19863b8fb0
Merge branch 'soon' into checkup
3 years ago
0f46869217
WIP update recommended production CSP values
3 years ago
383684d339
add new, very specific tests for CSP to the checkup page
3 years ago
cc1137b96b
more WIP checkup
3 years ago
ee92ddb813
more WIP checkup
3 years ago
2e14e8e930
more WIP checkup
3 years ago
f2ead5b588
more WIP checkup
3 years ago
d736e22c3b
more WIP checkup
3 years ago
876132fc76
more WIP checkup
3 years ago
39f1530969
more WIP checkup
3 years ago
521097e3ad
more WIP checkup
3 years ago
937b0b450f
better checkup test
3 years ago
8eefeace43
WIP checkup improvements
3 years ago
5835721322
Updated checkup page tests
...
1. check that /api/config is reachable from the sandbox domain
2. check that interest-cohort rules are present rather than strict comparison of expected headers
3 years ago
f9be929eb9
check for unnecessarily permissive CSP
3 years ago
8f0543c3f3
Prepare possible OO migration
3 years ago
a2e6f0a1c4
disable outdated tests
3 years ago
b8d6af7891
adjust CSP headers for printing from OnlyOffice
...
* allow outer to load resources from the sandbox (for fonts)
* test whether the expected CSP values are present on the checkup page
* simplify the nodejs server a bit
3 years ago
04234aa1f4
fix a typo in a class
3 years ago
7647a60219
guess OS version on checkup page
3 years ago
a20bfbf6c1
lint compliance
3 years ago
dd53b6fa72
constrain table width in checkup summaries
3 years ago
613868bbde
fix safari-specific warnings in checkup
3 years ago
b6cc4ef8cf
test browser-dependent SharedArrayBuffer support in checkup
...
include debugging information in final report
for when browser vendors inevitably break APIs again
3 years ago
5f32a38f3e
Merge branch 'soon' into main
3 years ago
921da962d0
narrow exceptions for use of localhost in checkup
3 years ago
6578b66ba6
convert a warning to an error
3 years ago
c774a5d06e
time out if checkup test #7 doesn't call back in 30s
3 years ago
3095526066
remove some notes that have been addressed
3 years ago
3b44c09bc4
check COOP headers for multiple endpoints
...
and improve some error reporting in the checkup RPC
3 years ago
4a147815f6
disable server_tokens test until an easy solution is in place
3 years ago
433470cf40
check that server responses don't contain 'Server' headers
...
if they do, check that the server is NGINX.
3 years ago
e143873a20
display the currently set FLoC header in the checkup page's warning message.
...
Addresses #757
4 years ago
2bd659a9b5
test whether the instance configured to use HTTPS for the main and sandbox domains
4 years ago
1fe57c7e03
lint compliance and minor refactor
4 years ago
24e181ab9a
elaborate on some messages in the checkup page
4 years ago
8ecf7a70c4
lint compliance and dead code removal
4 years ago
cba66d5db3
close websockets when the checkup is complete
4 years ago
9c3dc7aa9c
simplify some tests on the checkup page
4 years ago
1f86578920
update instructions for adminEmail configuration
4 years ago
cc56745858
add more thorough tests for sandbox configuration on the checkup page
4 years ago
0c7f77f5ed
sketch out some more sandbox tests and note down some improvements
4 years ago
2ed25c38fb
display more information about incorrect headers on checkup page
4 years ago
32494fca0c
let NGINX handle its own headers
4 years ago
7a682397e2
Add checkup test about Google's Floc
4 years ago
fe41ca36bc
display the instance version on the checkup page
4 years ago
9fbd10fa8e
Merge branch 'staging' into restricted-registration
4 years ago
005573c512
provide detailed descriptions for addressing warnings on the checkup page
4 years ago
88a1b94a4b
new tests for checkup page
4 years ago
30fc2a5edf
Merge branch 'staging' into restricted-registration
4 years ago
ansuz