For htpasswd entries where hash is an actual valid hash (SHA etc.), the hash
itself should not be accepted as password. Otherwise, obtaining the htpasswd
file gives an attacker access to all accounts withoutneeding to crack/reverse
hashes.
This commit tries to ensure that hash==password is only accepted if hash is
not a valid hash (plaintext password fallback).
According to the UI default language, the UI language of collabora/code must be explicitly specified within the URL( &lang=pt-BR ); otherwise, the UI language will always default to English (en).
We want to have a warning so that it is possible from the logs to immediately
see if there have been failed logging attempts.
This might allow in the future to set up tools like fail2ban.
Co-authored-by: Marco Seravalli <me@marcoseravalli.com>
We revamped the plugin so it doesn't have extra dependencies. The issue
is when images have external dependencies, forcing users to use
something like docker to satisfy those but as we see these days, we can
ship the viewer for heic as a wasm plugin existing client side and can
focus on building a smaller footprint server
the issue of plg_image_c is its reliance on shared libraries like libraw
which depends on lcms2 and libheif which depends on a whole bunch of
other stuff. That make releasing a fat binary that just work of
Filestash tricky
if someone ever read this, I would gladly get help to integrate the
whole build of those things within CI without prolonging the build time
by 2 hours.
whenever embedding something with a locale setup, it would crash while
trying to download the translation. This was due to some
missunderstanding of how fetch work while in an iframe and all the
reports would get miss because of that same issue as it was sent not to
the origin server but the website embedding the frame
