ansuz
feefd9bff0
avoid duplicate warning about /api/instance on checkup
2022-05-30 15:34:02 +05:30
ansuz
cb10ef0d79
round corners
2022-05-20 20:58:18 +05:30
ansuz
0be64ac958
simplify accounts configuration on dev instances
2022-05-11 13:12:12 +05:30
ansuz
c81525ffc4
checkup: complain if public instance don't provide description & location
2022-05-10 13:13:02 +05:30
ansuz
8adeeb21ec
display instance info on the home page
...
* implements /api/instance
* updates recommended NGINX config
* adds a test on /checkup/
2022-05-03 18:20:34 +05:30
ansuz
83119a25c8
better error handling in checkup
2022-04-04 16:31:20 +05:30
ansuz
e5df9cb730
display a notice if bower dependencies fail to load for the checkup page
2022-04-04 13:55:00 +05:30
ansuz
404b89eb28
update recommended settings for embedding to permit element desktop
2022-04-04 12:31:40 +05:30
ansuz
841884c631
translated warnings for people that use AdGuard
2022-04-01 16:40:26 +05:30
ansuz
b4323b2c40
fix incorrect frame-ancestors and update test
2022-04-01 13:15:06 +05:30
ansuz
6253c7c61c
don't panic if unsafeiframe is loaded with unsafe-eval
2022-03-25 12:01:50 +05:30
ansuz
e6c51e3dff
remove hardcoded translations and invert remote embedding logic
2022-03-24 12:43:16 +05:30
ansuz
9ae4101ea2
test for the presence of x-content-type-options for blob and block
2022-03-23 13:35:17 +05:30
ansuz
4c53d9b509
enforce only loading inner.html from nested contexts
2022-03-23 13:31:52 +05:30
ansuz
f34a60665f
check that the server is running at least NodeJS v16.14.2
2022-03-22 14:27:07 +05:30
ansuz
b83e8600f4
clean up checkup tests and remove XXX
2022-03-15 13:35:49 +05:30
ansuz
a54a0af604
more tests on checkup page
2022-03-14 17:09:22 +05:30
ansuz
e38e08fb6e
Merge branch 'soon' into block-embeds
2022-03-14 12:52:55 +05:30
ansuz
c715334616
stub a test on the checkup page
2022-03-11 13:49:34 +05:30
ansuz
45d2eb0267
Merge branch 'soon' of github.com:xwiki-labs/cryptpad into support-categories
...
and include some tweaks for the checkup page
* sort errors above warnings
* improve messages for new tests
2022-03-10 11:33:41 +05:30
ansuz
c111364024
add two new tests to diagnose unavailability of uploaded blocks and blobs
2022-03-08 18:20:11 +05:30
ansuz
1e2a059074
lint compliance
2022-02-25 16:09:52 +05:30
ansuz
7c3d563453
WIP support for customized and translated legal info
2022-02-24 15:37:05 +05:30
ansuz
aaa00216d4
add a note about what configurations are supported re: third party embedding
2022-02-18 16:13:47 +05:30
ansuz
0917b45035
implement proper support for forbidding remote media-tag inclusion
...
...and test that the basic headers are correctly set on the checkup page
2022-02-18 16:09:02 +05:30
ansuz
b40c81d088
support modifying CSP headers at runtime
2022-02-18 13:54:33 +05:30
ansuz
1a18eafb7f
checkup page improvements
...
* removed a redundant test
* more descriptive error messages
* more useful return values in failed tests
* xhr reuse where possible for faster test completion
* guard against typeerrors caused by undefined CSP
* display server token value in summary if present
2022-02-18 13:26:42 +05:30
ansuz
d781d3bba2
lint compliance
2022-02-15 14:03:56 +05:30
ansuz
6196e81953
WIP checkup tests
2022-02-14 12:38:54 +05:30
ansuz
6a62e28c60
include option upgradeURL CSP in checkup page tests
2022-02-14 12:20:00 +05:30
ansuz
7b6c8b83ef
stricter websocket CSP and tests to match
2022-02-14 11:45:44 +05:30
ansuz
c0686dad99
fix merge conflict
2022-02-11 21:52:54 +05:30
ansuz
19863b8fb0
Merge branch 'soon' into checkup
2022-02-11 21:49:21 +05:30
ansuz
0f46869217
WIP update recommended production CSP values
2022-02-10 17:11:17 +05:30
ansuz
383684d339
add new, very specific tests for CSP to the checkup page
2022-02-10 16:53:14 +05:30
ansuz
cc1137b96b
more WIP checkup
2022-02-10 16:29:48 +05:30
ansuz
ee92ddb813
more WIP checkup
2022-02-10 14:50:15 +05:30
ansuz
2e14e8e930
more WIP checkup
2022-02-10 14:40:58 +05:30
ansuz
f2ead5b588
more WIP checkup
2022-02-10 14:32:14 +05:30
ansuz
d736e22c3b
more WIP checkup
2022-02-10 14:21:26 +05:30
ansuz
876132fc76
more WIP checkup
2022-02-10 14:11:14 +05:30
ansuz
39f1530969
more WIP checkup
2022-02-10 13:47:22 +05:30
ansuz
521097e3ad
more WIP checkup
2022-02-10 13:24:45 +05:30
ansuz
937b0b450f
better checkup test
2022-02-10 13:12:07 +05:30
ansuz
8eefeace43
WIP checkup improvements
2022-02-10 13:00:16 +05:30
ansuz
5835721322
Updated checkup page tests
...
1. check that /api/config is reachable from the sandbox domain
2. check that interest-cohort rules are present rather than strict comparison of expected headers
2022-02-03 15:01:29 +05:30
ansuz
f9be929eb9
check for unnecessarily permissive CSP
2022-01-21 15:50:40 +05:30
yflory
8f0543c3f3
Prepare possible OO migration
2021-11-02 12:42:44 +01:00
ansuz
a2e6f0a1c4
disable outdated tests
2021-10-20 12:19:01 +05:30
ansuz
b8d6af7891
adjust CSP headers for printing from OnlyOffice
...
* allow outer to load resources from the sandbox (for fonts)
* test whether the expected CSP values are present on the checkup page
* simplify the nodejs server a bit
2021-10-19 14:22:10 +05:30