cubetiq/code-server
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
2,781 Commits 10 Branches 48 Tags
71a8f9a103ee9a5964e7363e19377bc8e18eae6a
Commit Graph

16 Commits

Author SHA1 Message Date
Joe Previte
2092f82270 fixup! fix: escape error.message on login failure 2021-07-01 10:43:37 -07:00
Joe Previte
c505fc45a8 feat: add escapeHtml function 
This can be used to escape any special characters in a string with HTML before
sending from the server back to the client. This is important to prevent a
cross-site scripting attack.
 2021-07-01 10:43:36 -07:00
Joe Previte
7f12fab3ca fix(isHashMatch): check that hash starts with $ 
Previously, we used argon2 to verify the hash with the password.

If the hash didn't start with a $, then it would enter the catch block.

Now we check the hash before trying to verify it and we also throw an Error if
the verify fails.

This makes the isHashMatch function more robust.
 2021-06-30 15:00:21 -07:00
Asher
49c44818d9 Move onLine to utilities 
This way it can be used by the tests when spawning code-server on a
random port to look for the address.
 2021-06-29 12:04:31 -05:00
Asher
add55ecd62 Import utils as a group in tests 
This should simplify testing new utils a bit.
 2021-06-29 12:03:38 -05:00
Joe Previte
1e55a648a5 feat: check for empty str in isHashMatch 2021-06-08 15:10:59 -07:00
Joe Previte
3b50bfc17d fix: sanitize password and cookie key 2021-06-08 14:33:17 -07:00
Joe Previte
6020480b30 feat: add isCookieValid function and tests 2021-06-08 14:33:16 -07:00
Joe Previte
a14ea39c4a feat: add handlePasswordValidation + tests 2021-06-08 14:33:15 -07:00
Joe Previte
7ff4117531 feat: add getPasswordMethod & test for it 2021-06-08 14:33:15 -07:00
Joe Previte
fd3cb6cfa0 refactor: update unit tests for hash fns 
Since the hash and isHashMatch are now async, I had to update the tests
accordingly. Now everything is working.
 2021-06-08 14:33:13 -07:00
Joe Previte
fc3326f1f2 feat: add tests using real hashes 2021-06-08 14:33:12 -07:00
Joe Previte
aaf044728f refactor: add functions to check hash password 2021-06-08 14:33:12 -07:00
Joe Previte
f35120c0a3 feat: add unit test for hash function 2021-06-08 14:33:12 -07:00
Joe Previte
46fe77d464 chore: update CHANGELOG 2021-05-13 12:10:22 -07:00
Joe Previte
2a657ab930 feat: add tests for getEnvPaths 2021-05-13 12:10:21 -07:00