Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-02-25 | Backend and frontend protection against csrf attacks: | NavaL | |
- root resources changes the csrf token cookie everytime it is loaded, in particular during the intestitial load during login - it will also add that cookie on single user mode - initialize will still load all resources - but they you cant access them if the csrf token do not match - all ajax calls needs to add the token to the header - non ajax get requests do not need xsrf token validation - non ajax post will have to send the token in as a form input or in the content Issue #612 | |||
2016-02-24 | Recreate session on soledad problems | Folker Bernitt | |
- Issue #615 - invalid token raised by soledad after timeout, if we see this, recreate the session on next login | |||
2016-02-23 | Only do initial sync on session creation | Folker Bernitt | |
- Issue #615 - Fixed some long broken but not failing tests | |||
2016-02-22 | Revert "Revert "Filter keys from attachments #608 w/ @deniscostadsc"" | Giovane | |
This reverts commit f92e802df2aeec9b2341ba5b4efea48356edf01f. | |||
2016-02-22 | Removes stacktrace errors from appearing on the login page. | NavaL | |
For the case of wrong file path or file not existing Issue #214 | |||
2016-02-22 | Removes stacktrace errors from appearing on the login page. | NavaL | |
Instead shows a generic: "invalid xml format" message Issue #214 | |||
2016-02-22 | Merge pull request #621 from phss/add-security-headers | Folker Bernitt | |
Add recommended security headers | |||
2016-02-20 | Revert "Filter keys from attachments #608 w/ @deniscostadsc" | NavaL | |
This reverts commit f1b338e5564a8458c906f903ee7e0383dae86287. | |||
2016-02-20 | Add recommended security headers from #618 | Paulo Schneider | |
2016-02-19 | Filter keys from attachments #608 w/ @deniscostadsc | Giovane | |
- Filtering attachments by content type application/pgp-keys | |||
2016-02-12 | attachments are only un-linked from emails but not deleted in soledad | Jefferson Stachelski | |
- removed backend delete of attachments - JS unit tests - Functional test Issue #549 | |||
2016-02-12 | Revert "Revert "Issue #549 - Implemented remove attachment"" | NavaL | |
This reverts commit 3c6b905d7e5b78e521b2e7692e5e32b7b0c226bc. | |||
2016-02-12 | mocking all paths to exists | NavaL | |
Issue #604 | |||
2016-02-11 | adds argument to supply custom disclaimer/banner on login screen | NavaL | |
Issue #598 | |||
2016-02-11 | Redownload SMTP certficates if necessary | Folker Bernitt | |
- Issue #591 - using leaps should_redownload for check | |||
2016-02-10 | Fix Issue #596: Provide correct content-type | Felix Hammerl | |
Provide the proper content-type Quote filename due to Firefox bug https://bugzilla.mozilla.org/show_bug.cgi?id=221028 | |||
2016-02-10 | Download SMTP client certificate, not VPN one | Folker Bernitt | |
- Issue #591 | |||
2016-02-09 | Close account on session close | Folker Bernitt | |
- Issue #586 | |||
2016-02-09 | Small fix to wrap entire KeyManager in test_nicknym.py | Folker Bernitt | |
2016-02-08 | Revert "Issue #549 - Implemented remove attachment" | Felix Hammerl | |
This reverts commit 9442be5c230e286073244451189ffc05ae6c8083. | |||
2016-02-08 | mocking register/unregister key generation event, on close | NavaL | |
- fixing build Issue #586 | |||
2016-02-05 | suppressing Error logs being spit out in tests | NavaL | |
2016-02-05 | closing the services closes leap session, which stops background tasks, ↵ | NavaL | |
close soldedad and remove it from cache Issue #586 | |||
2016-02-04 | Issue #549 - Implemented remove attachment | Jefferson Stachelski | |
2016-02-03 | Make load test configurable when invites are disabled | Giovane | |
2016-02-03 | reverting unnecessary steps to not re-load leap-sessions on re-login, as ↵ | NavaL | |
they are already cached from leap side - fixing build Issue #590 | |||
2016-02-03 | checks to load leap sessions and services or not | NavaL | |
Issue #590 | |||
2016-02-03 | move leap session creation to be done after interstitial is loaded | NavaL | |
Issue #590 | |||
2016-02-02 | remove commented line | Victor Shyba | |
2016-02-02 | Merge branch 'load', the load testing code | Victor Shyba | |
2016-02-02 | load test now using invites | Victor Shyba | |
pairing with NavaL | |||
2016-02-02 | WIP | NavaL | |
2016-02-02 | Don't load attachments when just listing mails | Folker Bernitt | |
2016-02-01 | Fix unit tests | Giovane | |
2016-01-29 | Fix: Only act on generated keys for current user | Folker Bernitt | |
- Issue #587 | |||
2016-01-28 | Issue #550 - Adding BDD tests to cover case when file is bigger than 1 MB. | Gislene Pereira | |
2016-01-28 | Add Strict-Transport-Security header to user agent | Folker Bernitt | |
- Issue #584 | |||
2016-01-28 | added ft step | NavaL | |
Issue #583 | |||
2016-01-28 | making async setup user services after auth | NavaL | |
Issue #583 | |||
2016-01-28 | removed unnecessary imports, and wrong yields | NavaL | |
Issue #576 | |||
2016-01-27 | Revert "Issue #550 - Adding BDD tests to cover case when file is bigger than ↵ | Gislene Pereira | |
1 MB." The 1MB file upload is timing out in snap and breaking the build. I'm reverting this commit in order to better investigate how to solve the problem. This reverts commit 31aca931fd1ec76a4ffd9099bb6b13894a9d64be. | |||
2016-01-27 | Issue #550 - Adding BDD tests to cover case when file is bigger than 1 MB. | Gislene Pereira | |
2016-01-27 | Disable CSP for phantomjs | Folker Bernitt | |
- disable only during phantomjs tests - CSP headers seem to prevent sendkey webdriver capability | |||
2016-01-27 | Add a login multi user functional test | Folker Bernitt | |
- Issue #576 - Extended AppTestClient with multi user support | |||
2016-01-26 | Refactor test account account creation into own class | Folker Bernitt | |
- Issue #576 - Step towards functional tests for multi user | |||
2016-01-26 | minor refactorings | NavaL | |
Issue #576 | |||
2016-01-26 | tests only input names on the login form | NavaL | |
Issue #576 | |||
2016-01-25 | added integration test | NavaL | |
Issue #576 | |||
2016-01-25 | multi user unit test | NavaL | |
Issue #576 | |||
2016-01-25 | Fix: Ignore missing mail data error when creating search index | Folker Bernitt | |
- Should fix accounts that can currently not log in because of mails where part of the docs are missing - Does only fix the symptoms |