f5c39efcac
patched xss hole with messages not setting the content type correctly
2015-05-19 11:04:52 +01:00
3ad517e1c2
Merge pull request #177 from sharelatex/fix-ace-extension-errors
...
prevent loading error for ace language tools extension in development
2015-05-05 14:47:44 +01:00
6014085e8e
prevent loading error for ace language tools extension in development
2015-05-05 14:33:18 +01:00
72af6748c9
Merge pull request #157 from oskanberg/patch-1
...
Rename 'javscript' to 'javascript'
2015-05-05 14:28:27 +01:00
9764ab258b
added complex password validation to password resets
2015-04-30 12:05:46 +01:00
312c56a24e
allow password resets to be performed when site is not public by adding routes into white list
2015-04-30 11:58:26 +01:00
a7640b5bbd
changed authentication controller to use req.parsedUrl.pathname as query strings on req.url were breaking the whitelist
2015-04-30 11:57:40 +01:00
635f79d2f6
added password strength check to change password
2015-04-28 18:30:19 +01:00
f385a7a4b5
open chat links in new window
2015-04-28 16:20:24 +01:00
6669884f44
Merge branch 'tpds-cleanup'
2015-04-23 10:06:26 +01:00
31a51b73d8
improved linkify so data is correctly sanitized, used inbuilt angular lib
...
don't know how I missed that last time!
2015-04-22 17:58:33 +01:00
af85c83877
Buffer updates when only a single user is editing a document
...
Add in 5 second delay between flushing updates when only a single user
is editing a document. As soon as an update is received from another user
we switch to sending updates immediately again so there is no latency
between collaborators. The logic applies to individual docs, so two users
can be editing different docs and will still buffer updates since they
will not affect each other.
2015-04-17 11:24:28 +01:00
396644d314
proposed fix to delete tpds dump files after use
2015-04-15 14:41:38 +01:00
5c30a7de67
Add in option for global login requirement (defaults to on)
2015-04-15 11:14:53 +01:00
893ff85521
Don't allow password resets for holding accounts
2015-04-14 13:11:49 +01:00
33f56b71a2
Remove redundant body parser line
2015-04-14 13:04:49 +01:00
8b4ccae60a
Read cookie session length from settings file
2015-04-14 13:04:29 +01:00
0684fa36fd
upgrade pdfjs to version 1.0.1040
2015-03-31 14:53:27 +01:00
8483f249ee
Actually proxy websocket connections
2015-03-20 19:08:48 +00:00
b0a32b1ef8
make new pdf viewer the default for all users
...
remove old pdf viewer
2015-03-20 11:28:28 +00:00
ff55e4c5ed
Merge branch 'private_registration'
2015-03-20 10:34:17 +00:00
393169bc2a
Create a grunt task to create the admin user
2015-03-19 17:36:50 +00:00
e2d515f957
Allow public registration module to hook into email system
2015-03-19 17:19:56 +00:00
9b8cf7bcfa
Remove public registration and require that a user be registered by an admin
2015-03-19 14:22:48 +00:00
d76ef86077
Tell user to contact admin email to register
2015-03-18 16:20:26 +00:00
93a088618a
Return proper error from registration handler
2015-03-18 16:19:48 +00:00
cb948fede2
Move email sending into registration controller
2015-03-18 15:57:01 +00:00
adb98d05b5
sentry 1.1.16 does not yet support release parameter, use build tag instead
2015-03-18 15:50:26 +00:00
5d788ca7c5
add grunt version target to report version to sentry
...
it writes the git commit id and Jenkins build number into the sentry
configuration
2015-03-17 16:59:17 +00:00
5df9f49a4e
Rename 'javscript' to 'javascript'
2015-03-10 18:56:46 +00:00
0f69ee0f22
Add in proxy for /socket.io so that we don't need to faff with real-time service location
2015-03-09 14:09:09 +00:00
bb61dfe34a
Show nice error page if socket.io could not be loaded
2015-03-09 13:57:13 +00:00
d376acdaa9
Allow an __appName__ parameter in translations
2015-03-09 12:14:30 +00:00
97f0fad525
add vat number option to payment form
2015-03-04 18:08:06 +00:00
80dc2f9224
send coupon code server side to be applied to users subscription
2015-03-04 17:50:24 +00:00
9805c6a9ff
doc model no longer has lines or rev in it
2015-03-04 11:10:59 +00:00
fe3b9bf07a
clients can not rename docs/files/folders to blank name.
...
Client and server side checks added
2015-03-04 11:10:59 +00:00
edc83b905c
remove circular references when reporting to sentry
2015-03-03 16:41:21 +00:00
c1cde643ef
use send build identifier to clsi only for new pdf viewer
...
old pdf viewer will continue to use the main ouput.pdf file
2015-03-02 14:59:53 +00:00
0315954b47
Merge branch 'master' into support-cached-pdfs
2015-03-02 09:20:00 +00:00
5b9f2e8fc1
pass build id through to clsi when requesting pdf
2015-02-26 16:21:44 +00:00
40b30b957a
Merge branch 'master' of https://github.com/sharelatex/web-sharelatex
2015-02-24 22:07:43 +00:00
161f24ffdf
add flag which requires login for /learn
2015-02-24 22:07:36 +00:00
387a8b8ae3
hide some forms in user settings if authentication is managed by external system
2015-02-24 13:41:46 +00:00
5028665913
ignore errors from https://pstatic.datafastguru.info its malware we have
...
no control over
2015-02-23 17:29:38 +00:00
8638b531a5
fire off register to newsletter on user registration as it can be slow
2015-02-23 16:03:45 +00:00
c33956c0af
fix jade warnings about missing space, need to escape the module html
...
insertions a different way. != func rather than !{func}
2015-02-23 10:18:48 +00:00
e4121d8a28
forgot comma in ignoreUrls
2015-02-19 11:25:06 +00:00
4eed88c1ab
broken a err and null check into 2 lines
2015-02-19 10:54:28 +00:00
ad5de0e93a
added null check on Facebook
2015-02-18 22:25:58 +00:00
Henry Oswald