Commit Graph

224 Commits

Author SHA1 Message Date
David Benque 8f0a6319a5 Apply headers 2023-10-20 15:35:26 +01:00
yflory 650e4c42ca Fix websocket only binds to localhost #1182 2023-08-18 10:40:35 +02:00
yflory deb14c412f Fix XXX 2023-07-13 14:12:47 +02:00
ansuz 493bf1346c Merge tag '5.3.0' into 5.3-auth 2023-05-06 15:26:21 +05:30
yflory 6b743a787c Fix mailbox message deletion 2023-03-28 12:19:16 +02:00
ansuz 64d24f8b20 clean up http-worker code and add comments 2023-03-07 11:17:46 +05:30
ansuz 953c817c5b clean up more prototype code:
* remove commented code
* serialize errors sent from http workers to the main process
* drop support for custom http headers set via config.js#httpHeaders
* websockets: only listen on localhost, respect websocketPort config in workers' proxy config
2022-12-20 18:03:52 +05:30
ansuz 24274e6c9b remove some prototyping code that was overwriting values in responses to http-workers 2022-12-20 17:10:10 +05:30
ansuz 7e4518b43d More server cleanup:
* make the websocket port configurable
* reorder some tasks at launch time to use more consistent logging
* relaunch http workers if they crash
* refuse to launch if httpUnsafeOrigin cannot be parsed as a URL
* fix a path issue reintroduced by a git merge
2022-12-20 16:29:38 +05:30
ansuz d58096636a Merge tag '5.2.0' into test-merge 2022-12-20 14:49:47 +05:30
ansuz 6f19101f42 big server changes:
* use the nodejs cluster module to handle http traffic with multiple threads
* listen for websocket traffic on a new port because all such logic needs to share state
* proxy websocket URLs from the cluster to the new port so everything is backwards compatible
* implement logic for http workers to make requests and stay in sync with the main process
* unrelated: define the expected nodejs version in a constant
2022-12-20 14:20:59 +05:30
ansuz c03feef96e configure linter not to ignore the server. fix server linting issues 2022-10-06 15:34:58 +05:30
ansuz 863ab4f380 Merge branch 'soon' into absolute-paths 2022-10-06 15:34:05 +05:30
ansuz 7b64b3def7 fix logging error 2022-09-13 13:56:23 +05:30
ansuz 2b365694f6 fix server logic and logs messages related to quotas 2022-09-13 13:00:36 +05:30
ansuz 88ca56206d include accounts_api in /api/config if available 2022-09-01 13:57:01 +05:30
ansuz e78e57c039 unify accounts_api and quota_api config options 2022-08-30 17:23:10 +05:30
ansuz 0c1e96098e log when /api/updatequota is used 2022-07-25 16:58:43 +05:30
ansuz db59cc081d describe why /customize/www/ is served 2022-07-25 16:40:29 +05:30
ansuz 698269ad63 Merge branch 'main' into accounts-refactor 2022-07-25 16:23:48 +05:30
Maxime Cesson 341b8a3c85 Link OpenGraph data to the right instance URL through a build mechanism 2022-07-21 11:53:06 +02:00
yflory 2493938840 Send error page when updatequota not available 2022-07-11 10:17:53 +02:00
yflory 6ae07bb480 Allow accounts server to trigger quota updates 2022-07-05 11:48:40 +02:00
ansuz c81525ffc4 checkup: complain if public instance don't provide description & location 2022-05-10 13:13:02 +05:30
ansuz a2731c44b0 assorted home page fixes/improvements
* link to home page from other static pages
* home notice
  * moved to the top of the home page
  * configured via server API instead of application_config.js
  * WIP admin panel UI
* more debugging info for unsupported decrees
* lint compliance probably
2022-05-06 13:55:00 +05:30
ansuz 8adeeb21ec display instance info on the home page
* implements /api/instance
* updates recommended NGINX config
* adds a test on /checkup/
2022-05-03 18:20:34 +05:30
ansuz e6c51e3dff remove hardcoded translations and invert remote embedding logic 2022-03-24 12:43:16 +05:30
ansuz 386827d825 handle 500 errors 2022-03-22 16:41:42 +05:30
ansuz af10547dca warn if node is not launched with 'NODE_ENV=production' 2022-03-22 15:40:43 +05:30
ansuz f34a60665f check that the server is running at least NodeJS v16.14.2 2022-03-22 14:27:07 +05:30
ansuz a54a0af604 more tests on checkup page 2022-03-14 17:09:22 +05:30
ansuz e38e08fb6e Merge branch 'soon' into block-embeds 2022-03-14 12:52:55 +05:30
ansuz b65730b853 allow admins to enable configurable disk I/O profiling 2022-03-07 18:42:00 +05:30
ansuz 0917b45035 implement proper support for forbidding remote media-tag inclusion
...and test that the basic headers are correctly set on the checkup page
2022-02-18 16:09:02 +05:30
ansuz fa8e901f54 drop support for 'config.contentSecurity' 2022-02-18 13:59:00 +05:30
ansuz b40c81d088 support modifying CSP headers at runtime 2022-02-18 13:54:33 +05:30
ansuz ef6f98c149 initial serverside components for 'disableEmbedding' functionality 2022-02-18 13:35:20 +05:30
ansuz cc1137b96b more WIP checkup 2022-02-10 16:29:48 +05:30
ansuz a93ab05310 handle absolute paths in a few obviously problematic cases 2021-11-22 18:16:35 +05:30
ansuz 4e3c0f32cf enable oo presenter mode and embedded chart editor on dev instances 2021-10-20 12:20:09 +05:30
ansuz 0d31deb3fc dev server fixes for export with CSP 2021-10-19 17:25:05 +05:30
ansuz b8d6af7891 adjust CSP headers for printing from OnlyOffice
* allow outer to load resources from the sandbox (for fonts)
* test whether the expected CSP values are present on the checkup page
* simplify the nodejs server a bit
2021-10-19 14:22:10 +05:30
ansuz d9b6d94580 use consistent capitalization for CryptPad
run docs/ARCHITECTURE.md:[XWiki-Labs](https://labs.xwiki.com/) has published an open source suite (called [Cryptpad](https://github.com/xwiki-labs/cryptpad)) of collaborative editors  which employ end to end encryption.
