htwkmooc/codeocean
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
5,603 Commits 2 Branches 0 Tags
3aeef7ebdd4e05e93090dd57573d920481e6b22a
Commit Graph

104 Commits

Author SHA1 Message Date
Sebastian Serth
3aeef7ebdd CSP: Refactor custom settings to ease further expansion 
* This change is introduced due to a corresponding change in CodeHarbor to allow SSO there.
 2023-10-13 13:19:03 +02:00
Sebastian Serth
c232a418f4 CSP: Recognize ACE of using data: images 2023-10-13 00:14:38 +02:00
Sebastian Serth
99bd46af1a Align project files with CodeHarbor 
Since both projects are developed together and by the same team, we also want to have the same code structure and utility methods available in both projects. Therefore, this commit changes many files, but without a functional change.
 2023-10-11 00:18:33 +02:00
Sebastian Serth
4879c0172a CSP: Allow extending directives with 'none' 2023-10-08 13:46:32 +02:00
Sebastian Serth
1bba4a006a Sentry: Check for span description before applying gsub! 2023-09-20 15:32:17 +02:00
Sebastian Serth
7deea1ddac Fix invalid timestamps for breadcrumbs in Sentry 
See https://github.com/getsentry/sentry-ruby/issues/1874
 2023-09-19 11:17:17 +02:00
Sebastian Serth
245c3dba8c Update from proforma to proformaxml 2023-08-24 00:14:41 +02:00
Sebastian Serth
3b4fc0a5ec Fix ActionCable load error due to custom inflection for middleware 2023-08-16 17:11:23 +02:00
Sebastian Serth
d1a0012d4f Overwrite Bootstrap Link Renderer for WillPaginate 
Without this fix, the new will_paginate version is not compatible with the old version of bootstrap-will_paginate. This issue is also tracked here: https://github.com/mislav/will_paginate/issues/649

Fixes CODEOCEAN-QK
 2023-06-14 14:43:18 +02:00
Sebastian Serth
240fbc5a3b Add Sentry instrumentation for JavaScript 2023-05-09 22:10:40 +02:00
Sebastian Serth
f037c5e961 Enable performance profiling for Sentry 2023-05-03 14:47:56 +02:00
Sebastian Serth
62f96704de Prepare Profiling with Sentry 2023-04-25 23:14:43 +02:00
Sebastian Serth
7fe0fc02e2 Set Sentry context for RailsAdmin 2023-02-21 11:35:29 +01:00
Sebastian Serth
ee63166af7 Sentry: Replace UUIDs with * in URLs 2023-02-16 10:50:01 +01:00
Sebastian Serth
b0c84b190d Enable breadcrumbs and more details for Sentry 2023-02-10 00:38:45 +01:00
Sebastian Serth
750c59ca6a Increase sample rate for Sentry and introduce ENV variable 2023-02-09 19:32:03 +01:00
Sebastian Serth
bf077ef478 Fix rubocop offenses 2022-12-09 13:11:46 +01:00
Sebastian Serth
65c95a1f1c Expire all assets to enable SRI 
Otherwise, many browsers show issues with caching
 2022-12-06 21:23:02 +01:00
Sebastian Serth
48d9863090 Explicitly require prometheus/record during initialization 2022-12-04 15:27:55 +01:00
dependabot[bot]
90b30e2bf7 Upgrade to Rails 7.0 and apply new framework defaults 
* Remove `send_stream` method pulled in before upgrading Rails
* Remove spring, it is no longer included by default for new apps
* Remove deprecated options from environments
* Remove old asset paths and workarounds no longer needed
* Remove unnecessary `OAUTH_10_SUPPORT` const, LTI still uses OAuth 1.0
* Dump schema with new defaults (and specify precision for timestamps where needed)
 2022-12-04 15:21:59 +01:00
Sebastian Serth
ffe96d9223 Remove I18n.translation_present? monkey patch 2022-12-04 15:03:28 +01:00
Karol
bf5781f90d exclude model from rails admin, add possible performance solution (remove all associations from list) 2022-11-24 22:59:12 +01:00
dependabot[bot]
aecd7b8231 Bump rails_admin from 2.2.1 to 3.1.0 
Bumps [rails_admin](https://github.com/sferik/rails_admin) from 2.2.1 to 3.1.0.
- [Release notes](https://github.com/sferik/rails_admin/releases)
- [Changelog](https://github.com/railsadminteam/rails_admin/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sferik/rails_admin/compare/v2.2.1...v3.1.0)

