180 Commits (0bb4f0fc3dd1a7c932e363efa31d8799a01364a7)

Author SHA1 Message Date
ansuz 942a136886 somewhat stricter httpUnsafeOrigin validation 3 years ago
ansuz 98c8d7086f include instance version in Env 4 years ago
ansuz 87a52b67f5 re-add an incorrectly removed curly brace 4 years ago
ansuz 41db88a360 WIP admin 'network' panel 4 years ago
ansuz b88963cec2 conditionally log some information about the checkup page when launching the server 4 years ago
ansuz 32494fca0c let NGINX handle its own headers 4 years ago
ansuz eb32651c67 leave some notes about a minor race condition 4 years ago
ansuz 30fc2a5edf Merge branch 'staging' into restricted-registration 4 years ago
ansuz bd37e45eb4 disable some seemingly problematic server code 4 years ago
ansuz 15a8284a30 add some logging and avoid some errors 4 years ago
ansuz 50045c08d0 WIP restrict registration 4 years ago
ansuz e90031b8d1 refined header fix for standalone instances 4 years ago
ansuz 3a0fe6968d refine the header fixes for chrome to avoid breaking standalone instances 4 years ago
ansuz ae173d31cb fix a chrome header issue 4 years ago
ansuz 34e02a23e7 deduplicate server code for caching rendered API endpoints 4 years ago
ansuz 4e3a7fef24 add notes from our review 4 years ago
yflory 8f679c141c Broadcast update 4 years ago
yflory 96892bff48 Merge branch 'staging' into broadcast 4 years ago
yflory b108960d67 Rename ooslide and oodoc 4 years ago
ansuz 3141d7add1 remove trailing slashes from configured origins
in both the server and the example config file
4 years ago
yflory 7971a6d267 Major broadcast refactoring 4 years ago
yflory d15c0461cc Add /api/broadcast and improve message deletion 4 years ago
ansuz 1ef6a96cd1 avoid duplicating CSP headers in production environments 4 years ago
ansuz 3c4b2ffad0 avoid setting headers for /api/config that will be duplicated by nginx 4 years ago
ansuz 929159a0f4 implement server offline mode (no ws) 4 years ago
yflory 396eb4d263 Stop autodownloading big mediatags 4 years ago
ansuz ebc394c4b3 expose defaultStorageLimit via /api/config 4 years ago
ansuz aa547a7b76 align nodejs http headers with example nginx 4 years ago
ansuz 804443e5f7 send basic team info along with support tickets
...and fix a server bug that had broken /api/config.supportMailbox
4 years ago
ansuz 369c92c01d initialize Env from server and deduplicate several attributes 4 years ago
ansuz c99de4ffc2 expose the canonical representation of adminKeys via /api/config 4 years ago
ansuz b5d3a10dc2 guard against possible typeErrors from unvalidated config input 4 years ago
ansuz 6519f8242e Merge branch 'signing-key-format' into staging 4 years ago
ansuz ebcc9a069b add server-side support for the new format of public signing keys 4 years ago
yflory b94a596751 remove unsafe-inline requirement in pad 4 years ago
ansuz 5196440e65 guard against a typeError when httpSafeOrigin is not defined 5 years ago
ansuz 9fa93172cf tolerate trailing slashes in httpSafeDomain 5 years ago
ansuz 3b05d24f10 wip csp issue 5 years ago
Jason Heard 9b3013278b Check httpSafeOrigin in config variable 5 years ago
ansuz 53ed247bc2 expose maxUploadSize and premiumUploadSize via /api/config 5 years ago
ansuz e70c3ff0ab add some default config values and warn if provided values seem incorrect 5 years ago
ansuz 74771f13f5 implement caching for /api/config responses 5 years ago
ansuz 80c012f34d prepare to merge history keeper and rpc 5 years ago
ansuz c388641479 drop support for 'retainData' configuration 5 years ago
ansuz f45de2b52f move some server deps from repo root to lib/ 5 years ago
ansuz 671999c600 treat onlyoffice iframes specially with regard to CSP 5 years ago
yflory 47768112b4 Merge branch 'staging' into communities-oo 5 years ago
Ludovic Dubost d593f3961c Updated OnlyOffice editors, Updated x2t.js to 5.4.2 5 years ago
Ludovic Dubost 1065ef5d4c Fix security policy for ooslide and oodoc which would break x2t wasm export on Chrome 5 years ago
ansuz 05699b2c94 unify websocket configuration points 5 years ago