deepcrayon
/
lila
1
0
Fork 0
Code Releases Activity
41,012 Commits
472 Branches
4 Tags
480 MiB
Commit Graph

27 Commits (50f512a7909dfd01f210bbff4b769c3b9a90d567)

Author SHA1 Message Date
Niklas Fiekas 846df0f212 give up on twitch in studies, update csp accordingly (#6684) 
would have mitigated the study topic xss
 2021-01-24 20:56:57 +01:00
Thibault Duplessis bf9aff4c43 ui/site refactor WIP 2020-09-01 18:39:44 +02:00
Thibault Duplessis 30e23a75a8 remove superfluous blocks 2020-08-16 14:48:46 +02:00
Thibault Duplessis fe53a47797 team leader can timeout in chat 2020-04-26 13:39:36 -06:00
Thibault Duplessis 4c28625728 study moderation - closes #6076 2020-03-02 14:23:03 -06:00
Niklas Fiekas 47950d54c6 factor out csp for webassembly 2019-12-20 13:14:07 +01:00
Thibault Duplessis ff1cc70bef reformat with scalafmt 2019-12-13 08:37:32 -06:00
Thibault Duplessis 825e742fdd study/relay remote socket WIP 2019-10-26 11:41:44 +02:00
Thibault Duplessis 8a41bfdb51 flag chat messages 2019-08-25 13:41:03 +02:00
Niklas Fiekas 5485dabce6 i18n: study embedded editor, deduplicate 2019-08-23 12:25:07 +02:00
Thibault Duplessis b5b6bbb2f7 show number of chat members WIP 2019-08-22 08:47:03 +02:00
Thibault Duplessis 85bcfc55f1 enable palantir for all study members 2019-08-11 11:28:01 +02:00
Thibault Duplessis f839e50c43 study palantir 2019-08-10 18:19:21 +02:00
Thibault Duplessis e7c53904ec study description (twitch embed) WIP 2019-07-03 19:51:33 -04:00
Niklas Fiekas 9aedd0631e make study__side translatable 2019-06-12 17:17:45 +02:00
Niklas Fiekas 658da46ffe fix missing i18n keys in studies (advantage chart) 2019-06-06 10:17:39 +02:00
Niklas Fiekas 9e3e4b4f0e more json cleanup, remove JsonHelper 2019-04-22 10:50:14 +02:00
Niklas Fiekas b6fbf28132 reland embedJs signature fix 
Sadly this was nicer in Twirl, because *safe* string interpolation was
happening more naturally in templates. This example allows no XSS,
guaranteed by types:

  @embedJs {
    var foo = { "bar": @{safeJsonValue(jsObj)} };
  }

Equivalent with scalatags:

  embedJs(frag(
    raw("""var foo = { "bar": """), jsObj.toJsonFrag, raw(" }; ")
  ))

This is so ugly that it's used nowhere. Just unsafe string interpolation
everywhere:

  embedJsUnsafe(s"""var foo = { "bar": ${safeJsonValue(jsObj)} };""")

Note that this would compile fine without safeJsonValue, but would be
an XSS vulnerability.
 2019-04-22 08:56:55 +02:00
Thibault Duplessis 2f0898a1d6 rename cssTag 2019-04-21 21:33:50 +07:00
Thibault Duplessis c9570cf23a restore contextual streamers in analysis and study 2019-04-17 16:11:36 +07:00
Thibault Duplessis a3abc8d5a3 refactor and fix contextual streamers 2019-04-17 15:52:20 +07:00
Thibault Duplessis 1a5d9dcff8 all pages are responsive now 2019-04-11 17:23:25 +07:00
Thibault Duplessis 4b71f2033c study UI WIP 2019-04-09 20:47:22 +07:00
Thibault Duplessis a410c7b905 templating refactoring 2019-04-08 16:54:45 +07:00
Thibault Duplessis 9abab53cf9 nvui refactoring 2019-01-25 16:06:31 +08:00
Thibault Duplessis 0188314f8f more template rewrites 2019-01-19 10:15:20 +08:00
Thibault Duplessis ec9b0b9098 rewrite study show template 2019-01-16 12:30:40 +08:00