70f50711bf
abort loading several pages if embedded
2022-02-25 16:02:06 +05:30
4344f4410b
handle links in forms
2022-02-25 15:47:28 +05:30
f31ebf7f2e
fully drop support for browsers lacking promises
2022-02-25 14:27:49 +05:30
bc365d16a8
block loading many apps in iframes
2022-02-25 14:24:28 +05:30
e31ae08341
Merge branch 'soon' into staging
2022-02-25 13:35:11 +05:30
84b0e2bd45
slight optimization in reordering ticket on the admin panel
2022-02-25 13:19:44 +05:30
6a2ec4ae7e
consider profile links unsafe
2022-02-25 13:14:59 +05:30
2134ec02b6
prompt users to include useful information in support tickets
2022-02-24 18:06:46 +05:30
7c3d563453
WIP support for customized and translated legal info
2022-02-24 15:37:05 +05:30
1202b7a691
WIP configure instance name, jurisdiction, and description on admin panel
2022-02-24 15:28:24 +05:30
654ee7ed73
Merge branch 'soon' into main
2022-02-22 17:37:40 +05:30
aaafc648f6
guard against malformed DOM queries in forms that include polls
...
and fix display of escaped HTML in poll option titles
2022-02-22 17:33:28 +05:30
b7d43eb9f4
Fix New button in Drive
2022-02-21 17:15:39 +00:00
182598a351
Round loading and history bars
2022-02-21 17:15:26 +00:00
6c56785e15
fix incorrect config snippet in changelog
2022-02-21 11:34:33 +05:30
aa356d6dff
Fix toolbar issues
2022-02-18 16:26:12 +00:00
f1fc2d2ad9
WIP provide a reason when archiving or resoring a file through the admin panel
2022-02-18 18:45:52 +05:30
aaa00216d4
add a note about what configurations are supported re: third party embedding
2022-02-18 16:13:47 +05:30
0917b45035
implement proper support for forbidding remote media-tag inclusion
...
...and test that the basic headers are correctly set on the checkup page
2022-02-18 16:09:02 +05:30
fa8e901f54
drop support for 'config.contentSecurity'
2022-02-18 13:59:00 +05:30
b40c81d088
support modifying CSP headers at runtime
2022-02-18 13:54:33 +05:30
52529f1a65
hide the 'embed' tab of the share menu if 'disableEmbedding' is true
2022-02-18 13:41:08 +05:30
96f4162a58
initial admin panel components for 'disableEmbedding' functionality
2022-02-18 13:40:01 +05:30
ef6f98c149
initial serverside components for 'disableEmbedding' functionality
2022-02-18 13:35:20 +05:30
1a18eafb7f
checkup page improvements
...
* removed a redundant test
* more descriptive error messages
* more useful return values in failed tests
* xhr reuse where possible for faster test completion
* guard against typeerrors caused by undefined CSP
* display server token value in summary if present
2022-02-18 13:26:42 +05:30
a574cfe1e2
Continue toolbar redesign
2022-02-17 17:01:42 +00:00
c2c9857387
Start toolbar redesign
2022-02-17 13:30:35 +00:00
a6ccf3149e
Translated using Weblate (Japanese)
...
Currently translated at 100.0% (1427 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/ja/
2022-02-16 06:26:13 +01:00
6de0030844
update changelog for 4.13.0
2022-02-15 15:55:00 +05:30
7b14c135b3
update example NGINX CSP configuration
2022-02-15 15:54:33 +05:30
43ff745374
update community chat link to use matrix.to
2022-02-15 15:03:06 +05:30
af299f7fb3
update 'vulnerable' dev dependencies
2022-02-15 14:06:43 +05:30
d781d3bba2
lint compliance
2022-02-15 14:03:56 +05:30
6196e81953
WIP checkup tests
2022-02-14 12:38:54 +05:30
6a62e28c60
include option upgradeURL CSP in checkup page tests
2022-02-14 12:20:00 +05:30
c062aaf6f5
Merge branch 'soon' into checkup
2022-02-14 11:49:41 +05:30
7b6c8b83ef
stricter websocket CSP and tests to match
2022-02-14 11:45:44 +05:30
86b1950147
Translated using Weblate (Polish)
...
Currently translated at 100.0% (1427 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 51.5% (735 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 29.8% (426 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 20.4% (292 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
Translated using Weblate (Polish)
Currently translated at 8.5% (122 of 1427 strings)
Translation: CryptPad/App
Translate-URL: http://weblate.cryptpad.fr/projects/cryptpad/app/pl/
2022-02-13 18:47:00 +01:00
c0686dad99
fix merge conflict
2022-02-11 21:52:54 +05:30
19863b8fb0
Merge branch 'soon' into checkup
2022-02-11 21:49:21 +05:30
3c324cbc70
Merge branch 'main' into soon
2022-02-11 21:46:33 +05:30
1e8aa49533
fix typo
2022-02-11 21:46:19 +05:30
918f8a0adc
Merge branch 'main' into soon
2022-02-11 21:45:37 +05:30
49446fe02b
undo an invalid CSP change
2022-02-11 20:49:38 +05:30
a8ae4343f2
Merge branch 'embeds' into checkup
2022-02-11 19:25:41 +05:30
c0b379b535
apply strict controls for postMessage and tighten up blob CSP
2022-02-11 19:22:03 +05:30
0f46869217
WIP update recommended production CSP values
2022-02-10 17:11:17 +05:30
383684d339
add new, very specific tests for CSP to the checkup page
2022-02-10 16:53:14 +05:30
cc1137b96b
more WIP checkup
2022-02-10 16:29:48 +05:30
ee92ddb813
more WIP checkup
2022-02-10 14:50:15 +05:30
ansuz