summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* server: proper job handlingstuebinm2022-02-075-67/+114
| | | | | Note: the server will not check submissions for duplicates! (nor does it do any kind of rate-limiting)
* non-blocking serverstuebinm2022-02-076-94/+134
|
* basic server setup (using servant)stuebinm2022-02-017-3/+274
| | | | | | | adds a very basic http server that can be sent links to repositories & will download & lint them, then answer the request with the lints. Should probably do this in a non-blocking way …
* use hpack and clean up modulesstuebinm2022-01-1514-156/+228
| | | | as annoying as yaml is, cabal's package format is somehow worse, apparently
* playing around with typesstuebinm2022-01-024-1/+40
|
* use url package for parsing of urlsjonny2022-01-023-13/+32
|
* fixed url injection by means of starting an url with "." and turning the ↵jonathan2022-01-021-1/+1
| | | | prefix into a subdomain
* script links can't contain @stuebinm2022-01-021-1/+3
|
* open BBBs in new Tab so that they work now :/ tabascoeye2022-01-021-2/+2
| | | PLEASE review! I have no idea of haskell
* wa gets an extra ausgangstuebinm2022-01-021-1/+1
| | | | | (please only deploy once https://git.cccv.de/hub/hub/-/merge_requests/492 is also deployed)
* SECURITY: Fix path traversal in script verificationSerge Bazanski2022-01-021-2/+3
| | | | | | | | The following used to be allowed: scripts: https://static.rc3.world/scripts/../maps/81c8add623eea2704f20/e65b545e-342f-4be0-b369-c0eacff7b15d/re-blessed.mp3.js This is obviously not good, as it allows scripts from arbitrary maps.
* fix bbb urls a second time …stuebinm2022-01-021-5/+1
|
* warn if main.json does not link back to lobbystuebinm2022-01-021-6/+13
|
* allow live.dort.c3voc.de for audiostuebinm2022-01-021-1/+1
|
* I would like to show the fahrplan in an iframe. Please allowtabascoeye2022-01-021-1/+1
|
* fix bbb url resolutionstuebinm2022-01-021-1/+1
|
* allow *.streamproxy.rc3.worldstuebinm2022-01-021-1/+2
|
* type systems don't protect against off-by-onestuebinm2022-01-021-1/+1
|
* urlencode dereferrer linksstuebinm2022-01-022-3/+4
|
* openWebsiteTriggerMessage can also be used for openTabstuebinm2022-01-021-2/+8
|
* Allow to copy sounds for custom JS with ObjectProperty `loadSound`Sven G. Brönstrup2021-12-261-1/+1
|
* separate blocking for separate contextsstuebinm2021-12-265-32/+56
| | | | | (audio links now have their own allowlist, which won't put things through the dereferrer)
* missing entrypoints can be non-fatalstuebinm2021-12-261-7/+8
|\
| * index on main: ee61cc5 change lint msg for property suggestionsstuebinm2021-12-260-0/+0
|/
* change lint msg for property suggestionsstuebinm2021-12-261-1/+1
|
* allow cdn.c3voc.de for audio streamsstuebinm2021-12-251-2/+2
| | | | | (this is a temporary solution, since it would invoke the dereferrer for things that aren't allowed, which is silly)
* add lint if people set tilesetCopyright on tilesstuebinm2021-12-251-0/+2
|
* whoops, forgot to delete an output field and now it's in the hubstuebinm2021-12-251-1/+0
|
* attempt to fix curl pipelinestuebinm2021-12-251-2/+1
|
* apply some hlint hintsstuebinm2021-12-251-3/+3
|
* correct dereferrer linkstuebinm2021-12-251-1/+1
|
* the lobby is allowed to contain defunct linksstuebinm2021-12-251-12/+15
|
* hint if people set collides on tilesetsstuebinm2021-12-251-1/+2
|
* add some allowed domains to default configstuebinm2021-12-251-1/+1
|
* don't print doubled lints twicestuebinm2021-12-252-11/+11
|
* better lint messagestuebinm2021-12-251-1/+1
|
* persist, default aren't always booleansstuebinm2021-12-241-1/+0
|
* smaller changesstuebinm2021-12-243-5/+4
|
* allow openWebsiteAllowApi if website is on static.rc3.worldstuebinm2021-12-241-2/+12
|
* allow shared (not just shared-) as prefix for shared jitsisstuebinm2021-12-241-1/+1
| | | | this might make things less confusing for some people
* extra lint for people confused by badgesstuebinm2021-12-231-3/+4
| | | | tbh I'm confused by them as well
* some people define tilesets without images???stuebinm2021-12-232-2/+4
|
* correct recognision of entrypoints in sublayersstuebinm2021-12-232-16/+23
| | | | | also, the recursive check layer function slowly approaches something like readability!
* chore: curl imageRehlein2021-12-231-2/+1
|
* Merge branch 'chore/mapservice_pipeline_trigger' into 'main'stuebinm2021-12-231-0/+11
|\ | | | | | | | | chore: add trigger for pipeline on main See merge request hub/walint!2
| * chore: add trigger for pipeline on mainRehlein2021-12-231-0/+11
|/
* openTab's semantics are the same as openWebsite'sstuebinm2021-12-231-9/+6
| | | | (it's not a modifier for openWebsite, as I had previously though)
* add suggestions for misspelled propertiesstuebinm2021-12-236-44/+86
| | | | | (suggestions are shown only if they have a Damerau-Levenshtein distance <= 4, which seems to yield reasonably good results)
* limit output for frequent lintsstuebinm2021-12-232-2/+4
| | | | it's now limited to just the first ten contexts, then an ellipsis
* disallow properties with different capitalisationsstuebinm2021-12-231-10/+7
| | | | | since apparently sometimes workadventure is case-insensitive, and sometimes it's not