New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release/v1.10.0 #583

Open

LinneyS wants to merge 428 commits into master from release/v1.10.0

Member

LinneyS commented Jul 31, 2024

nodejs: tabs menu
nodejs: converting function on index page
java-spring: using java docs-integration-sdk
creating and editing pdf instead docxf
filling by default
forgotten files
delete all files
save as for pdf
handling conversion -9 error
change inserted image
different goback for users

mwgiorno and others added 30 commits

March 6, 2024 14:27


          feat(java): implement delete all files method

767b558


          feat(java-spring): implement delete all files method

c1da8e1


          feat(csharp): implement delete all files method

81f5bdd


          feat(csharp-mvc): implement delete all files method

d43294b


          refactor(nodejs): change parameter name and remove redundant checking

fd21292


          Merge pull request #531 from ONLYOFFICE/feature/php-forced-conversion

cc62ff8

Feature/php forced conversion


          nodejs: fix rename var (9048082)

1699dc2


          Merge remote-tracking branch 'remotes/origin/release/1.8.0' into develop

0f000c1


          changelog: delete all files

ac89417


          refactor(python): create method for deleting user folder and call it …

fbe2423

…inside remove http method


          Merge pull request #529 from ONLYOFFICE/fix/ruby-gemfile-lock

31cf6ca

build(ruby): updated gemfile.lock to 0 vulnerabilities


          Merge remote-tracking branch 'remotes/origin/release/1.8.0' into develop

01d8c0a

# Conflicts:
#	web/documentserver-example/ruby/Gemfile.lock


          fix(python): uncontrolled data used in path expression

bb4aed6


          refactor(csharp): remove console.log

5b6a2ba


          feat(python): handling auto-conversion error(-9)

a7fca1a


          feat(ruby): handling auto-conversion error(-9)

24a3441


          feat(java): handling auto-conversion error(-9)

359cda0


          feat(java-spring): handling auto-conversion error(-9)

b1d66e1


          feat(csharp): handling auto-conversion error(-9)

ca274bc


          feat(csharp-mvc): handling auto-conversion error(-9)

5258fd0


          Merge remote-tracking branch 'remotes/origin/release/1.8.0' into develop

a952858


          refactor(php): change formats retrieval method on frontend

1abcf78


          refactor(python): change formats retrieval method on frontend

abab301


          nodejs: send email and image for protect request

4b7ba35


          nodejs: wopi formsubmit icon

6c09b3f


          nodejs: code alert 177 (e85cb51)

cee60a3


          Merge remote-tracking branch 'remotes/origin/master' into develop

a3016f3


          refactor(ruby): change formats retrieval method on frontend

e1e9efa


          build(nodejs): returned some dependencies versions with breaking changes


          refactor(java): change formats retrieval method on frontend

5217a64

LinneyS and others added 8 commits

July 19, 2024 12:35


          Merge pull request #581 from ONLYOFFICE/fix/nodejs-conversion-error

5fd90b2

Fix/nodejs conversion error


          feat(java-spring): permission submitForm (John Smith: true)

aaea7e4


          Merge pull request #580 from ONLYOFFICE/pdf-form

a3430f7

PDF-forms


          Merge remote-tracking branch 'remotes/origin/master' into develop

4f6a0d5


          reorder changelog

6d4484c


          1.10.0

8d7767e


          fix remove favorite status (0e1a580)

c46b4e1


          tabs to changelog (efac5b9)

7201ec4

github-advanced-security bot found potential problems

View reviewed changes

web/documentserver-example/nodejs/app.js

-                    fileSystem.writeFileSync(req.DocManager.storagePath(correctName), data);
-                    fileSystem.unlinkSync(req.DocManager.storagePath(fileName)); // remove file with the origin extension
+                    if (fileUtility.getFileType(correctName) !== null) {
+                      fileSystem.writeFileSync(req.DocManager.storagePath(correctName), data);

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.

web/documentserver-example/nodejs/app.js

                     const userAddress = req.DocManager.curUserHostAddress();
                     const historyPath = req.DocManager.historyPath(fileName, userAddress, true);
                     // get the history path to the file with a new extension
                     const correctHistoryPath = req.DocManager.historyPath(correctName, userAddress, true);
-                    fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path
+                    if (!keepOriginal) {
+                      fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.
This path depends on a

user-provided value

.

web/documentserver-example/nodejs/app.js

                     const userAddress = req.DocManager.curUserHostAddress();
                     const historyPath = req.DocManager.historyPath(fileName, userAddress, true);
                     // get the history path to the file with a new extension
                     const correctHistoryPath = req.DocManager.historyPath(correctName, userAddress, true);
-                    fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path
+                    if (!keepOriginal) {
+                      fileSystem.renameSync(historyPath, correctHistoryPath); // change the previous history path

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.

web/documentserver-example/nodejs/app.js

-                      path.join(correctHistoryPath, `${correctName}.txt`),
-                    ); // change the name of the .txt file with document information
+                      fileSystem.renameSync(
+                        path.join(correctHistoryPath, `${fileName}.txt`),

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.
This path depends on a

user-provided value

.

