Commit graph

33 commits

Author SHA1 Message Date
Ashod Nakashian
08909b2a3d loolwsd: doxygen comments added to all classes
Change-Id: Ia485c2dcec20a6840d46836a61f75a8e7e8762ed
Reviewed-on: https://gerrit.libreoffice.org/28128
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-08-15 03:12:31 +00:00
Pranav Kant
a97b4f52b8 loolwsd: Make FileServer a singleton 2016-07-28 13:54:50 +05:30
Pranav Kant
f9b86d749d loolwsd: Split FileServer into header/implementation
Change-Id: Idf0d2cb92028a79b8b32e0225ce5be1a1156542e
2016-07-19 22:53:48 +05:30
Pranav Kant
478879f181 loolwsd: Reorder header files alphabetically
Change-Id: Ic83155ddf596c7d5168ef37721417d211b85313d
2016-07-19 22:53:48 +05:30
Pranav Kant
9b29565448 loolwsd: security: Sanitize user input before generating HTML
Change-Id: I835bc84ba197a31745cd593c22571ae9f9ad7b1a
2016-07-19 20:54:07 +05:30
Marco Cecchetti
6e616b745f loolwsd: SSL support can be enabled/disabled on server start
SSL support is enabled by default, it can be disabled by passing the
`--disable-ssl` switch on the command line or by setting `ssl.enable`
property in loolwsd.xml config file.

It is still possible to build loolwsd with no SSL support at all.

Change-Id: I00f952edc64f87f61505af44fdc2a715780dc44c
Reviewed-on: https://gerrit.libreoffice.org/27288
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
2016-07-19 08:59:49 +00:00
Ashod Nakashian
d281813c06 bccu#1909 - loolwsd command line options vs. config file and package upgrades
Removed admin-console creds and allow-local-storage.

Change-Id: If281b6320caee5d28007063591325eb98ba8e01b
Reviewed-on: https://gerrit.libreoffice.org/26670
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-06-26 00:31:00 +00:00
Pranav Kant
8cc367638f bccu#1871: Add url prefix to websocket urls
Normal websocket connections are now :
/lool/ws/filename

Admin websocket is now :
/lool/adminws/

Change-Id: If39382cb852d89ed0394adbd7fe168fe4767a075
Reviewed-on: https://gerrit.libreoffice.org/26029
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
2016-06-08 14:06:20 +00:00
Andras Timar
7e625d5f42 loolwsd: respect server_name setting 2016-06-05 16:38:48 +02:00
Andras Timar
2fbcbdfa87 loolwsd: enable UI customization by replacing loleaflet.html from config 2016-05-11 16:30:05 +02:00
Jan Holesovsky
ea082d6363 Use git hash for the loleaflet location instead of version. 2016-05-10 11:48:41 +02:00
Henry Castro
ae80052e80 loolwsd: add mime type svg 2016-05-04 16:17:29 -04:00
Jan Holesovsky
97342a2817 bccu#1653: Make the .html's, .css's and .js's versioned.
It is still possible to access them directly via loleaflet/dist/<something>,
but such use can lead to unexpected behaviour due to various caching in the
browsers etc.
2016-04-20 12:58:10 +02:00
Ashod Nakashian
4254ddad77 loolwsd: consistently set HTTP status and reason everywhere
Change-Id: Ie538e4907e3a3a514918000bb585d2aaf182e468
Reviewed-on: https://gerrit.libreoffice.org/24132
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-04-16 17:29:35 +00:00
Ashod Nakashian
fe952794f0 loolwsd: don't expose private members
Change-Id: I049c92d0ddb296058fad283fffc291348b4608b1
Reviewed-on: https://gerrit.libreoffice.org/24131
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-04-16 17:29:11 +00:00
Ashod Nakashian
93d3f806e1 loolwsd: logging and cosmetics
Change-Id: I413a2e40f480ba41e37c7442724c3f037528f89b
Reviewed-on: https://gerrit.libreoffice.org/24130
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-04-16 17:28:45 +00:00
Ashod Nakashian
c2560725db loolwsd: admin uses config for ssl key
Change-Id: I38b0f59c158698a6eb89d4b671001e1d8cb61673
Reviewed-on: https://gerrit.libreoffice.org/24129
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-04-16 17:27:43 +00:00
Jan Holesovsky
b09b6eab89 Only the access_token (and _ttl) is supposed to be passed via the form post. 2016-04-13 18:32:00 +02:00
Jan Holesovsky
7e67b38832 Add some paranoia... 2016-04-13 13:44:18 +02:00
Jan Holesovsky
484335321f Introduce LOOLWSD::SSLEnabled for runtime, and allow non-SSL access via WOPI. 2016-04-13 13:11:06 +02:00
Tor Lillqvist
f6d9b2c099 Consistency is a virtue
(But sure, tons of much more annoying inconsistencies in style
remain.)
2016-04-08 11:09:46 +03:00
Henry Castro
dd96c6a4de loolwsd: handle a POST request in loleaflet 2016-04-07 17:20:45 -04:00
Ashod Nakashian
29c9ecba2a loolwsd: deny access to directories outside of FileServerRoot
Change-Id: Iea92982ebd5f111c946eb1b12f5dfd7602fffd70
Reviewed-on: https://gerrit.libreoffice.org/23879
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-04-07 04:43:05 +00:00
Ashod Nakashian
1f88aede00 loolwsd: Admin Console credentials passed on the command line
A new command-line argument, admincreds, must be provided
to set the Admin Console credentials.

