Archives/gristlabs_grist-core
1
0
Fork 0
mirror of https://github.com/gristlabs/grist-core.git synced 2026-03-02 04:09:24 +00:00
Code Issues Projects Releases Wiki Activity
Files
b29ce996b66b4ec89e4a8cb217b0278d4bcf014b
gristlabs_grist-core/app/server/lib
History
Alex Hall e590e65a3f (core) Allow requests from untrusted origins but without credentials 
Summary:
Allow requests from untrusted origins instead of returning an error, but don't allow credentials (Cookie header) or API keys (Authorization header).

Allow setting the header `Content-type: application/json` as an alternative to `X-Requested-With: XMLHttpRequest` to make it easier for clients to make POST/PUT/PATCH/DELETE requests without authentication.

Discussion: https://grist.slack.com/archives/C0234CPPXPA/p1666355281535479

Test Plan: Added and updated DocApi tests. Tested manually how this affects requests made from a browser.

Reviewers: paulfitz, dsagal

Reviewed By: paulfitz, dsagal

Differential Revision: https://phab.getgrist.com/D3678
2022-11-03 13:33:23 +02:00
..
AccessTokens.ts
(core) add an access token mechanism to help with attachments in custom widgets
2022-07-19 11:55:18 -04:00
ACLFormula.ts
(core) add OWNERS='owners', EDITOR='editors', VIEWER='viewers' to condition formulas
2021-03-19 18:20:33 -04:00
ActionHistory.ts
(core) do not look at content of recent actions when loading documents
2021-09-29 11:27:02 -04:00
ActionHistoryImpl.ts
Correct spelling mistakes
2022-02-19 09:46:49 +00:00
ActionSummary.ts
Correct spelling mistakes
2022-02-19 09:46:49 +00:00
ActiveDoc.ts
(core) Show example values in formula autocomplete
2022-09-28 19:42:36 +02:00
ActiveDocImport.ts
Fix bug that skips empty columns during imports
2022-08-11 11:05:30 -07:00
AppEndpoint.ts
(core) add a log message on proxying failures
2022-08-24 09:16:19 -04:00
AppSettings.ts
(core) clean up interaction of forward auth with session
2022-06-15 13:06:12 -04:00
Authorizer.ts
(core) Allow requests from untrusted origins but without credentials
2022-11-03 13:33:23 +02:00
BrowserSession.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
checksumFile.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
Client.ts
(core) Adding new column in users table "ref" with unique identifier.
2022-10-04 15:19:28 +02:00
Comm.ts
(core) i18
2022-09-29 18:02:09 +02:00
dbUtils.ts
(core) move DocUsageBanner to ext
2022-05-27 22:19:17 -04:00
DiscourseConnect.ts
(core) Adding GristConnect login system
2022-05-18 20:28:25 +02:00
DocApi.ts
(core) DocApi meta endpoints: GET /tables and POST/PATCH /tables and /columns
2022-10-21 10:15:46 +02:00
DocClients.ts
(core) add a yarn run cli tool, and add a sqlite gristify option
2022-07-14 12:00:30 -04:00
DocManager.ts
(core) Adding new column in users table "ref" with unique identifier.
2022-10-04 15:19:28 +02:00
DocPluginData.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
DocPluginManager.ts
(core) add an access token mechanism to help with attachments in custom widgets
2022-07-19 11:55:18 -04:00
DocSession.ts
(core) Adding new column in users table "ref" with unique identifier.
2022-10-04 15:19:28 +02:00
DocSnapshots.ts
(core) serialize document uploads and DocSnapshots.versions() to reduce surprises
2022-08-01 15:42:39 -04:00
DocStorage.ts
(core) Add caching for measuring data size in DocStorage, when data isn't changing
2022-08-25 09:50:23 -04:00
DocStorageManager.ts
(core) dust off electron build a little bit
2022-07-29 11:19:26 -04:00
docUtils.d.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
docUtils.js
Correct spelling mistakes
2022-02-19 09:46:49 +00:00
DocWorker.ts
(core) add an access token mechanism to help with attachments in custom widgets
2022-07-19 11:55:18 -04:00
DocWorkerMap.ts
(core) Add unquarantine command to admin CLI
2022-08-15 13:04:55 -07:00
ExcelFormatter.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
ExpandedQuery.ts
Correct spelling mistakes
2022-02-19 09:46:49 +00:00
Export.ts
(core) Ref columns weren't filtered on csv/excel export for sections.
2022-09-28 22:32:14 +02:00
ExportCSV.ts
Export xlsx #256 (#270)
2022-09-14 14:55:44 -04:00
ExportXLSX.ts
Export xlsx #256 (#270)
2022-09-14 14:55:44 -04:00
expressWrap.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
ExternalStorage.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
extractOrg.ts
(core) upgrade typeorm so we can support newer postgres
2022-09-02 15:34:21 -04:00
FileParserElement.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
filterUtils.ts
(core) uncheck FullCopy special when copying/forking a document
2021-04-29 08:56:54 -04:00
FlexServer.ts
(core) Allow requests from untrusted origins but without credentials
2022-11-03 13:33:23 +02:00
ForwardAuthLogin.ts
(core) clean up interaction of forward auth with session
2022-06-15 13:06:12 -04:00
GoogleAuth.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
GoogleExport.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
GoogleImport.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
