Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2022-01-15 | use hpack and clean up modules | stuebinm | 1 | -4/+5 | |
as annoying as yaml is, cabal's package format is somehow worse, apparently | |||||
2022-01-02 | use url package for parsing of urls | jonny | 1 | -3/+9 | |
2022-01-02 | fixed url injection by means of starting an url with "." and turning the ↵ | jonathan | 1 | -1/+1 | |
prefix into a subdomain | |||||
2022-01-02 | script links can't contain @ | stuebinm | 1 | -1/+3 | |
2022-01-02 | open BBBs in new Tab so that they work now :/ | tabascoeye | 1 | -2/+2 | |
PLEASE review! I have no idea of haskell | |||||
2022-01-02 | SECURITY: Fix path traversal in script verification | Serge Bazanski | 1 | -2/+3 | |
The following used to be allowed: scripts: https://static.rc3.world/scripts/../maps/81c8add623eea2704f20/e65b545e-342f-4be0-b369-c0eacff7b15d/re-blessed.mp3.js This is obviously not good, as it allows scripts from arbitrary maps. | |||||
2022-01-02 | fix bbb urls a second time … | stuebinm | 1 | -5/+1 | |
2022-01-02 | fix bbb url resolution | stuebinm | 1 | -1/+1 | |
2022-01-02 | type systems don't protect against off-by-one | stuebinm | 1 | -1/+1 | |
2022-01-02 | openWebsiteTriggerMessage can also be used for openTab | stuebinm | 1 | -2/+8 | |
2021-12-26 | Allow to copy sounds for custom JS with ObjectProperty `loadSound` | Sven G. Brönstrup | 1 | -1/+1 | |
2021-12-26 | separate blocking for separate contexts | stuebinm | 1 | -3/+5 | |
(audio links now have their own allowlist, which won't put things through the dereferrer) | |||||
2021-12-26 | change lint msg for property suggestions | stuebinm | 1 | -1/+1 | |
2021-12-25 | add lint if people set tilesetCopyright on tiles | stuebinm | 1 | -0/+2 | |
2021-12-25 | apply some hlint hints | stuebinm | 1 | -3/+3 | |
2021-12-25 | the lobby is allowed to contain defunct links | stuebinm | 1 | -12/+15 | |
2021-12-25 | hint if people set collides on tilesets | stuebinm | 1 | -1/+2 | |
2021-12-25 | better lint message | stuebinm | 1 | -1/+1 | |
2021-12-24 | persist, default aren't always booleans | stuebinm | 1 | -1/+0 | |
2021-12-24 | smaller changes | stuebinm | 1 | -1/+1 | |
2021-12-24 | allow openWebsiteAllowApi if website is on static.rc3.world | stuebinm | 1 | -2/+12 | |
2021-12-24 | allow shared (not just shared-) as prefix for shared jitsis | stuebinm | 1 | -1/+1 | |
this might make things less confusing for some people | |||||
2021-12-23 | extra lint for people confused by badges | stuebinm | 1 | -3/+4 | |
tbh I'm confused by them as well | |||||
2021-12-23 | some people define tilesets without images??? | stuebinm | 1 | -1/+3 | |
2021-12-23 | openTab's semantics are the same as openWebsite's | stuebinm | 1 | -9/+6 | |
(it's not a modifier for openWebsite, as I had previously though) | |||||
2021-12-23 | add suggestions for misspelled properties | stuebinm | 1 | -37/+77 | |
(suggestions are shown only if they have a Damerau-Levenshtein distance <= 4, which seems to yield reasonably good results) | |||||
2021-12-23 | disallow properties with different capitalisations | stuebinm | 1 | -10/+7 | |
since apparently sometimes workadventure is case-insensitive, and sometimes it's not | |||||
2021-12-22 | Fixed types of extended scripts properties | Sven G. Brönstrup | 1 | -3/+8 | |
2021-12-22 | shorten Properties.hs | stuebinm | 1 | -152/+76 | |
down almost 100 lines of code! (and hopefully denotationally equivalent, except for the bits about where it was wrong before and didn't replace uris correctly) | |||||
2021-12-21 | Did some of the desired changes | Sven G. Brönstrup | 1 | -7/+10 | |
2021-12-21 | check that bbbRoom contains a valid assembly_slug | stuebinm | 1 | -7/+12 | |
2021-12-21 | correct bbb link substitution | stuebinm | 1 | -10/+11 | |
(unfortunately this one's hardcoded, the config options just aren't general enough) | |||||
2021-12-20 | generalise unwrapURI a bit | stuebinm | 1 | -4/+19 | |
2021-12-20 | something something encoding mismatch | stuebinm | 1 | -1/+1 | |
2021-12-20 | Resolved merge conflict | Sven G. Brönstrup | 1 | -5/+1 | |
2021-12-20 | Added extended script action zone properties | Sven G. Brönstrup | 1 | -0/+11 | |
2021-12-20 | forbid opening local html files in iframes | stuebinm | 1 | -2/+4 | |
2021-12-20 | disallow extended API variables in links | stuebinm | 1 | -0/+2 | |
2021-12-19 | Wrap urls for inline iframes | Sven G. Brönstrup | 1 | -0/+3 | |
2021-12-19 | Added bell properties | Sven G. Brönstrup | 1 | -4/+36 | |
2021-12-19 | Only suggert door properties on variables | Sven G. Brönstrup | 1 | -15/+15 | |
2021-12-19 | Lint door stuff | Sven G. Brönstrup | 1 | -1/+87 | |
2021-12-18 | fixed parsing of tiled objects | stuebinm | 1 | -8/+9 | |
(points behave slightly differntly than I thought) | |||||
2021-12-18 | quick badge bugfix | stuebinm | 1 | -1/+1 | |
obviously, it should remove all objects defining badges, not those NOT defining badges … | |||||
2021-12-18 | badges are set on objects, not layers | stuebinm | 1 | -41/+44 | |
(and `url` is, too) | |||||
2021-12-18 | remove mapImage property | stuebinm | 1 | -3/+2 | |
2021-12-18 | fix some weird lints | stuebinm | 1 | -2/+1 | |
(since we're starting to get maps that actually pass linting, we also get to find more bugs! yay!) | |||||
2021-12-16 | special handling of world:// and assembly names | stuebinm | 1 | -2/+7 | |
these now have their own top-level config attribute which is essentially a shorthand for setting one that's deeper nested. | |||||
2021-12-16 | fixed & removed a bunch of old TODOs | stuebinm | 1 | -15/+30 | |
2021-12-16 | "collides" can't be set on layers | stuebinm | 1 | -4/+4 | |