The new command-line argument specifies the username
and password in the following format: username/password

If not provided, Admin Console is disabled for security
reasons. A warning is emitted at startup and an error
on every invocation of Admin Console is logged when
no credentials are defined.

Change-Id: I348623949fd0b292f5066e4955759c708204540f
Reviewed-on: https://gerrit.libreoffice.org/23878
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
2016-04-07 04:42:15 +00:00
Jan Holesovsky
204a9c742f loolwsd: Allow asking for credentials even during websocket setup.
It may happen that admin.html is cached, which leads to the cookie not being
set up, which then leads to endless amount of attempts to log in.
2016-04-06 20:17:24 +02:00
Pranav Kant
d26246dab0 loolwsd: Temporarily use hard-coded path to key file
We will switch to reading all these values as soon as wip
configuration file object is accessible globally.

Change-Id: I16eff339349683050be1985eefabc34854cccba3
2016-03-31 00:56:57 +05:30
Pranav Kant
7f371958ae SSL everywhere
Use same port (9989) for all client connections. This includes
admin panel, static file serving and normal client websocket
connections.

Change-Id: Idcfd7dd8925523c36e884717c41a3b6a827f6ff3
2016-03-22 00:05:29 +05:30
Pranav Kant
7b763f0aff loolwsd: Allow specifying custom file server root
By default, use git directory root.

Change-Id: I4ee1173c43f313de3abb1732e6a7401169896189
2016-03-22 00:05:29 +05:30
Pranav Kant
4699e98c30 loolwsd: FileServer class to serve static contents
Only purpose, at the moment, is to create
Poco::HTTPRequestHandler which would be passed on the serving
handling the static file requests.

Change-Id: I97c3fc0c73da077d3efee919416098b880c9c2ad
2016-03-22 00:05:29 +05:30
Tor Lillqvist
1ba4d27aba Revert "loolwsd: FileServer class to serve static contents"
This reverts commit 8f435d6e7e.
2016-03-21 16:52:54 +02:00
Tor Lillqvist
09d3c5f230 Revert "loolwsd: Allow specifying custom file server root"
This reverts commit a5f8ba44a2.
2016-03-21 16:52:46 +02:00
Pranav Kant
a5f8ba44a2 loolwsd: Allow specifying custom file server root
By default, use git directory root.

Change-Id: I4ee1173c43f313de3abb1732e6a7401169896189
2016-03-21 16:33:47 +02:00
Pranav Kant
8f435d6e7e loolwsd: FileServer class to serve static contents
Only purpose, at the moment, is to create
Poco::HTTPRequestHandler which would be passed on the serving
handling the static file requests.

Change-Id: I97c3fc0c73da077d3efee919416098b880c9c2ad
2016-03-21 16:31:41 +02:00