Commit Graph

832 Commits

Author SHA1 Message Date
Anton Georgiev
ea6e9461dc
Merge pull request from GHSA-4m48-49h7-f3c4
fix(sec): API fix duplicates ghsa-4m48-49h7-f3c4 (2.7)
2024-05-15 10:38:58 -04:00
Paul Trudel
aebb693379 Add message key to insertDocument responses 2024-05-09 19:54:41 +00:00
Paul Trudel
e757cf15ee Removed unused POST checksum validation code 2024-05-08 14:03:48 +00:00
Paul Trudel
b2b57aca03 Remove support for join POST requests and fix checksum calculation for POST requests 2024-05-06 17:56:59 +00:00
Paul Trudel
fd6bd798f8 Add support for text/xml to create and insertDocument 2024-04-23 14:40:15 -04:00
Paul Trudel
fa38c7747e Removed unused set of supported content types from validator 2024-04-23 12:23:24 -04:00
Paul Trudel
7d156e8828 Added servlet request back to the checksums 2024-04-23 11:44:57 -04:00
Paul Trudel
de83c75716 Allow each request to define its own supported content types 2024-04-22 16:11:10 -04:00
Paul Trudel
1b481a9500 Changed content type validation error key and message 2024-04-18 15:29:34 -04:00
Paul Trudel
e24e358ddd Reject requests with a body but no Content-Type header 2024-04-18 10:58:22 -04:00
Paul
8e40d91877 Removed support for application/json content 2024-04-15 11:29:03 -04:00
Paul
183983be7f Added request content type validation 2024-04-15 11:29:03 -04:00
Paul
1e9e461f50 Check for pressence of query and body 2024-04-15 11:29:03 -04:00
Anton Georgiev
ca7c2d1589
fix(sec): bump postgresql to 42.7.2 (#19660) 2024-03-05 21:08:30 -05:00
Anton Georgiev
fd8c927140
Merge pull request from GHSA-j42p-fh2w-24q6
fix(sec): validate URL for external upload of presentation
2024-01-11 16:16:38 -05:00
Anton Georgiev
f50e10b5ea fix(sec): filter tags in presentation name 2024-01-10 14:15:56 -05:00
Anton Georgiev
e64ab86dd7
fix: Bump spring-boot-starter-validation to 2.7.17 to match bbb-web (#19385) 2024-01-05 09:34:03 -05:00
GuiLeme
bba51c38fa [GHSA-j42p-fh2w-24q6] - validate URL for external upload of presentation. 2023-11-09 10:01:52 -03:00
Paul Trudel
bc7c3143ba Prevent null error when parent meeting does not exist 2023-10-19 19:54:43 +00:00
GuiLeme
d6670a4145 [issue-18924] - changes in review, and added possibility to insert a name along with URL 2023-10-19 10:27:38 -03:00
GuiLeme
3761fc333b [plugin-architecture-implementation] - fix for disable downloadable 2023-08-16 11:18:51 -03:00
GuiLeme
14c59a90a7 [issue-18449] - changes in review 2023-08-15 11:22:50 -03:00
GuiLeme
c10df4c173 [issue-18449] - changes in review 2023-08-15 10:58:37 -03:00
GuiLeme
85f1bdae51 [issue-18449] - change in the flow, it is not necessary to click to disable one format to enable the other 2023-08-11 10:31:07 -03:00
GuiLeme
a1746da6fe [issue-18449] - added possibility of download original presentation with original format 2023-08-10 12:18:59 -03:00
Gustavo Trott
02ba4c6ff8 Fix: Getting final Url (from redirect) on presentation upload 2023-08-09 09:54:38 -03:00
Anton Georgiev
43b96b47c4
Merge pull request #17724 from lfzawacki/v2.7.x-release
feat: Implement automatic closed captions using an open transcription server
2023-06-22 05:25:14 -04:00
Anton Georgiev
62248f0244
Merge pull request #18124 from gustavotrott/fix-ldashboard-emoji