---
updated-dependencies:
- dependency-name: rails_admin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-24 22:59:12 +01:00
Sebastian Serth
e93d6f270d Update Sentry's op name (required for sentry-rails 5.6.0+ 
See https://github.com/getsentry/sentry-ruby/releases/tag/5.6.0
 2022-11-17 00:29:46 +01:00
Sebastian Serth
f17718f69f CSP: Extract JavaScript from layout to assets 
Fixes CODEOCEAN-CP
 2022-11-16 19:47:58 +01:00
Sebastian Serth
e0bce2071e CSP: Allow Webworkers for ACE 
Fixes CODEOCEAN-EQ
 2022-11-16 19:47:58 +01:00
Sebastian Serth
16c00ec136 Add support for signed URLs used by the render_file function 2022-09-23 21:35:22 +02:00
Sebastian Serth
0d40cdd03a [CSP] Allow 'self' as base-uri 2022-09-07 21:41:09 +02:00
Sebastian Serth
2028e636a3 Use SameSite=Lax for LTI login 2022-09-06 13:28:12 +02:00
Sebastian Serth
fe0ad7a79d Add Feature-Policy header 
The header has been renamed to Permissions-Policy, but Rails has no support so far.
 2022-09-06 11:21:38 +02:00
Sebastian Serth
7f0d8b63f9 Use Cookie Prefix in Production and Staging 2022-09-06 11:21:38 +02:00
Sebastian Serth
a2bb2844b4 Add a Content Security Policy 2022-09-06 11:20:57 +02:00
Sebastian Serth
fe41d44548 Use SameSite strict for cookies 2022-09-06 11:20:56 +02:00
Sebastian Serth
d223abfb5e Update from webpacker v5 to shakapacker v6.0.0.rc13 
Using a two-step process is recommended:
332e25186a/docs/v6_upgrade.md
 2022-08-12 10:22:55 +02:00
dependabot[bot]
727f85841d Bump i18n-js from 3.9.2 to 4.0.0 
Bumps [i18n-js](https://github.com/fnando/i18n-js) from 3.9.2 to 4.0.0.
- [Release notes](https://github.com/fnando/i18n-js/releases)
- [Changelog](https://github.com/fnando/i18n-js/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fnando/i18n-js/compare/v3.9.2...v4.0.0)

---
updated-dependencies:
- dependency-name: i18n-js
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-09 10:11:36 +02:00
Sebastian Serth
5707e4c914 Use secure cookies for production and staging 2022-07-15 00:35:09 +02:00
Sebastian Serth
b613267add Remove legacy DockerClient 2022-06-08 13:18:37 +02:00
Sebastian Serth
038864e4b4 Fix Rubocop offenses 2022-04-24 18:18:16 +02:00
Sebastian Serth
393c66918a Reduce sample rate for Sentry transactions 2022-04-04 16:28:38 +02:00
Sebastian Serth
be16738641 Update Sentry to ignore health check transactions 2021-11-26 00:00:45 +01:00
Sebastian Serth
aabb6ca6bc Reduce Sentry traces_sample_rate 2021-11-23 10:04:22 +01:00
Sebastian Serth
e33af5760d Delegate initialization to Runner::Strategy 2021-11-01 17:13:07 +01:00
Felix Auringer
fc6aa12b0a Remove handling of runner timeouts 2021-11-01 17:12:47 +01:00
Konrad Hanff
286a3f394d Fix autocorrectable rubocop offences and implement suggestions 2021-11-01 17:12:46 +01:00
Konrad Hanff
c14cf99a96 Don't cleanup runners during precompile 2021-11-01 17:12:46 +01:00
Konrad Hanff
17bd2d8726 Reuse runners per user and execution environment 
Co-authored-by: Jan-Eric Hellenberg <jan-eric.hellenberg@student.hpi.uni-potsdam.de>
Co-authored-by: Maximilian Pass <maximilian.pass@student.hpi.uni-potsdam.de>
 2021-11-01 17:12:46 +01:00
Sebastian Serth
4926b33a5f Introduce new config option for JS-based Sentry 
* Also update environment_variables.md
 2021-07-08 20:15:29 +02:00
Sebastian Serth
237c225732 Add support for running CodeOcean under a subpath 
* Also refactor (JavaScript) routes
 2021-07-06 19:33:55 +02:00
Sebastian Serth
7914608efe Add js-routes to use Route helpers in JavaScript 2021-07-06 16:54:27 +02:00
Sebastian Serth
7543749e81 Lower Sentry trace sample rate to 5% 2021-05-17 22:54:00 +02:00