docs/ARCHITECTURE.md:Cryptpad is capable of using a variety of data stores.
docs/ARCHITECTURE.md:Cryptpad was initially written to use [websockets](https://en.wikipedia.org/wiki/WebSocket) for transportation of messages.
docs/ARCHITECTURE.md:The encryption scheme employed by Cryptpad is a [symmetric encryption](https://en.wikipedia.org/wiki/Symmetric-key_algorithm) which utilizes a single [pre-shared-key](https://en.wikipedia.org/wiki/Pre-shared_key) known by all participants.
readme.md:See [Cryptpad-Docker](https://github.com/xwiki-labs/cryptpad-docker) repository for details on how to get up-and-running with Cryptpad in Docker. This repository is maintained by the community and not officially supported.
readme.md:If you have any questions or comments, or if you're interested in contributing to Cryptpad, come say hi in our [Matrix channel](https://app.element.io/#/room/#cryptpad:matrix.xwiki.com).
www/common/translations/README.md:To illustrate the process of translating, this guide will make an english-pirate translation of Cryptpad.
www/common/translations/README.md:We'll assume that you have a work locally-installed, properly functioning installation of Cryptpad.
www/common/translations/README.md:If you don't have Cryptpad installed locally, start by following the steps in the main readme.
www/common/translations/README.md:    out.main_title = "Cryptpad: Zero Knowledge, Collaborative Real Time Editing";
www/common/translations/README.md:    out.main_title = "Cryptpad: Knowledge lost at sea while ye scribble with yer mateys";
www/common/translations/README.md:It's advisable to save your translation file frequently, and reload Cryptpad in your browser to check that there are no errors in your translation file.
www/common/translations/README.md:When you're happy with your translation file, you can visit http://localhost:3000/assert/translations/ to view Cryptpad's tests.
www/common/translations/messages.ca.json:    "topbar_whatIsCryptpad": "Què és CryptPad",
www/common/translations/messages.de.json:    "topbar_whatIsCryptpad": "Was ist CryptPad",
www/common/translations/messages.el.json:    "topbar_whatIsCryptpad": "Τι είναι το CryptPad",
www/common/translations/messages.es.json:    "main_title": "Cryptpad: Zero Knowledge, Editor Colaborativo en Tiempo Real",
www/common/translations/messages.es.json:    "tos_title": "Condiciones de servicio Cryptpad",
www/common/translations/messages.es.json:    "tos_e2ee": "Los documentos Cryptpad pueden ser leídos o modificados por cualquiera que pueda adivinar o que pueda tener el enlace. Recomendamos que utilices mensajes cifrados de punto a punto (e2ee) para compartir URLs, no asumimos ninguna responsabilidad en el evento de alguna fuga.",
www/common/translations/messages.es.json:    "topbar_whatIsCryptpad": "Qué es CryptPad",
www/common/translations/messages.es.json:    "settings_autostoreHint": "<b> Automático </b> Todos los pads que visita se almacenan en su CryptDrive. <br> <b> Manual (siempre pregunte) </b> Si aún no ha guardado un pad, se le preguntará si desea para almacenarlos en su CryptDrive. <br> <b> Manual (nunca preguntar) </b> Los Pads no se almacenan automáticamente en su Cryptpad. La opción para almacenarlos estará oculta.",
www/common/translations/messages.fi.json:    "home_host": "Tämä on itsenäinen yhteisön ylläpitämä Cryptpad-instanssi.",
www/common/translations/messages.fi.json:    "topbar_whatIsCryptpad": "Mikä on CryptPad",
www/common/translations/messages.fr.json:    "topbar_whatIsCryptpad": "Qu'est-ce que CryptPad",
www/common/translations/messages.fr.json:    "admin_updateAvailableHint": "Une nouvelle version de Cryptpad est disponible",
www/common/translations/messages.id.json:    "main_title": "Cryptpad: Informasi Aman, Kolaborasi Waktu Nyata"
www/common/translations/messages.it.json:    "topbar_whatIsCryptpad": "Cos'è CryptPad",
