mirror of https://github.com/ether/etherpad-lite.git synced 2026-01-23 18:55:21 +00:00

History

Richard Hansen 6408d2313c webaccess: Be extra paranoid about nullish password If `settings.json` contains a user without a `password` property then nobody should be able to log in as that user using the built-in HTTP basic authentication. This is true both with and without this change, but before this change it wasn't immediately obvious that a malicious user couldn't use an empty or null password to log in as such a user. This commit adds an explicit nullish check and some unit tests to ensure that an empty or null password will not work if the `password` property is null or undefined.		2020-11-04 18:06:08 +00:00
..
backend	webaccess: Be extra paranoid about nullish password	2020-11-04 18:06:08 +00:00
container	tests: remove loadSettings.js for backend tests.	2020-04-14 03:36:13 +02:00
frontend	tests: Speed up and fix travis (#4453 )	2020-10-30 10:40:11 +00:00
ratelimit	security: Support proxy with rate limiting and include CI test coverage for nginx rev proxy (#4373 )	2020-10-01 10:39:01 +01:00
README.md	tests: backend tests are now run with "npm test" instead of a custom bash script	2018-07-28 23:54:51 +02:00

About this folder: Tests

Before running the tests, start an Etherpad instance on your machine.

Frontend

To run the frontend tests, point your browser to <yourdomainhere>/tests/frontend

To run the backend tests, run cd src and then npm test