blitzwing/cryptpad
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
14238 commits 72 branches 132 tags 541 MiB
Commit graph

32 commits

Author SHA1 Message Date
yflory
c10fc37645 Merge branch 'totp-ui' into 5.4-rc 2023-07-11 10:30:36 +02:00
Wolfgang Ginolas
6f76972c47 Upgrade drawio to 21.5.2 
https://github.com/jgraph/drawio/issues/3691
 2023-06-29 10:23:49 +02:00
Wolfgang Ginolas
f7d56eea16 Rename drawio to digram 
https://github.com/cryptpad/cryptpad/issues/1062
 2023-06-22 14:59:13 +02:00
Wolfgang Ginolas
b5c0cada55 Update draw.io script hashes 2023-06-22 14:39:06 +02:00
Wolfgang Ginolas
17e6d24de4 Use hashes instead of unsafe-eval to secure drawio 2023-06-22 14:39:06 +02:00
Wolfgang Ginolas
67362fc2b9 Remove unsave-eval from draw.ios CSP 2023-06-22 14:39:06 +02:00
yflory
723ecc8bd6 Integration API prototype 2023-06-22 14:39:04 +02:00
ansuz
6f19101f42 big server changes: 
* use the nodejs cluster module to handle http traffic with multiple threads
* listen for websocket traffic on a new port because all such logic needs to share state
* proxy websocket URLs from the cluster to the new port so everything is backwards compatible
* implement logic for http workers to make requests and stay in sync with the main process
* unrelated: define the expected nodejs version in a constant
 2022-12-20 14:20:59 +05:30
ansuz
958b3e4376 remove references to removed pages and notes that have been addressed 2022-05-13 15:50:38 +05:30
ansuz
0be64ac958 simplify accounts configuration on dev instances 2022-05-11 13:12:12 +05:30
ansuz
916c0dd322 Merge branch 'sandpaper-static' into 4.15-candidate 2022-05-03 18:31:56 +05:30
David Benqué
97832340cf Remove Terms, What is, and Maintenance pages 2022-04-25 16:04:26 +01:00
ansuz
404b89eb28 update recommended settings for embedding to permit element desktop 2022-04-04 12:31:40 +05:30
ansuz
b4323b2c40 fix incorrect frame-ancestors and update test 2022-04-01 13:15:06 +05:30
ansuz
e6c51e3dff remove hardcoded translations and invert remote embedding logic 2022-03-24 12:43:16 +05:30
ansuz
a54a0af604 more tests on checkup page 2022-03-14 17:09:22 +05:30
ansuz
0917b45035 implement proper support for forbidding remote media-tag inclusion 
...and test that the basic headers are correctly set on the checkup page
 2022-02-18 16:09:02 +05:30
ansuz
b40c81d088 support modifying CSP headers at runtime 2022-02-18 13:54:33 +05:30
ansuz
7b6c8b83ef stricter websocket CSP and tests to match 2022-02-14 11:45:44 +05:30
ansuz
383684d339 add new, very specific tests for CSP to the checkup page 2022-02-10 16:53:14 +05:30
ansuz
29fe4b7223 restrict unnecessarily permissive CSP 2022-01-21 18:01:55 +05:30
ansuz
b8d6af7891 adjust CSP headers for printing from OnlyOffice 
* allow outer to load resources from the sandbox (for fonts)
* test whether the expected CSP values are present on the checkup page
* simplify the nodejs server a bit
 2021-10-19 14:22:10 +05:30
yflory
7a682397e2 Add checkup test about Google's Floc 2021-05-07 14:23:15 +02:00
ansuz
43a5d5664f remove XXX 2021-01-21 17:42:41 +05:30
David Benqué
ead97d8f41 Remove FAQ and references to it 2020-11-16 11:06:48 +00:00
David Benqué
66d434b583 Remove about page from defaults and add XXX for future pages 2020-10-30 14:29:15 +00:00
ansuz
a2b79d84b8 align nodejs http headers with example nginx 2020-10-27 08:12:23 +05:30
ansuz
cfcfe2f65f enable APIs for XLSX export in firefox 2020-10-07 14:47:43 +05:30
ansuz
b32f3e34af fix local worker debugging on firefox 2020-03-06 11:43:34 -05:00
ansuz
3cf09924ae fix default CSP headers 2020-02-28 10:46:44 -05:00
ansuz
3df47a1415 continued WIP config reorganization 2020-02-27 13:24:19 -05:00
ansuz
294a444603 WIP removing defaults from the example config file 2020-02-27 13:09:12 -05:00