- 27 Jan, 2020 34 commits
-
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Yusei Tahara authored
[erp5_web_renderjs_ui] Update service worker code. Client_id is null when it is the first request, in other words if request is navigate mode. Since major web browsers already implement client_id, if client_is is null, let's use the latest cache and don't get cache_key from CACHE_MAP and erp5js_cache.
-
Yusei Tahara authored
-
Yusei Tahara authored
-
Yusei Tahara authored
[erp5_web_renderjs_ui] If service worker failed to install cache, unregister this service worker explicitly.
-
Yusei Tahara authored
-
Yusei Tahara authored
The name must be different per web site, else if the same service worker code is used by multiple web sites in ERP5 web site module, service worker does not work correctly.
-
Yusei Tahara authored
[erp5_web_renderjs_ui] Fix translation script. Get service worker filename from layout property. Don't hardcode it.
-
Yusei Tahara authored
[erp5_web_renderjs_ui] New client can use the latest cache without waiting for the new service worker to be activated. And once client was associated with a cache, client keeps using the same cache.
-
Yusei Tahara authored
To preserve the consistency of code and data, let the new service worker wait until all tabs and windows of the old version are closed.
-
Yusei Tahara authored
Don't give request object itself to cache.match. Firefox's Cache Storage does not work properly when VARY contains Accept-Language. Give URL string instead, then cache.match works on both Firefox and Chrome.
-
Yusei Tahara authored
[erp5_web_renderjs_ui] Fix rjs_gadget_erp5_serviceworker.js. Use cache.add because safari does not support cache.addAll.
-
Yusei Tahara authored
Collect a list of files from service worker code.
-
Romain Courteaud authored
Fetch usage can be bypassed to do not use service worker when not needed. As appcache has been dropped on Firefox, this change will improve the speed on Firefox. No change is expected on Chrome/Safari.
-
Romain Courteaud authored
-
Romain Courteaud authored
This prevent getting DB read/write conflicts
-
Romain Courteaud authored
Do not access form submission REQUEST from the listbox list method, as it is rendered asynchronously in ERP5JS
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
This reverts commit 35b2c024.
-
Romain Courteaud authored
-
Romain Courteaud authored
Allow edition in the new UI
-
Romain Courteaud authored
-
Romain Courteaud authored
This make everything slow as hell and prevent to quickly save.
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Romain Courteaud authored
-
Jérome Perrin authored
https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02 We choose Lax and not Strict so that we can open links to ERP5 from external applications and so that OAuth Logins work. Implementing the "two cookies, one for read one for write" approach suggested in https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-02#section-8.8.2 would be too big change at this point.
-
Romain Courteaud authored
-
Romain Courteaud authored
SameSite=None breaks the compatibility with some browser versions. https://www.chromium.org/updates/same-site/incompatible-clients
-
- 24 Jan, 2020 4 commits
-
-
Jérome Perrin authored
Allow python's cryptographically secure pseudorandom number generator for usage in restricted python and use it where it makes sense. This also change the API of `Person_generatePassword` which no longer allow to control the number of letters and numbers. /reviewed-on nexedi/erp5!847
-
Jérome Perrin authored
This script no longer allow to control the number of letters and digit
-
Jérome Perrin authored
Using same method as python 3.6's secrets module and a bit longer token that what python currently recommends, since we were using very very long tokens until now (so that it does not look like a "regression")
-
Jérome Perrin authored
- use system random - generate longer password with a larger space API change in an incompatible way, it's no longer possible to control the number of alpha and numeric. This was reducing a lot the number of combinations, so it's better to break so that callers stop generating too weak passwords.
-
- 23 Jan, 2020 2 commits
-
-
Georgios Dagkakis authored
to make the difference with other fields more visible
-
Jérome Perrin authored
If we rename a script used as external validator, we don't have way of detecting that this script might be used, so add to the "static checks" a check that for every field referencing an external validator, this validator can actually be traversed. /reviewed-on nexedi/erp5!1031
-