NoLog.cz/decide.nolog.cz
6
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
470 commits 1 branch 0 tags 22 MiB
Commit graph

470 commits

This branch
This branch
All branches
Author SHA1 Message Date
jelhan
38eecd64ff PHP 7 is right: an empty string is not a valid JSON 2015-08-23 19:04:58 +02:00
jelhan
b9bef69977 user has to proof that he knows encryption key when he participates 
Therefore sha256 hash of encryption key is validated against one which is stored
on server on poll creation.
This one is transfered as X-Croodle-Proof-Key-Knowledge HTTP HEADER.

Prevents an attacker of transmitting data with wrong encryption key, which
would cause decryption errors for legit users.
 2015-08-23 18:56:41 +02:00
jelhan
0ad6026715 includePlainOnCreate serializer option and use it for serverExpirationDate 2015-08-23 16:13:52 +02:00
jelhan
095ba3a2eb some documentation; no functional changes 2015-08-23 06:18:35 +02:00
jelhan
6ed0cc367a reimplement expiration date in new api models 2015-08-23 06:18:05 +02:00
jelhan
6cbbfebc82 list all used npm packages with version in travis build 2015-08-23 00:34:35 +02:00
jelhan
4cc10cd35b disable always_populate_raw_post_data in travis to aviod deprecation warning 2015-08-23 00:32:41 +02:00
jelhan
5ff11445e2 increased requirements to PHP 5.6 2015-08-23 00:06:47 +02:00
jelhan
09c8310bb6 rewritten API models 2015-08-22 23:47:31 +02:00
jelhan
0ae62f31f1 added test for translation object 2015-08-21 12:29:09 +02:00
jelhan
5a240e79e1 added some (ugly) tests for evaluation 2015-08-21 12:10:02 +02:00
jelhan
bfb7b1f48e Fix: top scrollbar width is wrong if vertical scrollbar is added without resize (document height becomes > than window height) 2015-08-20 14:52:11 +02:00
jelhan
12706d7d57 do not lookup encryption key by application container due this breaks tests in travis 2015-08-20 14:12:28 +02:00
jelhan
203204571e floatThead 1.2.13 released 5 hours ago makes trouble... 2015-08-19 23:01:26 +02:00
jelhan
1136af5b74 remove deprecation: COMPUTED PROPERTIES WITH A SHARED GETTER AND SETTER 
http://emberjs.com/deprecations/v1.x/#toc_computed-properties-with-a-shared-getter-and-setter
 2015-08-19 22:24:20 +02:00
jelhan
398453c1e4 do encryption / decryption in serializer 
before it was done as computed properties of model

accessing encryption key in serializer is done via global application var.
this should be removed in long-term
 2015-08-19 22:00:01 +02:00
jelhan
1bcee719d1 user id has to be unique 2015-08-19 15:30:33 +02:00
jelhan
0317c7c0c8 use ember-cli-build-info 2.0 to fix #65 2015-08-19 13:42:38 +02:00
jelhan
3e000f146d even more user-friendly evaluation 2015-08-19 13:27:14 +02:00
jelhan
089ddafe86 Merge branch 'master' into evaluation 2015-08-19 12:07:13 +02:00
jelhan
0daa56bdac update README 2015-08-19 12:05:44 +02:00
jelhan
c9ed3e8a06 readd integration test 2015-08-19 11:29:30 +02:00
jelhan
839695b224 Merge branch 'master' into evaluation 2015-08-19 11:14:08 +02:00
jelhan
450a78255d expiration date should also be encrypted on get; 
therefore we have to duplicate it in store:
* encrypted for to serve for clients (encryptedExpirationDate)
* unencrypted for server to check if it's exceeded (serverExpirationDate)
serverExpirationDate should never be send to client
 2015-08-18 21:53:52 +02:00
jelhan
3e017231c0 subresource integrity attribute 
http://www.w3.org/TR/SRI/
 2015-08-06 16:48:40 +02:00
jelhan
22d9e5045c Merge branch 'master' into evaluation 2015-08-01 23:54:53 +02:00
jelhan
7cef56c2d1 some more tests about showing correct dates and times and handeling 
different time zones
 2015-08-01 23:54:07 +02:00
jelhan
bf1f038a43 fix times in table headers 2015-08-01 22:53:58 +02:00
jelhan
fa0175e352 fix times in table headers 2015-08-01 22:43:06 +02:00
jelhan
6f7148a86f Merge branch 'master' into evaluation 
Conflicts:
	app/controllers/poll.js
 2015-08-01 22:22:07 +02:00
jelhan
1c0fcbfc2d Update README.md 2015-08-01 22:17:32 +02:00
jelhan
72b8136636 do not watch /api for changes 2015-08-01 22:14:26 +02:00
jelhan
feb6fb2e15 only include necessary api files in dist 2015-08-01 22:04:20 +02:00
jelhan
d522ddba1e update README 2015-08-01 21:48:29 +02:00
jelhan
2ad55da50c create tmp data dir for tests if it does not exist 2015-08-01 21:37:15 +02:00
jelhan
200b25be5d Fix: .gitignore where to strict for codeception 2015-08-01 21:30:14 +02:00
jelhan
4ffe936e26 but now ... 2015-08-01 21:12:39 +02:00
jelhan
bfefb81af4 fix travis tests 2015-08-01 21:09:36 +02:00
jelhan
e94ee685ea tests for api using codeception 2015-08-01 21:05:22 +02:00
jelhan
d1c8646bda rewritten api using Slim Framework 2015-08-01 18:42:48 +02:00
jelhan
d26cd827c1 Fix: moment.localeData().longDateFormat() changed 
More details: http://stackoverflow.com/questions/25179377/date-format-momentjs-extract-date-and-time-separately-using-locale-language/31761415#31761415
 2015-08-01 13:51:04 +02:00
jelhan
1f955d4e93 update ember-moment 2015-08-01 11:41:41 +02:00
jelhan
dfdbf98042 rewrite create a poll-tests as acceptance tests using pretender 2015-08-01 11:03:00 +02:00
jelhan
fe878c61ba move api into own directory 2015-07-31 23:26:46 +02:00
jelhan
e0a2fbdcf4 only include timezone data from 2010-2020 
before all timezone data was included (1900-2038)
this reduces vendor.js production build by another 144KB
 2015-07-31 14:39:59 +02:00
jelhan
d511417323 only include necessary moment locales 
reduces vendor.js by 128KB in production build
 2015-07-31 14:13:58 +02:00
jelhan
148cf81f01 php cli cron script to check and delete polls based on expiration date 
should be sheduled by cron or something like
 2015-07-29 20:31:48 +02:00
jelhan
f948750a77 malformed expiration date should not cause poll deletion 2015-07-29 12:08:01 +02:00
jelhan
eb798a3c4c use fixed version of ember-cli-build-info 2015-07-28 17:22:31 +02:00
jelhan
1f39409f66 avoid globale namespace 2015-07-27 20:56:52 +02:00