web/documentserver-example/nodejs/app.js

-                    ); // change the name of the .txt file with document information
+                      fileSystem.renameSync(
+                        path.join(correctHistoryPath, `${fileName}.txt`),
+                        path.join(correctHistoryPath, `${correctName}.txt`),

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.

web/documentserver-example/nodejs/app.js

    
                    // DocManager.cleanFolderRecursive(uploadDirTmp, true);  // if not, clean the folder with temporary files

                    res.writeHead(200, { 'Content-Type': 'text/plain' }); // and write the error status and message to the response

                    res.write('{ "error": "File type is not supported"}');

                    res.end();

                    return;

                  }

                  fileSystem.rename(file.path, `${uploadDir}/${file.name}`, (error) => { // rename a file

                  fileSystem.rename(file.filepath, `${uploadDir}/${file.originalFilename}`, (error) => { // rename a file

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.

web/documentserver-example/nodejs/app.js

    
                    // DocManager.cleanFolderRecursive(uploadDirTmp, true);  // if not, clean the folder with temporary files

                    res.writeHead(200, { 'Content-Type': 'text/plain' }); // and write the error status and message to the response

                    res.write('{ "error": "File type is not supported"}');

                    res.end();

                    return;

                  }

                  fileSystem.rename(file.path, `${uploadDir}/${file.name}`, (error) => { // rename a file

                  fileSystem.rename(file.filepath, `${uploadDir}/${file.originalFilename}`, (error) => { // rename a file

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.

web/documentserver-example/nodejs/public/javascripts/jscript.js

+                      window.open(url, "_blank");
+                      jq('#hiddenFileName').val("");
+                      jq.unblockUI();
+                      window.location = collectParams();

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

web/documentserver-example/nodejs/public/javascripts/jscript.js

+                      window.open(url, "_blank");
+                      jq('#hiddenFileName').val("");
+                      jq.unblockUI();
+                      window.location = collectParams();

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

web/documentserver-example/nodejs/public/javascripts/jscript.js

+                              url: "file",
+                              complete: function (data) {
+                                  if (JSON.parse(data.responseText).success) {
+                                      window.location = collectParams();

Check warning

Code scanning / CodeQL

DOM text reinterpreted as HTML Medium

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

DOM text

is reinterpreted as HTML without escaping meta-characters.

ZEROM22 and others added 5 commits

August 5, 2024 16:30


          chore(ruby): update dependencies

c01bcf1


          Merge pull request #586 from ONLYOFFICE/feature/ruby-update-deps

6b6fa50

chore(ruby): update dependencies


          update templates

1e6465a


          nodejs: decode filename from utf7 in "save as" process (Fix Bug 69827)

194ad60


          nodejs: opening history for wopi (Fix Bug 70025)

aa42745

github-advanced-security bot found potential problems

View reviewed changes

web/documentserver-example/nodejs/helpers/docManager.js

@@ @@ -464,8 +464,12 @@ @@
                   for (let i = 1; i <= countVersion; i++) { // get keys to all the file versions
                     if (i < countVersion) {
                       const keyPath = this.keyPath(fileName, userAddress, i);
-                      if (!fileSystem.existsSync(keyPath)) continue;
-                      keyVersion = `${fileSystem.readFileSync(keyPath)}`;
+                      if (!fileSystem.existsSync(keyPath)) {

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.
This path depends on a

user-provided value

.

web/documentserver-example/nodejs/helpers/docManager.js

+                        keyVersion = userAddress + fileName + Date.now();
+                        keyVersion = documentService.generateRevisionId(keyVersion);
+                      } else {
+                        keyVersion = `${fileSystem.readFileSync(keyPath)}`;

Check failure

Code scanning / CodeQL

Uncontrolled data used in path expression High

This path depends on a

user-provided value

.
This path depends on a

user-provided value

.

LinneyS and others added 10 commits

September 6, 2024 15:15


          nodejs: percentage on converting (Fix Bug 69567)

1b0867a


          nodejs: fix lint (194ad60)

763512a


          nodejs: fix default actions on mobile (For Bug 65920)

7eac06a


          update submodule with tiff ext

4be1abc


          update empty files (Fix Bug 70100)

f55beaa


          nodejs: replace unsupported symbols in file name

4ae4687


          nodejs: separate method for getting fileName from url (Fix Bug 70092)

8cf285c


          fix(python): replace url to public server for forgotten files

814ed51


          fix(php): replace url to public server for forgotten files

c23e9b6


          fix(ruby): replace url to public server for forgotten files (Fix Bug …

09344f6

…69930)

t0rtila force-pushed the release/v1.10.0 branch from fde930d to 09344f6 Compare

September 11, 2024 12:59

LinneyS and others added 4 commits

September 12, 2024 10:10


          fix working with formats (893303c) (Fix Bug 70022)

b9b4aef


          fix: add file existence check before save

14df5fc


          nodejs: getting name in wopi (Fix Bug 70092)

4c8fb6b


          Merge pull request 'fix: add file existence check before save. Fix Bu…

73b727f

…g 69948' (#2) from fix/java-check-file-exist into release/v1.10.0

Reviewed-on: https://git.onlyoffice.com/ONLYOFFICE/document-server-integration/pulls/2

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet