Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Skins support #3475

Merged
merged 6 commits into from
Aug 26, 2018
Merged

Skins support #3475

merged 6 commits into from
Aug 26, 2018

Conversation

muxator
Copy link
Contributor

@muxator muxator commented Aug 26, 2018

This is the implementation proposal for #3471.

The old static/custom directory is replaced by static/skins/<skinName>, where <skinName> is taken from settings.json.
When no value is found, a default of no-skin is assumed, so that backward compatibility is maintained.
In case of settings.json missing the new parameter, a WARN is generated in the logs.

<skinName> is checked against directory traversals on the host file system and XSS in the browser.

Tested with the deafult skin and with the new one (colibris, #3441).

muxator added 5 commits August 19, 2018 03:36
@muxator
skins: the settings class understands skinName. Send skinName value t…
4b3ac66 
…o the client

skinName must be a single string (no directory separators in it) pointing to an
existing directory under /src/static/skins.
In case these conditions are not met, its value is rewritten to "no-skin".

Also, the value of skinName if sent to the client via clientVars for allowing
its use it in the browser.
@muxator
skins: replace {js,css}.template with actual files. Simplify startup …
43d4441 
…scripts.

Currently, an Etherpad skin requires the existence of 6 files:
- index.{css,js}
- pad.{css,js}
- timeslider.{css,js}

In the default empty skin (in static/custom), there were 2 small placeholders
({js,css}.template) to be copied in place by the startup script in case no skin
was in use.

Now that we are moving to multiple directories (see #3471) we can simply commit
the example files and remove the copying code from the startup script.
@muxator
skins: moved "static/custom" -> "static/skins/no-skin"
84f52b2 
The old empty skin created by the startup scripts becomes the default: no-skin.
@muxator
skins: added new parameter "skinName" in setting.json.template
13588f5 
"colibris" does not exist yet, but let's mention it anyway.
@muxator
skins: finalize support for multiple skins
8d80597 
The old "static/custom" directory is replaced by "static/skins/<skinName>",
where <skinName> is taken from settings.json.
When no value is found, a default of "no-skin" is assumed, so that backward
compatibility is maintained.

The most evident security concerns have been addressed.

Closes #3471.
@muxator muxator self-assigned this Aug 26, 2018
@muxator muxator added this to the 1.8 milestone Aug 26, 2018
@muxator muxator mentioned this pull request Aug 26, 2018
Closed
@muxator
Copy link
Contributor Author

muxator commented Aug 26, 2018

One more commit updating the documentation, moving from a single custom directory to the skins mechanism.

Merging.

@muxator muxator merged commit 6620014 into ether:develop Aug 26, 2018
@muxator muxator deleted the skins-support branch August 26, 2018 19:17
@muxator muxator mentioned this pull request Oct 15, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@muxator muxator

Labels
new-skin
Projects
None yet
Milestone
1.7.5
Development

Successfully merging this pull request may close these issues.
1 participant
@muxator