA1 Message Date
ansuz
50c84949c8 invert NGINX settings to forbid remote embedding by default 2023-02-13 12:47:18 +05:30
Mathilde Grünig
0d7f1509b6 Add FreeBSD rc.d init script 2023-02-03 08:25:17 +01:00
Ente
c9fd6359aa
Send HTTP credentials when fetching blobs 
With this change media-tag now sends HTTP credentials when fetching
blobs. Also changed the example nginx config to send
Access-Control-Allow-Credentials CORS headers. For this to work, we can
no longer use '*' for Access-Control-Allow-Origin [1][2]: Therefore the
example config was changed to set Access-Control-Allow-Origin to the
sandbox domain only.

Fixes:
- #705: Blob fetch fails with 401 Unauthorized when HTTP basic auth is enabled [3]

Referenes:
[1]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS/Errors/CORSNotSupportingCredentials
[3]: https://github.com/xwiki-labs/cryptpad/issues/705
 2022-12-14 11:27:51 +01:00
Mathilde Grünig
37ccaddbbe 2nd thought on HTTP/80, not needed in the end 2022-12-07 14:04:00 +01:00
Mathilde Grünig
1b731e2643 Add future-proof Nginx configuration 
- support IPv6
- 80 to 443 redirect
- TLS generation
- better SSL sessions
- longer HSTS (2 years)
- OCSP stapling
 2022-12-07 13:56:12 +01:00
ansuz
01cdfa1bbc document yet another way that Safari/webkit is terrible 2022-10-05 15:17:07 +05:30
ansuz
8d7973850a slightly smarter caching rules in example NGINX config 2022-09-13 18:34:30 +05:30
ansuz
c889823fca fix custom file serving logic for static pages in NGINX 2022-09-06 14:36:23 +05:30
ansuz
4d022a2247 handle more cases for the cache-control header in NGINX 2022-09-06 14:35:13 +05:30
ansuz
aaa6efbbb0 better worst-case performance for static files served by NGINX 2022-07-22 16:46:02 +05:30
Maxime Cesson
c1adae6d59 Complete last commit (add og data to "Drive" and "File", handle missing config, modify nginx example config) 2022-07-21 18:44:21 +02:00
ansuz
8adeeb21ec display instance info on the home page 
* implements /api/instance
* updates recommended NGINX config
* adds a test on /checkup/
 2022-05-03 18:20:34 +05:30
ansuz
01b6dd539b add trailing slash if /convert/ is loaded without its trailing slash 2022-04-04 20:38:52 +05:30
ansuz
404b89eb28 update recommended settings for embedding to permit element desktop 2022-04-04 12:31:40 +05:30
ansuz
16b843c2c8 set x-content-type-options headers for blob and block in nginx example 2022-03-23 15:24:51 +05:30
ansuz
e1abf4ef77 nginx updates 2022-03-14 18:23:38 +05:30
ansuz
7b14c135b3 update example NGINX CSP configuration 2022-02-15 15:54:33 +05:30
ansuz
0f46869217 WIP update recommended production CSP values 2022-02-10 17:11:17 +05:30
ansuz
ae84d99af0 update the recommended settings for img-src and media-src 2022-01-21 17:48:53 +05:30
ansuz
31c5bba8db update example NGINX config and changelog for 4.12.0 2021-10-20 18:42:02 +05:30
yflory
b050f04090 Fix CSP errors in oodoc and ooslide 2021-10-19 17:09:42 +02:00
ansuz
d2db0066a4 update example nginx config to match dev server 2021-10-19 17:56:55 +05:30
ansuz
34acded538 clarify comment in example nginx config 2021-08-27 14:07:23 +05:30
ansuz
f12a276c78 correct inconsistent capitalization of 'CryptPad' in markdown files. 
Add a rule to the translation linter to detect future inconsistencies.
 2021-08-13 15:44:11 +05:30
ansuz
3b44c09bc4 check COOP headers for multiple endpoints 
and improve some error reporting in the checkup RPC
 2021-07-01 16:42:09 +05:30
ansuz
0978074c74 add convert app to example nginx and update changelog 2021-06-30 19:31:48 +05:30
ansuz
14483814fd update nginx trailing-slash rewrite for new apps 2021-06-15 03:52:54 +05:30
ansuz
32494fca0c let NGINX handle its own headers 2021-05-12 14:29:29 +05:30
yflory
4d5d809447 Opt out of Google's FLoC Network by default 2021-04-22 12:24:05 +02:00
ansuz
49035f3aad update example nginx config 2021-04-14 10:38:16 +05:30
ansuz
edd46ebdb2 add some admin UI for profiling the server's workers 2021-01-29 11:51:40 +05:30
ansuz
f0b707e54d move admin-rpc code snippet to docs directory 2021-01-21 17:43:24 +05:30
ansuz
c806b97076 resolve conflicts between rebrand and staging 2020-12-29 17:20:53 +05:30
ansuz
affd221eb7 lint compliance 2020-12-29 17:08:48 +05:30
ansuz
38cfba275a elaborate on some comments in example config files 2020-12-15 13:37:13 +05:30
yflory
2647acbb78 Expose Content-Length header 2020-12-07 15:42:25 +01:00
