colin
/
bookstack
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,779 Commits 1 Branch 0 Tags 48 MiB
Commit Graph

2779 Commits

Author SHA1 Message Date
Dan Brown 55be75dee2
Merge pull request #2957 from BookStackApp/dependabot/composer/composer/composer-2.1.9 
Bump composer/composer from 2.1.8 to 2.1.9
 2021-10-06 10:52:02 +01:00
dependabot[bot] 644bbebb6e
Bump composer/composer from 2.1.8 to 2.1.9 
Bumps [composer/composer](https://github.com/composer/composer) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/composer/composer/releases)
- [Changelog](https://github.com/composer/composer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/composer/composer/compare/2.1.8...2.1.9)

---
updated-dependencies:
- dependency-name: composer/composer
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-10-05 20:57:31 +00:00
Dan Brown f99af807d0
Reviewed and refactored additional editor draft save warnings 
- Added testing to cover warning cases.
- Refactored logic to be simpler and move much of the business out of
  the controller.
- Added new message that's more suitable to the case this was handling.
- For detecting an outdated draft, checked the draft created_at time
  instead of updated_at to better fit the scenario being checked.
- Updated some method types to align with those potentially being used
  in the logic of the code.
- Added a cache of shown messages on the front-end to prevent them
  re-showing on every save during the session, even if dismissed.
 2021-10-04 20:26:55 +01:00
Dan Brown 756b55bbff
Merge branch 'conflict_warnings' of https://github.com/MatthieuParis/BookStack into MatthieuParis-conflict_warnings 2021-10-04 17:10:40 +01:00
Dan Brown e37bbf2925
Updated translator attribution before release v21.08.4 2021-10-04 16:24:17 +01:00
Dan Brown ec61e45a2b
New Crowdin updates (#2926) 
* New translations settings.php (French)

* New translations auth.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations activities.php (French)

* New translations common.php (French)

* New translations entities.php (French)

* New translations common.php (French)

* New translations components.php (French)

* New translations settings.php (French)

* New translations auth.php (French)

* New translations settings.php (Russian)

* New translations validation.php (Russian)

* New translations settings.php (Russian)

* New translations auth.php (Russian)

* New translations settings.php (Russian)

* New translations auth.php (Russian)

* New translations entities.php (French)

* New translations auth.php (French)

* New translations entities.php (French)

* New translations auth.php (French)

* New translations settings.php (French)

* New translations validation.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations errors.php (French)

* New translations passwords.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations settings.php (French)

* New translations entities.php (German)

* New translations settings.php (German)

* New translations entities.php (German Informal)

* New translations settings.php (German Informal)

* New translations settings.php (German)

* New translations settings.php (German Informal)

* New translations settings.php (French)

* New translations settings.php (Vietnamese)

* New translations settings.php (Slovenian)

* New translations settings.php (Swedish)

* New translations settings.php (Turkish)

* New translations settings.php (Ukrainian)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Chinese Traditional)

* New translations settings.php (Portuguese, Brazilian)

* New translations settings.php (Portuguese)

* New translations settings.php (Indonesian)

* New translations settings.php (Persian)

* New translations settings.php (Spanish, Argentina)

* New translations settings.php (Croatian)

* New translations settings.php (Latvian)

* New translations settings.php (Bosnian)

* New translations settings.php (Slovak)

* New translations settings.php (Polish)

* New translations settings.php (Russian)

* New translations settings.php (Czech)

* New translations settings.php (German)

* New translations settings.php (German Informal)

* New translations settings.php (Spanish)

* New translations settings.php (Arabic)

* New translations settings.php (Bulgarian)

* New translations settings.php (Catalan)

* New translations settings.php (Danish)

* New translations settings.php (Dutch)

* New translations settings.php (Hebrew)

* New translations settings.php (Hungarian)

* New translations settings.php (Italian)

* New translations settings.php (Japanese)

* New translations settings.php (Korean)

* New translations settings.php (Lithuanian)

* New translations settings.php (Norwegian Bokmal)

* New translations settings.php (Spanish)

* New translations activities.php (Slovak)

* New translations errors.php (Slovak)

* New translations settings.php (Slovak)

* New translations auth.php (Slovak)

* New translations common.php (Slovak)

* New translations entities.php (Slovak)

* New translations settings.php (Slovak)

* New translations activities.php (Slovak)

* New translations settings.php (French)

* New translations settings.php (Russian)

* New translations settings.php (German)

* New translations settings.php (Polish)

