Commit Graph

24 Commits (1c8b8ce14ad510337f9bf394ffd9db42db8a60a7)

Author SHA1 Message Date
Barış Soner Uşaklı 48b41debe6
fix: vulnerability in cover and admin uploads ()
* fix: vulnerability in cover and admin uploads

* fix: remove old test

* fix: update tests
Julian Lam d6e3f3f058
fix: , broken site if no server-side session ()
* fix: , broken site if no server-side session

During the `addHeader` middleware, a check is now done to see if
`req.session.meta` is present. This value is only present if the user
has a valid server-side session.  If it is missing, then it is probably
safe to assume that the server-side session was deleted (either
intentionally or accidentally). In that scenario, the client-side cookie
should be cleared.

Also, there was an issue where the sessionRefresh flag was never cleared
after a successful login, so that was fixed too.

* feat: exported method to get cookie config

* fix: don't clear cookie if cookie is being set

* fix: socket.io tests

Co-authored-by: Barış Soner Uşaklı <barisusakli@gmail.com>
Baris Usakli ecf39727cc fix:
Barış Soner Uşaklı 557dfd5b47 testing new socket.io-client extraHeaders ()
* testing new socket.io-client extraHeaders

* change mongodb installation
Baris Usakli 1358a89305 closes
Barış Soner Uşaklı e56178f72e remove init socket.io
Barış Soner Uşaklı 4f31dec82c reduce usage of io.emit in tests
Barış Soner Uşaklı 08aaabd33c closes
Barış Soner Uşaklı 01e2263c01 more tests
Barış Soner Uşaklı 052afb10f7 show output if upload fails
barisusakli 0e7740af32 fix tests for subfolder installs
Peter Jaszkowiak dd2b930824 Resolve merge conflicts, minify only `.js` files
Barış Soner Uşaklı 743f758f75 set origin header to url
Peter Jaszkowiak 896c8c7343 ESlint object-curly-spacing
Peter Jaszkowiak 3b0dd2d1ef ESlint padded-blocks
Peter Jaszkowiak feb8405f95 ESlint eol-last
Peter Jaszkowiak a038c66549 ESlint quotes
Peter Jaszkowiak 34e233fe1d ESlint spaced-comment
Peter Jaszkowiak bc1d70c126 ESlint comma-dangle
barisusakli 4b6e4f085d more tests
group cover upload tests
registration approval queue tests
barisusakli 64a662ce50 some upload tests
barisusakli d8a9df74d7 fix wrong error returns, more tests
barisusakli 553ee7dcdd more chat tests
barisusakli 0d90279463 chat controller test