ansuz
aaa00216d4
add a note about what configurations are supported re: third party embedding
3 years ago
ansuz
0917b45035
implement proper support for forbidding remote media-tag inclusion
...
...and test that the basic headers are correctly set on the checkup page
3 years ago
ansuz
fa8e901f54
drop support for 'config.contentSecurity'
3 years ago
ansuz
b40c81d088
support modifying CSP headers at runtime
3 years ago
ansuz
52529f1a65
hide the 'embed' tab of the share menu if 'disableEmbedding' is true
3 years ago
ansuz
96f4162a58
initial admin panel components for 'disableEmbedding' functionality
3 years ago
ansuz
ef6f98c149
initial serverside components for 'disableEmbedding' functionality
3 years ago
ansuz
1a18eafb7f
checkup page improvements
...
* removed a redundant test
* more descriptive error messages
* more useful return values in failed tests
* xhr reuse where possible for faster test completion
* guard against typeerrors caused by undefined CSP
* display server token value in summary if present
3 years ago
ansuz
6de0030844
update changelog for 4.13.0
3 years ago
ansuz
7b14c135b3
update example NGINX CSP configuration
3 years ago
ansuz
43ff745374
update community chat link to use matrix.to
3 years ago
ansuz
af299f7fb3
update 'vulnerable' dev dependencies
3 years ago
ansuz
d781d3bba2
lint compliance
3 years ago
ansuz
6196e81953
WIP checkup tests
3 years ago
ansuz
6a62e28c60
include option upgradeURL CSP in checkup page tests
3 years ago
ansuz
c062aaf6f5
Merge branch 'soon' into checkup
3 years ago
ansuz
7b6c8b83ef
stricter websocket CSP and tests to match
3 years ago
Weblate
86b1950147
Translated using Weblate (Polish)
...
Currently translated at 100.0% (1427 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 51.5% (735 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 29.8% (426 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 20.4% (292 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 8.5% (122 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
3 years ago
ansuz
c0686dad99
fix merge conflict
3 years ago
ansuz
19863b8fb0
Merge branch 'soon' into checkup
3 years ago
ansuz
3c324cbc70
Merge branch 'main' into soon
3 years ago
ansuz
1e8aa49533
fix typo
3 years ago
ansuz
918f8a0adc
Merge branch 'main' into soon
3 years ago
ansuz
49446fe02b
undo an invalid CSP change
3 years ago
ansuz
a8ae4343f2
Merge branch 'embeds' into checkup
3 years ago
ansuz
c0b379b535
apply strict controls for postMessage and tighten up blob CSP
3 years ago
ansuz
0f46869217
WIP update recommended production CSP values
3 years ago
ansuz
383684d339
add new, very specific tests for CSP to the checkup page
3 years ago
ansuz
cc1137b96b
more WIP checkup
3 years ago
ansuz
ee92ddb813
more WIP checkup
3 years ago
ansuz
2e14e8e930
more WIP checkup
3 years ago
ansuz
f2ead5b588
more WIP checkup
3 years ago
ansuz
d736e22c3b
more WIP checkup
3 years ago
ansuz
876132fc76
more WIP checkup
3 years ago
ansuz
39f1530969
more WIP checkup
3 years ago
ansuz
521097e3ad
more WIP checkup
3 years ago
ansuz
937b0b450f
better checkup test
3 years ago
ansuz
8eefeace43
WIP checkup improvements
3 years ago
ansuz
5bf21a25c0
Merge branch 'main' into soon
3 years ago
ansuz
06f75f7769
update mermaid to v8.13.10
3 years ago
ansuz
030585d26e
clean up some code smell
3 years ago
ansuz
28ce7f828d
guard against bad filenames in slide options
3 years ago
ansuz
e65d93efdf
simplify dropdown content sanitization
3 years ago
Weblate
1aca88fd89
Translated using Weblate (Spanish)
...
Currently translated at 44.0% (628 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/es/
3 years ago
ansuz
fe7531c137
Merge branch 'soon' into main
3 years ago
ansuz
ebcb6b2ab0
log child process ids in the event of an RPC timeout
3 years ago
ansuz
5835721322
Updated checkup page tests
...
1. check that /api/config is reachable from the sandbox domain
2. check that interest-cohort rules are present rather than strict comparison of expected headers
3 years ago
ansuz
86bc75a590
lint compliance
3 years ago
Weblate
5aaf67eb95
Translated using Weblate (Russian)
...
Currently translated at 99.9% (1426 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/ru/
3 years ago
Weblate
6b1729cda5
Translated using Weblate (Basque)
...
Currently translated at 100.0% (1427 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/eu/
3 years ago