* New translations validation.php (Polish)

* New translations auth.php (Vietnamese)

* New translations auth.php (Vietnamese)

* New translations activities.php (Vietnamese)

* New translations common.php (Vietnamese)

* New translations entities.php (Vietnamese)

* New translations settings.php (Chinese Simplified)

* New translations settings.php (Italian)

* New translations auth.php (Italian)

* New translations common.php (Italian)

* New translations common.php (German)

* New translations common.php (German Informal)

* New translations settings.php (German)

* New translations common.php (German)

* New translations common.php (German Informal)

* New translations errors.php (German)
 2021-10-04 16:22:16 +01:00
Dan Brown d3a9645161
Allowed page includes on custom home 
For #2279
Old hold-over for when include content permissions were handled less
delicately.
 2021-10-04 11:26:26 +01:00
Dan Brown 505d7e604e
Applied StyleCI changes 2021-09-29 23:53:11 +01:00
Dan Brown 025442fcd9
Reviewed addition to db table prefix 
Review of #2935

- Removed from .env files and added warnings for use if found in config
  file.
- Updated permission service to use whereColumn queries to auto-handle
  use of prefixes.
 2021-09-29 18:41:11 +01:00
Dan Brown 0f66c8a0cc
Merge branch 'floviolleau-db-prefixes' of https://github.com/floviolleau/BookStack into floviolleau-floviolleau-db-prefixes 2021-09-29 18:13:38 +01:00
Dan Brown 887a79f130
Reviewed adding IP recording to activity & audit log 
Review of #2936

- Added testing to cover
- Added APP_PROXIES to .env.example.complete with details.
- Renamed migration to better align the name and to set the migration
  date to fit with production deploy order.
- Removed index from IP column in migration since an index does not yet
  provide any value.
- Updated table header text label.
- Prevented IP recording when in demo mode.
 2021-09-26 17:18:12 +01:00
Dan Brown 8972f7b212
Merge branch 'log-ip-address' of https://github.com/johnroyer/BookStack into johnroyer-log-ip-address 2021-09-26 16:17:28 +01:00
Dan Brown c100560bd9
Applied style ci changes again 2021-09-26 15:49:25 +01:00
Dan Brown 05d99a312d
Applied styleci changes 2021-09-26 15:48:22 +01:00
Dan Brown 5c7eb0df57
Caught old string helper function usage 
Found by Laravel Shift Workbench
 2021-09-26 15:41:11 +01:00
Dan Brown c32b315cd7
Standardised facade usage to use via their FQCN 
Done via Laravel Shift Workbench
 2021-09-26 15:37:55 +01:00
Zero c0da5616f3 Fix coding style 2021-09-23 11:07:13 +08:00
Zero 6418824139 Update translation file 2021-09-20 11:29:14 +08:00
Zero b834f58e87 Add user IP into audit table 2021-09-20 11:29:14 +08:00
Zero 8efaeb068b Save user IP to audit log 2021-09-20 11:29:14 +08:00
Zero 5cf0c99e32 Add IP column 2021-09-20 11:29:14 +08:00
floviolleau dbfa2d58ed
Allow to use DB tables prefix 2021-09-19 14:33:54 +02:00
floviolleau f8abad1e3b
Allow to use DB tables prefix 2021-09-19 14:32:35 +02:00
floviolleau 1a8ae41263
Allow to use DB tables prefix 2021-09-19 14:31:18 +02:00
floviolleau 00af40ab14
Allow to use DB tables prefix 2021-09-19 14:28:57 +02:00
Dan Brown ffdfdc7449
Fixed dodgy test helper signature causing tests to fail 
Just needed some argument defaults to make them optional for existing
uses.
 2021-09-18 21:29:42 +01:00
Dan Brown ba075b46f9
Merge pull request #2928 from BookStackApp/browserkit_removal 
Convert old BrowserKit tests
 2021-09-18 21:28:16 +01:00
Dan Brown c08c8d7aa3
Applied styleci style changes 2021-09-18 21:21:44 +01:00
Dan Brown 6454e24657
Removed browserkit testing from project 
Converted last bits of the roles tests and removed dependancies.
Updated other PHP dependancies at the same time.
 2021-09-18 21:20:38 +01:00
Dan Brown d74255df5d
Started updating RolesTest away from Browserkit 2021-09-18 00:33:03 +01:00
Dan Brown a4d9bca9e1
Converted AuthTest away from BrowserKit 
Moved some user managment tests out to more relevant classess along the
way.
Found some tweaks to make for email confirmation routing as part of
this.
 2021-09-17 23:44:54 +01:00
Dan Brown 90c759e5ca
Rewrote entity permissions tests to be non-browser-kit 2021-09-17 22:35:28 +01:00
Dan Brown 5d93dd258e
Finished moving EntityTests out to new TestCase files 2021-09-17 21:29:16 +01:00
Dan Brown de8cceb0f7
Moved more tests out of EntityTest 2021-09-15 22:18:37 +01:00
Dan Brown 8a7408bd31
Fixed social auth login audit log messages 
Was logging the whole social account instance instead of just the
method.
Updated tests to cover.

