89 Commits (0513945f00070c94b5e41cfb908cbdc36733b3f2)

Author SHA1 Message Date
ansuz 404b89eb28 update recommended settings for embedding to permit element desktop 3 years ago
ansuz b4323b2c40 fix incorrect frame-ancestors and update test 3 years ago
ansuz e6c51e3dff remove hardcoded translations and invert remote embedding logic 3 years ago
ansuz 9ae4101ea2 test for the presence of x-content-type-options for blob and block 3 years ago
ansuz f34a60665f check that the server is running at least NodeJS v16.14.2 3 years ago
ansuz b83e8600f4 clean up checkup tests and remove XXX 3 years ago
ansuz a54a0af604 more tests on checkup page 3 years ago
ansuz e38e08fb6e Merge branch 'soon' into block-embeds 3 years ago
ansuz c715334616 stub a test on the checkup page 3 years ago
ansuz 45d2eb0267 Merge branch 'soon' of github.com:xwiki-labs/cryptpad into support-categories
and include some tweaks for the checkup page

* sort errors above warnings
* improve messages for new tests
3 years ago
ansuz c111364024 add two new tests to diagnose unavailability of uploaded blocks and blobs 3 years ago
ansuz 1e2a059074 lint compliance 3 years ago
ansuz 7c3d563453 WIP support for customized and translated legal info 3 years ago
ansuz aaa00216d4 add a note about what configurations are supported re: third party embedding 3 years ago
ansuz 0917b45035 implement proper support for forbidding remote media-tag inclusion
...and test that the basic headers are correctly set on the checkup page
3 years ago
ansuz b40c81d088 support modifying CSP headers at runtime 3 years ago
ansuz 1a18eafb7f checkup page improvements
* removed a redundant test
* more descriptive error messages
* more useful return values in failed tests
* xhr reuse where possible for faster test completion
* guard against typeerrors caused by undefined CSP
* display server token value in summary if present
3 years ago
ansuz d781d3bba2 lint compliance 3 years ago
ansuz 6196e81953 WIP checkup tests 3 years ago
ansuz 6a62e28c60 include option upgradeURL CSP in checkup page tests 3 years ago
ansuz 7b6c8b83ef stricter websocket CSP and tests to match 3 years ago
ansuz c0686dad99 fix merge conflict 3 years ago
ansuz 19863b8fb0 Merge branch 'soon' into checkup 3 years ago
ansuz 0f46869217 WIP update recommended production CSP values 3 years ago
ansuz 383684d339 add new, very specific tests for CSP to the checkup page 3 years ago
ansuz cc1137b96b more WIP checkup 3 years ago
ansuz ee92ddb813 more WIP checkup 3 years ago
ansuz 2e14e8e930 more WIP checkup 3 years ago
ansuz f2ead5b588 more WIP checkup 3 years ago
ansuz d736e22c3b more WIP checkup 3 years ago
ansuz 876132fc76 more WIP checkup 3 years ago
ansuz 39f1530969 more WIP checkup 3 years ago
ansuz 521097e3ad more WIP checkup 3 years ago
ansuz 937b0b450f better checkup test 3 years ago
ansuz 8eefeace43 WIP checkup improvements 3 years ago
ansuz 5835721322 Updated checkup page tests
1. check that /api/config is reachable from the sandbox domain
2. check that interest-cohort rules are present rather than strict comparison of expected headers
3 years ago
ansuz f9be929eb9 check for unnecessarily permissive CSP 3 years ago
yflory 8f0543c3f3 Prepare possible OO migration 3 years ago
ansuz a2e6f0a1c4 disable outdated tests 3 years ago
ansuz b8d6af7891 adjust CSP headers for printing from OnlyOffice
* allow outer to load resources from the sandbox (for fonts)
* test whether the expected CSP values are present on the checkup page
* simplify the nodejs server a bit
3 years ago
ansuz 04234aa1f4 fix a typo in a class 3 years ago
ansuz 7647a60219 guess OS version on checkup page 3 years ago
ansuz a20bfbf6c1 lint compliance 3 years ago
ansuz dd53b6fa72 constrain table width in checkup summaries 3 years ago
ansuz 613868bbde fix safari-specific warnings in checkup 3 years ago
ansuz b6cc4ef8cf test browser-dependent SharedArrayBuffer support in checkup
include debugging information in final report
for when browser vendors inevitably break APIs again
3 years ago
ansuz 5f32a38f3e Merge branch 'soon' into main 3 years ago
ansuz 921da962d0 narrow exceptions for use of localhost in checkup 3 years ago
ansuz 6578b66ba6 convert a warning to an error 3 years ago
ansuz c774a5d06e time out if checkup test #7 doesn't call back in 30s 3 years ago