Paul Trudel
747173b930
Removed unused POST checksum validation code
2024-05-13 19:31:29 +00:00
Paul Trudel
c7805b0038
Remove support for join POST requests and fix checksum calculation for POST requests
2024-05-13 19:16:18 +00:00
Paul Trudel
211c530462
Add support for text/xml to create and insertDocument
2024-05-13 19:15:57 +00:00
Paul Trudel
f61c67140e
Removed unused set of supported content types from validator
2024-05-13 19:15:47 +00:00
Paul Trudel
99176af136
Added servlet request back to the checksums
2024-05-13 19:15:32 +00:00
Paul Trudel
b6de2a1b55
Allow each request to define its own supported content types
2024-05-13 19:15:16 +00:00
Paul Trudel
9ec21acb2e
Changed content type validation error key and message
2024-05-13 19:15:06 +00:00
Paul Trudel
17b370b8e6
Reject requests with a body but no Content-Type header
2024-05-13 19:14:56 +00:00
Paul
8e8c2189ab
Removed support for application/json content
2024-04-15 11:37:39 -04:00
Paul
78d767202a
Added request content type validation
2024-04-15 11:37:05 -04:00
Paul
393d67f0b8
Check for pressence of query and body
2024-04-15 11:35:40 -04:00
Anton Georgiev
676573e3cc
fix(sec): bump postgresql to 42.7.2
2024-02-21 14:26:51 -05:00
GuiLeme
7b36f19abb
[GHSA-j42p-fh2w-24q6] - validate URL for external upload of presentation.
2024-01-11 16:14:03 -05:00
Anton Georgiev
d7556c74aa
fix(sec): filter tags in presentation name
2024-01-11 16:01:59 -05:00
Paul Trudel
7bab189a23
Change target to release for java 17
2023-08-31 07:00:42 -04:00
Gustavo Trott
0e21fcdc2e
Fix: Getting final Url (from redirect) on presentation upload
2023-08-17 09:43:26 -03:00
danielpetri1
74e88d0a28
Remove unused imports
2023-06-07 14:44:02 +00:00
danielpetri1
a2a41b6282
Merge branch 'mime-fixes' of github.com:danielpetri1/bigbluebutton into mime-fixes
2023-06-06 12:09:27 +00:00
danielpetri1
bc090d71bb
Permit .docx with .doc content
2023-06-06 12:08:21 +00:00
Daniel Petri Rocha
d2762657ee
Merge branch 'v2.6.x-release' into mime-fixes
2023-06-06 12:12:13 +02:00
danielpetri1
ffeb8c3acb
Allow multiple MIME types per extension
2023-06-06 10:08:14 +00:00
Paul Trudel
d9cce76c33
Remove unecessary log
2023-06-05 14:33:52 +00:00
Paul Trudel
fe43eba452
Allow default presentation to bypass localhost check
2023-06-05 14:32:25 +00:00
Paul Trudel
ae11bd43a3
Default presentation exempt from validation
2023-06-05 13:49:47 +00:00
prlanzarin
9f46b10485
fix: typo when parsing recordFullDurationMedia API param
2023-06-01 15:05:50 -03:00
Anton Georgiev
e92862ee00
Merge pull request #17986 from paultrudel/meeting-info-attendee-update
...
fix(Meeting API): Only include online users in attendee list
2023-05-31 18:29:14 -04:00
Anton Georgiev
b18aff32e6
Merge pull request #18045 from paultrudel/ssrf-fix
...
fix(sec): SSRF fix
2023-05-31 18:19:40 -04:00
prlanzarin
4d1aa87a88
feat: only record media while meeting is being actively recorded
...
Only record media (microphone, webcams and screens) while meeting is
being actively recorded (ie an user has enabled recording in the
conference). If the conference's recording is paused, media capture will
stop as well (with appropriate recording events).
A bigbluebutton.properties/API#create parameter called
`recordFullDurationMedia` is added to control this behavior. The default
is false (only capture while recording is active). Setting it to `true`
enables the current (legacy) behavior: always capture media if the
meeting's `recorded` prop is true.
2023-05-31 16:36:11 -03:00
danielpetri1
ba6b33a83f
Don't rely on filename to determine MIME type
2023-05-30 15:59:58 +00:00
Paul Trudel
08a87f2dad
Changed names of presentation download properties and set https as default
2023-05-30 14:02:13 +00:00
danielpetri1
cf9c0899d0
Use Tika as MIME detection tool
2023-05-29 13:19:49 +00:00
Anton Georgiev
ac365d9ad9
Merge pull request #18007 from paultrudel/upgrade-spring-26
...
fix(sec): Upgrade Spring
2023-05-25 19:49:49 -04:00
Paul Trudel
e7bc91d389
Upgrade spring validation library to 2.7.12
2023-05-25 20:16:28 +00:00
Anton Georgiev
7585f99352
feat: introduce disableFeaturesExclude CREATE API param
2023-05-25 15:43:30 -04:00
Paul Trudel
b641c6313a
Only include online users in attendee list
2023-05-24 19:58:16 +00:00
Paul Trudel
575ff77261
Added localhost to blocked hosts
2023-05-16 15:17:30 +00:00
Ramón Souza
dcef3e3d7b
Merge pull request #17845 from ramonlsouza/issue-17839
...
fix: ignore restore on update for first load of initial presentation
2023-05-15 13:41:27 -03:00
Paul Trudel
82f6c3022e
Changed log level of protocol warning
2023-05-12 15:55:29 +00:00
Paul Trudel
8fd1d52e62
All protocols are supported now by default
2023-05-10 19:22:28 +00:00
Anton Georgiev
ba8aa3468f
Merge pull request #17860 from ramonlsouza/issue-17840
...
fix: Learning dashboard is available in breakout rooms
2023-05-10 11:45:01 -04:00
Anton Georgiev
706eb4e762
Merge pull request #17844 from paultrudel/unreleased-streams-fix
...
fix(sec): Unreleased streams fix
2023-05-10 10:47:37 -04:00
Gustavo Trott
e6cd0e1696
make validation about Learning Dashboard more readable
2023-05-10 09:46:12 -03:00
Ramón Souza
c0cf3502d2
disable learning dashboard for breakout rooms
2023-05-10 09:17:02 -03:00
GuiLeme
163017c90a
[issue-17738] - patch
2023-05-09 15:09:13 -03:00
Paul Trudel
6c0915d71b
Initialized file input stream
2023-05-09 15:17:14 +00:00
GuiLeme
d2c5b33eec
[issue-17839] - back-end part for hide_presentation_on_join issue
2023-05-09 12:01:55 -03:00
Paul Trudel
1b5015211e
Change registeredUser joined to false after leave
2023-04-26 15:41:29 +00:00
Paul Trudel
c378ffe4a9
Added new properties for supported protocols and blocked hosts
2023-04-21 15:29:19 +00:00
Paul Trudel
9e7ceb7b84
Added additional url validation checks for presentation upload
2023-04-20 19:53:08 +00:00
Paul Trudel
68a0623f6c
Added initial url validation check to presentation upload
2023-04-19 21:03:52 +00:00