| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
Admin users are stored in .ini files and are not full-fledged user
documents. Internally, a fake document is made to allow insertion into
the auth cache. CouchDB 1.6 introduced a feature to upgrade password
hashes from the legacy simple hash scheme to the stronger PBKDF2
scheme. It inappropriately attempted to do this to the fake admin
docs, which do not pass the _design/_auth validation checks. This is
fortunate, however, as CouchDB would then have written the admin users
into the users database causing widespread confusion and fear.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Further updating instances of <%= and to <%- within documents to correctly handle HTML interpolation.
Tested for regression in
- 34.0.1847.131
- Safari 7.0.2
Signed-off-by: Alexander Shorin <kxepal@apache.org>
|
| |
|
|
|
|
|
|
| |
- matches what the code can support after last Mochiweb update
- update .travis.yml file to match 17.0 release
- update docs
|
| |
|
| |
|
|
|
|
|
| |
- OTP 17.0 uses a different numbering system for releases and patches, but not semver.org
- the major version number will be bumped for the first time in 4 years
|
|
|
|
|
|
|
|
|
|
|
|
| |
R14B01 and R14B02 both are affected to OTP-9167 Erlang issue which
causes 4 tests failure because supervisor restarts worker with old
ChildSpec ignoring changes in use_checkpoint options.
This fix makes all tests passed, but leaves a notice in verbose mode
that there is a problem and how it could be resolved.
Another possible solution is to isolate test_use_checkpoints calls, but
this will be only hide the issue while it still may happened in prod.
|
|
|
|
|
| |
COUCHDB-2220
COUCHDB-1669
|
|
|
|
|
|
|
|
| |
- I tried to not be super heavy handed, only using <%- for values that
could be set with XSS payloads or otherwise come from a user/data.
Conflicts:
src/fauxton/app/addons/auth/templates/nav_link_title.html
|
| |
|
|
|
|
|
|
|
|
| |
The issue happened from time to time on CentOS system: one, two or few
tests failed because ref count wasn't decremented till the very moment
when this value was requested and the result returned back. Adding
sleep timeout helps to synchronise calls and while 0.1 sec sleep is
good, but not enough - with 0.2 sleep floating errors happens no more.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
That's interesting issue: couch_passwords:hash_admin_password accepts
password as binary string, but list one had been passed instead. This
causes crush with function_clause reason. Ok, but this crush left
hidden for R15/R16 - only R14 shows stack trace in output and alerts
that's something wrong. To be honest, *sometimes* it's also possible
to reproduce this test suite crush with modern Erlang releases,
but it will be about Bad Plan: planned 27 test, but run only 26.
Nothing specific.
So, silent crush prevented other tests to be run and also counted by
the plan. Now this is fixed.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|\ |
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| | |
Fix button text trigger
Toggle button gray on click
Change padding
|
| | |
|
| |
| |
| |
| | |
Closes #200
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
Implement copying to clipboard
Change the view
Closes COUCHDB-2206
|
| |
| |
| |
| |
| | |
Remove old linted config
Add resizeColumns to app
|
| |
| |
| |
| |
| | |
* Fix stats css was leaking over to other pages
* Fix new view creation failing for a new design doc
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds leading zeros to the times in the log view. Before that
the times were displayed like 1:5:3 (if it were 01:05:03)
because getHours() and friends are returning a Number and not
a String with a leading 0. In the case of 1:5:3 the corrected
time is now displayed as: 01:05:03. As d3 has a nice date formatter
we do not have to roll our own.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
|\ \
| |/ |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a new version of pagination in Fauxton using skip. It uses a
PagingCollection that has the main algorithm for pagination and exposes
a nice api.
This is an intermediate step as this is a much better pagination than we
have at the moment. However using just skip for pagination is not
optimal as there are two cases where skip pagination fails - For very
large skips and for when documents that a user have paginated past have
been deleted.
The next step once this has landed will be to add in a startkey_docid
pagination as well. The PagingCollection would then decided which method
to use to paginate for an index.
|
| | |
|
| |\ |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Passing unexpected values to auth fields can result in server
issues. Notably, setting "iterations" to a string will cause an
infinite loop as the comparison 'when Iteration > Iterations' will
never evaluate to true.
The latest validate_doc_update prevents user docs with this problem
and administrators can deploy that check themselves (and only
administrators can edit design documents).
A server administrator can also insist on lower and upper bounds for
iteration count to reject weakly protected passwords and
resource-hungry passwords respectively.
COUCHDB-2221
|
| |/ |
|