-
Notifications
You must be signed in to change notification settings - Fork 80
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WCAG Merge, localization, and custom fields fixes #87
Conversation
…euse field validation and custom fields
MD5: ff035bff2dcf972ee7dfd023455997ef NSP - Security ReportThis is an automated security audit of this project. Please do not modify its contents Vulnerabilities found: 18
Detailed reportPrototype pollution attackAffected Module: hoek Prototype pollution attackAffected Module: hoek Prototype pollution attackAffected Module: hoek Prototype pollution attackAffected Module: hoek Large gzip Denial of ServiceAffected Module: superagent Large gzip Denial of ServiceAffected Module: superagent Large gzip Denial of ServiceAffected Module: superagent Regular Expression Denial of ServiceAffected Module: mime Regular Expression Denial of ServiceAffected Module: mime Regular Expression Denial of ServiceAffected Module: mime Regular Expression Denial of ServiceAffected Module: mime Regular Expression Denial of ServiceAffected Module: mime Large gzip Denial of ServiceAffected Module: superagent Large gzip Denial of ServiceAffected Module: superagent Regular Expression Denial of ServiceAffected Module: debug Regular Expression Denial of ServiceAffected Module: fresh Sandbox BreakoutAffected Module: safe-eval Large gzip Denial of ServiceAffected Module: superagent |
Validation Errors
…t aren't defined as create fields, fix connection label bug
Errormsg localization
Logout fix
…sername back instead of description or log description if it is in the log
* localizable placeholders for custom fields * localizable confirm dialog buttons * errorTranslator function
* remove guardian fix; dashboard admin access_token fix * remove multiple mfa
fix another en.json example
* localizable confirm dialog buttons * errorTranslator function * reload settings when settings hook is saved * username field validation fix; email/username change fix
* localizable confirm dialog buttons * localizable confirm dialog buttons * errorTranslator function * errorTranslator function * localizable labels * user info labels * logs localization fixes; added missed logTypes; complete dictionary * new setting props * unit-tests * restore nyc for unit-tests * auditor (read-only) role
* localizable confirm dialog buttons * localizable confirm dialog buttons * localizable confirm dialog buttons * errorTranslator function * errorTranslator function * errorTranslator function * unit-tests * restore nyc for unit-tests * hidden label for searchBar * dynamic page title * image and icon titles * Meaningful sequence: focus results after search; tests * alternative custom css * docs, examples and cleanup * tests * log description for user logs + tests * locale
* localizable confirm dialog buttons * errorTranslator function * reload settings when settings hook is saved * username field validation fix; email/username change fix * localizable confirm dialog buttons * localizable confirm dialog buttons * errorTranslator function * errorTranslator function * localizable labels * user info labels * logs localization fixes; added missed logTypes; complete dictionary * new setting props * unit-tests * restore nyc for unit-tests * auditor (read-only) role * hidden label for searchBar * dynamic page title * image and icon titles * Meaningful sequence: focus results after search; tests
* mandatory locale * edit.display for change forms * get style settings instead of checking localstorage directly
extension-ui version + minor localization fixes
* locale url fixes, usersTable and display func fixes, dictionary request headers fix * undefined css fix The one thing I'm wondering is whether the redirectUri change will be a problem with the callbackUrls... I'm not sure it should be necessary. We should be able to find a way around that...
…ng lotType description, this should ONLY be used if you really don't want any non-localized values
* display for picture * login redirect fix * mfa tests fix * listOrder fix
… have a field that gets set during password change
…or onlyTheseFields to only those fields to avoid someone adding an extra field to tag along
* requesting connections by stategy * limit connections to 100 * use search_engine v3 by default; added SEARCH_ENGINE option * searchEngine option added to the filter hook * conn and clients multipart request * fix "Running in Development" doc * cleanup * cleanup * tools update * filterBy prop for pagination
Default searchEngine option
This is another fairly significant update. Phase 1 is to add validation support for the fields.
This does both client side and server side validation. The server side validation is really just to prevent users from circumventing the client side validation. It will also protect against role escalation by protecting against a user creating another user with a higher level role that they would have access to.
In order to make this considerably easier, I did a significant refactor on the dialogs. They are now using common code. This could potentially use another iteration as there is still a ton of template-able code in the dialogs.