www/common/translations/messages.it.json:    "settings_autostoreHint": "<b>Automatico</b> Tutti i pad che visiti sono conservati nel tuo CryptDrive.<br><b>Manuale (chiedi sempre)</b> Se non hai ancora conservato alcun pad ti verrà chiesto se vuoi conservarli nel tuo CryptDrive.<br><b>Manuale (non chiedere mai)</b> I pads non sono conservati automaticamente nel tuo Cryptpad. L'opzione di conservarli sarà nascosta.",
www/common/translations/messages.it.json:    "survey": "Sondaggio Cryptpad",
www/common/translations/messages.it.json:    "crowdfunding_button": "Supporta Cryptpad",
www/common/translations/messages.ja.json:    "topbar_whatIsCryptpad": "CryptPadとは何か",
www/common/translations/messages.json:    "settings_autostoreHint": "<b>Automatic</b> All the pads you visit are stored in your CryptDrive.<br><b>Manual (always ask)</b> If you have not stored a pad yet, you will be asked if you want to store them in your CryptDrive.<br><b>Manual (never ask)</b> Pads are not stored automatically in your Cryptpad. The option to store them will be hidden.",
www/common/translations/messages.json:    "topbar_whatIsCryptpad": "What is CryptPad",
www/common/translations/messages.nb.json:    "topbar_whatIsCryptpad": "Hva er CryptPad",
www/common/translations/messages.nl.json:    "settings_autostoreHint": "<b>Automatisch</b> Alle geopende werkomgevingen worden automatisch opgeslagen in uw CryptDrive.<br><b>Handmatig (altijd vragen)</b> Als u een werkomgeving nog niet hebt opgeslagen, zult u gevraagd worden of u het in uw CryptDrive wilt opslaan.<br><b>Handmatig (nooit vragen)</b> Werkomgevingen worden niet automatisch opgeslagen in uw Cryptpad. The optie om op te slaan wordt verborgen.",
www/common/translations/messages.pl.json:    "main_title": "Cryptpad: Wspólne edytowanie w czasie rzeczywistym, bez wiedzy specjalistycznej",
www/common/translations/messages.pl.json:    "tos_title": "Warunki korzystania z usług Cryptpad",
www/common/translations/messages.pl.json:    "tos_e2ee": "Dokumenty Cryptpad mogą być odczytywane i modyfikowane przez każdego kto może zgadnąć lub w inny sposób uzyskać identyfikator dokumentu. Polecamy korzystania z oprogramowania szyfrującego end-to-end (e2ee) do udostępniania linków URL. Nie będziesz rościł sobie żadnych wierzytelności w wypadku gdy taki URL dostanie się w niepowołane ręce.",
www/common/translations/messages.pt-br.json:    "main_title": "Cryptpad: Zero Knowledge, Edição Colaborativa em Tempo Real",
www/common/translations/messages.pt-br.json:    "tos_title": "Termos de serviço doCryptpad",
www/common/translations/messages.pt-br.json:    "topbar_whatIsCryptpad": "O que é CryptPad",
www/common/translations/messages.ro.json:    "settings_autostoreHint": "<b>Automat</b> Toate documentele accesate sunt stocate în CryptDrive-ul dumneavoastră.<br><b>Manual (întreabă întotdeauna)</b> Dacă nu ai stocat încă un document, vei fi întrebat dacă dorești să îl stochezi în Cryptdrive-ul tău.<br><b>Manual (nu mai întreba)</b> Documentele nu sunt stocate automat în Cryptpad-ul tău. Opțiunea de a le stoca ulterior va fi ascunsă.",
www/common/translations/messages.ru.json:    "topbar_whatIsCryptpad": "Что такое CryptPad",
www/common/translations/messages.zh.json:    "footer_aboutUs": "關於 Cryptpad", for many more examples
2021-08-04 14:18:07 +05:30
ansuz 3b44c09bc4 check COOP headers for multiple endpoints
and improve some error reporting in the checkup RPC
2021-07-01 16:42:09 +05:30
ansuz 942a136886 somewhat stricter httpUnsafeOrigin validation 2021-06-15 03:52:12 +05:30
ansuz 98c8d7086f include instance version in Env 2021-06-09 18:43:31 +05:30
ansuz 87a52b67f5 re-add an incorrectly removed curly brace 2021-06-09 14:23:58 +05:30
ansuz 41db88a360 WIP admin 'network' panel 2021-06-08 20:24:30 +05:30
ansuz b88963cec2 conditionally log some information about the checkup page when launching the server 2021-06-01 17:53:57 +05:30
ansuz 32494fca0c let NGINX handle its own headers 2021-05-12 14:29:29 +05:30