Merge branch 'staging' of github.com:xwiki-labs/cryptpad into staging

pull/1/head
yflory 4 years ago
commit 61ac8b0512

@ -1,11 +1,25 @@
# WIP
# 4.7.0
## Goals
* deploy new forms page
## Update notes
* `bower update` for `chainpad-crypto#0.2.6` ([signed mailbox extensions](https://github.com/xwiki-labs/chainpad-crypto/releases/tag/0.2.6))
* log some information about the checkup page when launching the server
* new admin panel features
* link to checkup for better discoverability
* opt in to public listings
* opt in to email contact
* opt out of telemetry
* `blockDailyCheck` option moved here from default config
* preliminary work for statistical aggregation
* `removeDonateButton` option moved here from default config
* new app, so you probably want to review that your custom color schemes don't conflict
* server update and restart is required
* ready to display warnings about new server updates starting in 4.7.1 or 4.8.0
* lots of new translations!
## Features
@ -13,10 +27,30 @@
* log messages which fail signature validation
* make drive-redirect configurable via the settings page (disabled by default)
* minor UI improvements for report page
* copy report to clipboard
* margins?
* new form app
* with participant, author, and auditor roles
* partially replaces the poll app
* polls no longer listed on home page
* it is still possible to make copies of existing polls
* otherwise the poll app redirects to the form app
* ability to add a file to your drive from the file menu even if it's already in a team
* embed file option in markdown toolbar
* kanban
* code
* slide?
## Bug fixes
* variably display "Features" or "Pricing" in the _top bar_
* default to the 'general' tab of the admin panel when the URL includes an unsupported hash
* guard against DOMException when updating atime in cache entries
* code app improvements
* guard against codemirror scroll-jank
* allow preview pane resize
* self-XSS via accountName
* password-protected files could not be opened or shared
# 4.6.0

@ -214,7 +214,7 @@ server {
# The nodejs server has some built-in forwarding rules to prevent
# URLs like /pad from resulting in a 404. This simply adds a trailing slash
# to a variety of applications.
location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban|sheet|support|admin|notifications|teams|calendar|presentation|doc)$ {
location ~ ^/(register|login|settings|user|pad|drive|poll|slide|code|whiteboard|file|media|profile|contacts|todo|filepicker|debug|kanban|sheet|support|admin|notifications|teams|calendar|presentation|doc|form|report)$ {
rewrite ^(.*)$ $1/ redirect;
}

@ -24,8 +24,8 @@ var fancyURL = function (domain, path) {
};
(function () {
// you absolutely must provide an 'httpUnsafeOrigin'
if (typeof(Env.httpUnsafeOrigin) !== 'string') {
// you absolutely must provide an 'httpUnsafeOrigin' (a truthy string)
if (!Env.httpUnsafeOrigin || typeof(Env.httpUnsafeOrigin) !== 'string') {
throw new Error("No 'httpUnsafeOrigin' provided");
}
@ -66,7 +66,7 @@ var setHeaders = (function () {
}
// next define the base Content Security Policy (CSP) headers
if (typeof(config.contentSecurity) === 'string') { // XXX deprecate this
if (typeof(config.contentSecurity) === 'string') {
headers['Content-Security-Policy'] = config.contentSecurity;
if (!/;$/.test(headers['Content-Security-Policy'])) { headers['Content-Security-Policy'] += ';' }
if (headers['Content-Security-Policy'].indexOf('frame-ancestors') === -1) {

@ -4453,7 +4453,6 @@ define([
// Form: get auditor hash
var auditorHash;
if (parsed.hash && parsed.type === "form") {
console.error('ICI');
var formData = Hash.getFormData(null, parsed.hash, data.password);
console.log(formData);
if (formData) {

@ -177,7 +177,8 @@
.cp-form-creator-add-full {
display: flex;
flex-flow: column;
margin: 20px 0px 100px 0px;
margin: 20px 0px 0px 0px;
padding-bottom: 100px;
&> div:first-child {
display: flex;
height: 100%;
@ -224,7 +225,8 @@
.cp-form-send-container {
text-align: center;
margin: 50px auto 100px auto;
margin: 50px auto 0px auto;
padding-bottom: 100px;
button {
&:not(:last-child) {
margin-right: 10px;
@ -461,11 +463,16 @@
display: flex;
flex-flow: column;
position: relative;
& > div {
background: @cp_form-bg1;
padding: 10px;
&:not(:last-child) {
margin-bottom: 20px;
.cp-form-creator-results-controls {
margin-bottom: 20px;
//background: @cp_form-bg1;
//padding: 10px;
}
.cp-form-creator-results-content {
.cp-form-block {
background: @cp_form-bg1;
padding: 10px;
}
}
.cp-form-block-question {
@ -477,7 +484,7 @@
margin-top: -10px;
margin-right: -10px;
i { margin-right: 5px; }
background: @cp_form-bg2;
background: fade(@cryptpad_text_col, 15%);
}
.cp-form-results-type-text {
max-height: 300px;
@ -515,6 +522,8 @@
}
}
.cp-form-individual {
background: @cp_form-bg1;
padding: 10px;
& > *:not(:last-child) {
margin-right: 10px;
}

@ -1931,7 +1931,7 @@ define([
return h('div.cp-form-send-container', [
invalid,
cbox ? h('div.cp-form-anon-answer', cbox) : undefined,
send, reset
reset, send
]);
};
var updateForm = function (framework, content, editable, answers, temp) {

Loading…
Cancel
Save