Nemcio/NodeBB
1
0
Fork 0
mirror of https://github.com/NodeBB/NodeBB.git synced 2025-10-31 19:15:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
20,126 Commits 75 Branches 483 Tags
69373fded7ab1b51b9fc70e7bf12ab817dd95a2e
Commit Graph

24 Commits

Author SHA1 Message Date
Barış Soner Uşaklı
48b41debe6 fix: vulnerability in cover and admin uploads (#8419) 
* fix: vulnerability in cover and admin uploads

* fix: remove old test

* fix: update tests
 2020-06-22 12:08:35 -04:00
Julian Lam
d6e3f3f058 fix: #8142, broken site if no server-side session (#8148) 
* fix: #8142, broken site if no server-side session

During the `addHeader` middleware, a check is now done to see if
`req.session.meta` is present. This value is only present if the user
has a valid server-side session.  If it is missing, then it is probably
safe to assume that the server-side session was deleted (either
intentionally or accidentally). In that scenario, the client-side cookie
should be cleared.

Also, there was an issue where the sessionRefresh flag was never cleared
after a successful login, so that was fixed too.

* feat: exported method to get cookie config

* fix: don't clear cookie if cookie is being set

* fix: socket.io tests

Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
 2020-02-06 15:52:37 -05:00
Baris Usakli
ecf39727cc fix: #7912 2019-09-20 11:44:49 -04:00
Barış Soner Uşaklı
557dfd5b47 testing new socket.io-client extraHeaders (#5985) 
* testing new socket.io-client extraHeaders

* change mongodb installation
 2017-10-13 13:57:30 -04:00
Baris Usakli
1358a89305 closes #5907 2017-09-01 18:40:34 -04:00
Barış Soner Uşaklı
e56178f72e remove init socket.io 2017-06-02 17:18:58 -04:00
Barış Soner Uşaklı
4f31dec82c reduce usage of io.emit in tests 2017-06-02 16:51:36 -04:00
Barış Soner Uşaklı
08aaabd33c closes #5642 2017-05-27 23:32:55 -04:00
Barış Soner Uşaklı
01e2263c01 more tests 2017-05-12 17:53:23 -04:00
Barış Soner Uşaklı
052afb10f7 show output if upload fails 2017-05-10 22:05:23 -04:00
barisusakli
0e7740af32 fix tests for subfolder installs 2017-02-25 16:04:04 +03:00
Peter Jaszkowiak
dd2b930824 Resolve merge conflicts, minify only .js files 2017-02-23 18:31:49 -07:00
Barış Soner Uşaklı
743f758f75 set origin header to url 2017-02-23 21:29:28 +03:00
Peter Jaszkowiak
896c8c7343 ESlint object-curly-spacing 2017-02-18 12:30:49 -07:00
Peter Jaszkowiak
3b0dd2d1ef ESlint padded-blocks 2017-02-18 02:32:24 -07:00
Peter Jaszkowiak
feb8405f95 ESlint eol-last 2017-02-18 02:30:48 -07:00
Peter Jaszkowiak
a038c66549 ESlint quotes 2017-02-18 01:56:23 -07:00
Peter Jaszkowiak
34e233fe1d ESlint spaced-comment 2017-02-18 01:25:46 -07:00
Peter Jaszkowiak
bc1d70c126 ESlint comma-dangle 2017-02-17 19:31:21 -07:00
barisusakli
4b6e4f085d more tests 
group cover upload tests
registration approval queue tests
 2016-12-02 14:05:59 +03:00
barisusakli
64a662ce50 some upload tests 2016-11-01 17:33:24 +03:00
barisusakli
d8a9df74d7 fix wrong error returns, more tests 2016-10-26 16:38:48 +03:00
barisusakli
553ee7dcdd more chat tests 2016-10-26 12:07:00 +03:00
barisusakli
0d90279463 chat controller test 2016-10-25 17:56:37 +03:00