fix (Learning Dashboard): Emoji not working on Learning Dashboard
2023-06-15 16:20:40 -04:00
Anton Georgiev
3610ca53e6
Merge pull request #18154 from paultrudel/java-17-upgrade
build: Java 17 support
2023-06-15 07:48:26 -04:00
Anton Georgiev
a962a44c74 Merge branch 'v2.6.x-release' of github.com:bigbluebutton/bigbluebutton into june14merge 2023-06-14 10:07:54 -04:00
Paul Trudel
2d737aa0ef Change target to release for java 17 2023-06-12 21:15:33 +00:00
Gustavo Trott
18e4bcceba Fix emoji not working on Learning Dashboard 2023-06-08 12:38:08 -03:00
Anton Georgiev
49d48c0945
Merge pull request #18097 from ramonlsouza/16120
feat: Add Lock Setting For Viewer Annotations
2023-06-08 11:12:22 -04:00
danielpetri1
74e88d0a28 Remove unused imports 2023-06-07 14:44:02 +00:00
Anton Georgiev
1146ab9be9 Merge branch 'v2.6.x-release' of github.com:bigbluebutton/bigbluebutton into merge-26-27-june-6 2023-06-06 09:28:53 -04:00
danielpetri1
a2a41b6282 Merge branch 'mime-fixes' of github.com:danielpetri1/bigbluebutton into mime-fixes 2023-06-06 12:09:27 +00:00
danielpetri1
bc090d71bb Permit .docx with .doc content 2023-06-06 12:08:21 +00:00
Ramón Souza
22b02ead28 Merge remote-tracking branch 'upstream/v2.7.x-release' into 16120 2023-06-06 08:45:29 -03:00
Daniel Petri Rocha
d2762657ee
Merge branch 'v2.6.x-release' into mime-fixes 2023-06-06 12:12:13 +02:00
danielpetri1
ffeb8c3acb Allow multiple MIME types per extension 2023-06-06 10:08:14 +00:00
Paul Trudel
d9cce76c33 Remove unecessary log 2023-06-05 14:33:52 +00:00
Paul Trudel
fe43eba452 Allow default presentation to bypass localhost check 2023-06-05 14:32:25 +00:00
Paul Trudel
ae11bd43a3 Default presentation exempt from validation 2023-06-05 13:49:47 +00:00
Anton Georgiev
748c7a4a0b Merge branch 'v2.6.x-release' of github.com:bigbluebutton/bigbluebutton into june227 2023-06-02 09:45:34 -04:00
prlanzarin
9f46b10485 fix: typo when parsing recordFullDurationMedia API param 2023-06-01 15:05:50 -03:00
Anton Georgiev
e92862ee00
Merge pull request #17986 from paultrudel/meeting-info-attendee-update
fix(Meeting API): Only include online users in attendee list
2023-05-31 18:29:14 -04:00
Anton Georgiev
b18aff32e6
Merge pull request #18045 from paultrudel/ssrf-fix
fix(sec): SSRF fix
2023-05-31 18:19:40 -04:00
prlanzarin
4d1aa87a88 feat: only record media while meeting is being actively recorded
Only record media (microphone, webcams and screens) while meeting is
being actively recorded (ie an user has enabled recording in the
conference). If the conference's recording is paused, media capture will
stop as well (with appropriate recording events).

A bigbluebutton.properties/API#create parameter called
`recordFullDurationMedia` is added to control this behavior. The default
is false (only capture while recording is active). Setting it to `true`
enables the current (legacy) behavior: always capture media if the
meeting's `recorded` prop is true.
2023-05-31 16:36:11 -03:00
danielpetri1
ba6b33a83f Don't rely on filename to determine MIME type 2023-05-30 15:59:58 +00:00
Paul Trudel
08a87f2dad Changed names of presentation download properties and set https as default 2023-05-30 14:02:13 +00:00