GranularAccess.ts
(core) Comments
2022-10-17 13:38:21 +02:00
GristServer.ts
(core) add an access token mechanism to help with attachments in custom widgets
2022-07-19 11:55:18 -04:00
gristSessions.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
guessExt.ts
(core) Switch excel import parsing from messytables+xlrd to openpyxl, and ignore empty rows
2022-05-12 14:43:21 +02:00
HashUtil.ts
(core) add more detail to /compare endpoint
2020-09-18 16:31:29 -04:00
HostedMetadataManager.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
HostedStorageManager.ts
(core) serialize document uploads and DocSnapshots.versions() to reduce surprises
2022-08-01 15:42:39 -04:00
httpEncoding.ts
(core) External requests
2022-06-17 21:53:20 +02:00
IBilling.ts
(core) Add basic activation page to grist-ee
2022-08-23 10:30:52 -07:00
IChecksumStore.ts
(core) revamp snapshot inventory
2020-10-30 13:52:46 -04:00
ICreate.ts
(core) Add dark mode to user preferences
2022-09-05 19:17:32 -07:00
IDocStorageManager.ts
(core) add a yarn run cli tool, and add a sqlite gristify option
2022-07-14 12:00:30 -04:00
idUtils.ts
(core) Move Notifier to /ext
2022-05-18 08:02:32 -07:00
IElectionStore.ts
(core) move some material to core that slipped through in a rebase
2020-07-23 11:29:05 -04:00
initialDocSql.ts
(core) Comments
2022-10-17 13:38:21 +02:00
INotifier.ts
(core) Speed up and upgrade build.
2022-06-27 16:10:10 -04:00
ISandbox.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
IShell.ts
(core) dust off electron build a little bit
2022-07-29 11:19:26 -04:00
ITestingHooks-ti.ts
(core) Converting server-side Comm.js to typescript
2022-06-07 15:47:17 -04:00
ITestingHooks.ts
(core) Converting server-side Comm.js to typescript
2022-06-07 15:47:17 -04:00
log.ts
(core) give instructions on using Grist with docker
2020-10-28 13:59:13 -04:00
LogMethods.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
manifest.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
MinimalLogin.ts
(core) Adding GristConnect login system
2022-05-18 20:28:25 +02:00
NSandbox.ts
remove old comment that gvisor is not available in grist-core (#295)
2022-09-28 17:29:32 -04:00
OnDemandActions.ts
(core) add GVISOR_LIMIT_MEMORY to cap memory available in sandbox
2022-05-18 14:26:27 -04:00
PermissionInfo.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
Permit.ts
(core) Add new Grist login page
2022-04-01 15:24:19 -07:00
places.ts
(core) fix docker packaging after core shuffle
2020-07-22 14:45:42 -04:00
PluginEndpoint.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
PluginManager.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
reportTimeTaken.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
Requests.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
requestUtils.ts
Use url.hostname instead of url.host to allow host from environment variable (#326)
2022-10-25 14:59:17 -04:00
RowAccess.ts
(core) Comments
2022-10-17 13:38:21 +02:00
SafePythonComponent.ts
(core) Run and test imports only in Python 3, upgrade openpyxl, fix weird date handling
2022-09-02 16:27:34 +02:00
SamlConfig.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
SandboxControl.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
sandboxUtil.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
sendAppPage.ts
Fixing translation key for sendAppPage.ts
2022-10-27 10:50:51 +02:00
ServerColumnGetters.ts
(core) Adding sort options for columns.
2021-11-03 15:31:39 +01:00
ServerLocale.ts
(core) Converting server-side Comm.js to typescript
2022-06-07 15:47:17 -04:00
serverUtils.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
Sessions.ts
(core) Converting server-side Comm.js to typescript
2022-06-07 15:47:17 -04:00
Sharing.ts
(core) add a yarn run cli tool, and add a sqlite gristify option
2022-07-14 12:00:30 -04:00
shortDesc.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
shutdown.js
(core) move home server into core
2020-07-21 20:39:10 -04:00
SQLiteDB.ts
(core) add a yarn run cli tool, and add a sqlite gristify option
2022-07-14 12:00:30 -04:00
TableMetadataLoader.ts
(core) open documents without blocking on data engine
2021-10-01 10:18:56 -04:00
TagChecker.ts
(core) move home server into core
2020-07-21 20:39:10 -04:00
TestingHooks.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
TestLogin.ts
(core) make the support account configurable, and allow listing public sites
2022-10-14 14:23:59 -04:00
Throttle.ts
(core) Fix bugs with intervals
2022-08-25 12:38:36 -07:00
TimeQuery.ts
(core) Raw renames
2022-04-27 22:21:55 +02:00
Triggers.ts
Add function to allow hosts from environment variables (#287)
2022-09-28 12:33:53 -04:00
UnsafeNodeComponent.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
uploads.ts
(core) remove deprecated /download endpoint in favor of newer /api/docs/NNNN/download
2022-09-20 15:26:04 -04:00
WidgetRepository.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00
WorkCoordinator.ts
(core) Faster builds all around.
2022-07-04 10:42:40 -04:00