Rendering PDF documents to images can consume
large amount of memory. Here we limit the
maximum allowed resolution to 384. This is
about 400% zoom resolution, given that the
100% resolution is 96 dpi.
If this proves limiting, it can be increased
to 480 dpi, which is about 500% zoom scale.
Change-Id: I719118d517bbaf8b204411223f1e26a31b97ca99
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
The defined envar is used by Core to override its
default resolution (of 96 dpi), when specified.
Change-Id: Ie7164e78f98990ac88b02dbfe2becbae8c134e9c
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
"Specifies whether the macro execution is enabled in
general. This will disable Basic, Beanshell, Javascript
and Python scripts. If it is set to false, the
macro_security_level is ignored. If it is set to true,
the mentioned entry specified the level of macro security".
Change-Id: I4bc5b690268a93994d17e2b02b7b60b6398646b7
Signed-off-by: Henry Castro <hcastro@collabora.com>
This reverts commit f6bf6f49ed. I did not
consider that this makes it harder to do a local developer setup with
reverse proxy + make run; also that if you don't read the doc to set up
a reverse proxy, then the default now serves http content and advertises
https, which is not helping sysadmins.
This needs more thinking how to improve one scenario without hurting
others.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: Ic789faa2dc5bb19a79d651dc81d4eaaf0b48607a
The intention is to have defaults which are close to how people
typically use Online in production.
However, keep using ssl for 'make run', so that the https environment in
the browser is unchanged.
Signed-off-by: Miklos Vajna <vmiklos@collabora.com>
Change-Id: I7fd725a83b0e9ca1012f2c0e0c3bf038e5fa0059
The default Poco connection timeout is 60 seconds,
which is probably excessive. The current configurable
default is a more reasonable 30 seconds.
Currently we set this timeout on Storage connections
going out (i.e. WOPI connections).
Change-Id: Ie80a9141ca9bf721addc74baf94e62e0ad72fdd2
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/98913
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ash@collabora.com>
loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc.. When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).
A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.
Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.
The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.
This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.
As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.
The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.
The random temp directory is now created and set
correctly, plus many logging and other improvements.
Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Environment variable in sysconfig.loolwsd was not good, because:
1) it was a systemd antipattern
2) this systemd environment file was not present on all distros
3) we had to take care about this separately, when we did not start
loolwsd from systemd
Change-Id: I5c47668ca388c2f4b0afd6da8c575a3fb3cfab3b
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/96291
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Andras Timar <andras.timar@collabora.com>
This is the new default - do as we're told by the client.
The old setting is left to allow users to force SSL if they are
concerned that they may receive unhelpful URLs.
Change-Id: Idea83aacea6826a8f37264e34d49c7550efe6d27
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/93179
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
This reverts commit df4a241d0f.
Reason for revert: As we agreed, we have to improve the default,
but this patch actually just doubles something that is working
out of the box.
Change-Id: Idc22dabc3621d537f1bba3bc3b13a7d943c80c36
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92299
Tested-by: Jan Holesovsky <kendy@collabora.com>
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
If you don't want protocol logging by default in debugging builds
then either poke loolwsd.xml:
<protocol type="bool" descr="Enable minimal client-site JS protocol logging from the start">false</protocol>
Or - configure with --disable-debug and --disable-debug-protocol.
Also remove redundant and unused co-ordinate parameters to the
message queue, and logging.
Change-Id: I489e32ef4758a6f0ef35c8d8d322a402a3e268e6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/91096
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
For better performance, many comment boxes reduce performance in
browser.
Change-Id: If041c3d147ee7512d90f41a4a1bfe7a1ff8646a9
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/89065
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
in loolwsd.xml. If set, watermarks will be the same
as entered for all the views instead of per view
watermarks sent in CheckFileInfo
Change-Id: I0943520423abc2567f44920f8679057b3cfbf01f
Reviewed-on: https://gerrit.libreoffice.org/83666
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Also add a config option for logging.protocol - to help catch early
protocol issues during startup.
Change-Id: I6f0cc6dcf14b2797bc6b2bd36c44750d74eb0608
storage.ssl.enable=false by default is not good. loolwsd default config should
work, e.g. in case of snapshot docker images. When ssl.enable=true, this implies
storage.ssl.enable=true, because browsers do not allow mixed content, so it is
not possible to connect to the storage with plain HTTP, while the content from
loolwsd is served with HTTPS.
TODO: find out what to do in case of upgrade, when the user has an old config
file. Probably storage.ssl.enable should default to ssl.enable when it is not
present in config file.
Change-Id: Ifdcb070745d649dd9840dccf2e5641058a13d4e4
Reviewed-on: https://gerrit.libreoffice.org/80660
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
It was not very useful to let this setting configurable by the user.
On the other hand, old path in config file caused issues after
upgrade. It is better to decide the location of LOKit core
during compilation. From now on the --with-lo-path configure
option is compulsory.
Change-Id: Icdcbc21bde5dad329fdb6e30ed17efde6b0e73de
Reviewed-on: https://gerrit.libreoffice.org/79943
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
Better hashing algorithm based on FNV-1a.
Adds support for salting the hash, and
for providing salt via configuration.
More unit-tests added, and better formatting.
Change-Id: I2be42675d0cdbaa73c3d7faed99e07631a9c20fc
Reviewed-on: https://gerrit.libreoffice.org/70034
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Reviewed-on: https://gerrit.libreoffice.org/71091
This simplifies the anonymization configuration
as virtually always they are all either enabled
together, or not at all.
Change-Id: I6fe60f5287fc5d71cd7a6ac3268eac67e5e6e9fb
Reviewed-on: https://gerrit.libreoffice.org/70033
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Reviewed-on: https://gerrit.libreoffice.org/71090
The default behavior is unchanged: once the last editor exits, we still
only perform a save when the document is modified.
It's possible to opt in for the new behavior, though: in that case the
save after the exit of the last editor will happen even for unmodified
documents.
Change-Id: I14c17035a932cf952217f3b71fdef57fede0ce24
The code already assumed a signed integer, but the configuration advertised
unsigned, standardize on signed.
This way it doesn't matter if the "disable" value is zero or a negative
number.
Change-Id: I56632c8a36be01afefdc5f2a35e70bde945d69d3
