* Add public_html folder, configuration and access methods to it
* Make Frontend BETA static resource resolution prefer public_html
* Add resolver for getting any file in public_html from webserver
* Test customized bundle loading from public_html
* Update gradle wrapper to 7.6
* Wrote scripts to React build or run dev server through gradle
* Disable cyclomatic-complexity check on PublicHtmlResolver
* Throw bad request exception on IllegalPathException
* Throw bad request exception on bad chars in URI query
* Implement first response parts of http caching
* Implement cached response for static resources
* Implement HTTP caching for json responses
* Fix last seen value for online players
* Implement http caching for pages (.html)
* Use placeholder cache even with async requests.
Affects issues:
- Close#2813
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
Reverse proxied version of React website now works
when subdirectory address is used (eg. /plan/...)
The functionality was unit tested to ensure things work
Export of React version of frontend now supports exporting to a subdirectory
So now you can access exported site at /plan/... if it is hosted there.
This might impact reverse proxy setups positively, but that has not yet been tested.
The hypothetical positive impact is the inclusion of subdirectory in the React-router
configuration, since now it can handle the reverse-proxy subdirectory in URL.
- Fixed / opening "Redirecting.." view due to wrong whoAmI replacement
- Fixed page not opening because sidebar contained undefined items (static site can't have everything)
- Fixed some sidebar links being anchors instead of react-router links
- Fixed network page not opening due to missing extensionData json
- Fixed server page not opening due to missing extensionData and serverIdentifier json
- Added visual icon to the page when it is exported rather than dynamic for my own sanity
- Removed query page links from exported pages
This bit of code allows passing lists of data in parameterized queries,
which is useful for defining WHERE x IN (?,?,?,?) in a dynamic way.
- Adds AccessControlTest cases for a valid /v1/query call
Cookies that expired during server downtime failed to be
removed from the database.
This occurred because the cookie removal method did a lookup
to the in-memory active cookies, but the startup method does
not load expired cookies to memory.
Because the expired cookies were never loaded to memory this
did not pose a security vulnerability.
Fixed by always deleting a cookie from database if requested.