Fixes #2930
 2021-09-15 20:55:10 +01:00
Dan Brown 121a746d59
Moved/Updated old Activity tracking tests, started on entity tests 
Started moving old EntityTests into more appropriate places within
non-browserkit-test classes. Still many more to do.
 2021-09-13 23:26:39 +01:00
Dan Brown badaf08e55
Removed browserkit from a couple of classess 
Done a little reorganisation while there of misplaced tests.
Moved MarkdownTest to a new PageEditorTest to avoid confusion with
other markdown elements and to align with other page tests.
 2021-09-13 22:54:21 +01:00
Dan Brown 8565187138
Added border to generated TOTP QR code 
To fix QR code not being scannable when in dark mode due to
lack of border matching background of QR code.

Fixes #2925
 2021-09-13 14:23:54 +01:00
Dan Brown 2eafd8335c
Updated translators for v21.08.3 2021-09-12 16:25:33 +01:00
Dan Brown e2f9089f56
New Crowdin updates (#2915) 
* New translations auth.php (Spanish)

* New translations activities.php (Italian)

* New translations settings.php (Italian)

* New translations entities.php (Italian)

* New translations validation.php (Italian)

* New translations activities.php (Danish)

* New translations auth.php (Danish)

* New translations common.php (Danish)

* New translations settings.php (Danish)

* New translations entities.php (Danish)

* New translations auth.php (Danish)

* New translations common.php (Danish)

* New translations errors.php (Danish)

* New translations validation.php (Danish)

* New translations activities.php (Russian)

* New translations auth.php (French)

* New translations auth.php (French)

* New translations settings.php (French)

* New translations entities.php (French)

* New translations auth.php (French)
 2021-09-12 16:25:05 +01:00
Dan Brown ef459ca4c4
Altered the parsing of custom head to prevent htmlentities on content 
Was causing things like emjoi within script content to be somewhat
mangled. Instead we force UTF8 only parsing via XML declaration.

Added test to cover.

For #2923
 2021-09-12 16:19:17 +01:00
Dan Brown fb80bb5d58
Applied latest styleci changes 2021-09-06 22:19:06 +01:00
Dan Brown 88c698796b
Fixed issue with HTML tags in custom head scripts 
Fixes a strange issue of HTML tags within script tags being malformed
when part of the HTML custom head content due to the PHP parsing we do.
DOMDocument seemed to cause this upon load.
Adding LIBXML_SCHEMA_CREATE to the ->loadHTML call seems to fix this but
not really sure why. Doesn't seem to cause further issues though.
Tested with multiple scripts and styles and comments and meta tags.

- Also added new testing class to cover.
- As part of testing, added new folder within tests to house setting
  specific tests.

For #2914
 2021-09-05 23:52:39 +01:00
Dan Brown d815e1b9f2
Merge branch 'html-filtering' 2021-09-04 14:53:46 +01:00
Dan Brown 492af79c27
Added a couple of additional CSP rules 
As per guidance from google's CSP evaluator.
 2021-09-04 14:34:43 +01:00
Dan Brown 253f386f00
Finished off script CSP rules 
- Added caching for custom html head parsing to add nonce.
- Also moved api docs page into web routes to prevent issues.
 2021-09-04 13:57:04 +01:00
Dan Brown fd44e4ba74
Started application of CSP headers 2021-09-03 23:32:42 +01:00
Dan Brown 040997fdc4
Added filter for xlink:href svg xss 
Simply remove all such attributes
 2021-09-03 22:34:49 +01:00
Dan Brown 5e6092aaf8
Added extra HTML filtering of dangerous content 
In particular, That around the casing of dangerous values within
attributes. This uses some xpath translation to handle different casing
in contains searching.
 2021-09-02 22:02:30 +01:00
Dan Brown a579b7da21
Updated translator attribution before release v21.08.1 2021-09-02 21:11:23 +01:00