Christian Pietsch
bc2387256f
Set reasonable value for $PWD 
/home/cryptpad/cryptpad/cryptpad seems one cryptpad too many, and it does not match the sample value of WorkingDirectory above
 2020-11-05 19:23:08 +01:00
ansuz
aa547a7b76 align nodejs http headers with example nginx 2020-11-03 16:48:31 +05:30
ansuz
d3dd5f991d proposed nginx configuration to enable XLSX export without disabling print from other apps 2020-11-03 16:48:31 +05:30
ansuz
a2b79d84b8 align nodejs http headers with example nginx 2020-10-27 08:12:23 +05:30
ansuz
a8f53d04fc proposed nginx configuration to enable XLSX export without disabling print from other apps 2020-10-26 17:24:35 +05:30
ansuz
8c980df660 tell clients not to cache their outer html 2020-10-21 13:11:29 +05:30
ansuz
cfcfe2f65f enable APIs for XLSX export in firefox 2020-10-07 14:47:43 +05:30
ansuz
737c42b447 update nginx.example.conf for latest rich text CSP 2020-06-29 16:51:58 -04:00
Adrian Nöthlich
68e33bb902
Remove docker related files 
Signed-off-by: Adrian Nöthlich <git@promasu.tech>
 2020-05-05 03:42:44 +02:00
ansuz
09bf0a54d8 add access control header 2020-04-09 16:30:22 -04:00
ansuz
54420109ac update the open file limit in the example systemd service file 2020-03-16 12:32:45 -04:00
ansuz
ecce654ca6 add 'resource:' to script-src to enable shared-worker debugging in firefox 2020-02-17 12:48:10 -05:00
ansuz
1fc8c1de16 add missing connect-src directives to example nginx conf 2020-02-17 08:48:15 -05:00
ansuz
1be01c07ee fix bad copypaste in the example nginx file 2020-02-10 13:04:58 -05:00
ansuz
95a2742b7a add an example systemd service file 2020-01-21 14:08:26 -05:00
ansuz
47d9c4daeb update onlyoffice detection to support sheet migration 2020-01-21 14:07:46 -05:00
ansuz
1b3c2a43bf remove wss from connecSrc in example nginx config 2020-01-06 15:22:55 -05:00
ansuz
32bdfacd92 fix incorrectly pasted line 2020-01-04 11:56:09 -05:00
ansuz
75925b6ceb fix blob support in example config 2020-01-04 01:39:37 -05:00
ansuz
80f3175a0e simplify cipher list, better dhparams 2019-12-27 13:05:02 -05:00
ansuz
7c9b53695b add a bunch of comments to all the mysterious sections of the nginx example config 
also remove a large, complicated, unnecessary section
 2019-12-26 18:23:52 -05:00
ansuz
c56815fa3b WIP nginx config refactor 2019-12-05 19:41:45 -05:00
yflory
a297336746
Fix broken link in cryptpad-docker.md 2019-11-19 14:01:56 +01:00
ansuz
d4e5b98c14 update nginx config to add trailing slashes to new apps 2019-10-01 13:23:38 +02:00
Florian Knodt
7cd4df3e7f
cryptpad-docker: Missing \ 2019-05-09 13:54:11 +02:00
ansuz
1853566b1a serve datastore over the webserver in the example nginx config 2019-04-12 17:17:54 +02:00
Ludovic Dubost
9403d994f5
Add port 3001 to docker port mapping 2019-02-14 12:24:13 +01:00
ansuz
5175ed10c5 update example nginx config for spreadsheets 2019-01-29 11:56:55 +01:00
Adrian Nöthlich
3f9ae30b52
Made CSP syntax in nginx example conf valid 
Made CSP syntax valid. There were arguments for e.g. blob: oder data: missing
 2019-01-07 15:12:46 +01:00
interfect
b817ac1511
Improve Docker documentation in the repo 
Now it will link to the wiki too.
 2018-12-15 10:20:03 -08:00
ansuz
7004f26730 update documentation 2018-07-18 16:01:27 +02:00
ansuz
2c56972be6 update changelog and example nginx config 2018-06-27 15:03:38 +02:00
Caleb James DeLisle
3c2d61ff42 Add to the nginx documentation the location datastore block 2018-04-13 18:14:01 +02:00
Falgn0n
f362aac246
Update example.nginx.conf 
Updated the location block for "/api/config" to point directly to the node.js server @ localhost:3000
 2017-12-24 12:13:28 +02:00
Thomas Gläßle
405526cfa5 Properly escape sed replace expressions 
This fixes an error during container startup due to interpolating a
$STORAGE value that may contain slashes or other "active" characters:

    ...
    Using secure websockets: false
    Using storage adapter: ./storage/file
    sed: bad option in substitution expression

Also add a trailing ',' in the search expression to avoid substituting
in the comment above the actual definition:

    /*  If Cryptpad is proxied without using https, the server needs to know.
     *  Specify 'useSecureWebsockets: true' so that it can send
    ...
 2017-08-10 10:35:38 +02:00
ansuz
f9023185c1 move documentation into docs folder 2017-05-31 10:10:33 +02:00