Commit Graph

1516 Commits

Author SHA1 Message Date
Anthony Stirling
c6980e9693
Merge pull request #2434 from Ludy87/security_fix_1
Security fix: Server-Side Request Forgery
2024-12-12 11:28:56 +00:00
Anthony Stirling
9d8d90bf2f
Merge pull request #2432 from Stirling-Tools/update_translation_files
Update translation files
2024-12-12 11:01:22 +00:00
Anthony Stirling
026fe8150d
Merge pull request #2427 from Stirling-Tools/testStuff
X-API-key to X-API-KEY and enable CSRF protection for all users
2024-12-11 21:52:57 +00:00
Ludy87
c3f88f716c
Update GeneralUtils.java 2024-12-11 21:10:18 +01:00
Ludy87
67f983f00d
Security fix: Server-Side Request Forgery
https://github.com/Stirling-Tools/Stirling-PDF/security/advisories/GHSA-4v4c-9hpr-93vx
2024-12-11 21:06:07 +01:00
github-actions[bot]
9167f12296
Update translation files
Signed-off-by: GitHub Action <action@github.com>
2024-12-11 17:28:28 +00:00
Anthony Stirling
82bebf5c62
Merge branch 'main' into feature/1856/decrypt 2024-12-11 17:26:14 +00:00
Reece Browne
bb3f076e6d Final pages fixed for decryption 2024-12-11 16:55:27 +00:00
Reece Browne
64dfa4b841 Tweak additional files to integrate decryption and clean up js 2024-12-10 22:21:00 +00:00
thiagoor-cpu
0f6f3f305a
Update messages_pt_BR.properties (#2429)
Up-to-date translation PT-BR
2024-12-10 20:40:28 +00:00
Anthony Stirling
58c7d7b9a8 X-API-key to X-API-KEY 2024-12-10 20:39:24 +00:00
Reece Browne
ef8231de3a Add Decrypt to all relevant pages 2024-12-10 16:39:06 +00:00
Anthony Stirling
c1c3eba398 ensure csrf is enabled 2024-12-10 11:17:50 +00:00
Anthony Stirling
1639e0fc4c format 2024-12-09 20:41:13 +00:00
Anthony Stirling
0652299bec fixes 2024-12-09 20:40:59 +00:00
Reece Browne
1d6511b043 Check if file is encrypted without password 2024-12-09 13:20:08 +00:00
F43Z
a400fe6015
feat: fa locale added (#2416)
* feat: fa locale added

* fix: fa_locale issues fixed

* Update settings.json
2024-12-08 20:19:52 +00:00
Sai Kumar
b47df3d252
Text color selection for watermark (#2415)
* added custom color selection for Watermark

* using the same translation as AddStampRequest.customColor for the new watermark.customColor

* fixed the space issue between words
2024-12-07 14:19:50 +00:00
Michael Bohn
cb6e1cd94e
Update messages_de_DE.properties (#2410)
Some minor changes/fixes to german translation.
2024-12-07 12:15:52 +00:00
Reece Browne
6ee6254f5a Additional decryption translations 2024-12-06 21:26:28 +00:00
Reece Browne
f2c9549ba1 Password prompt translations 2024-12-06 20:53:16 +00:00
Reece Browne
58278c07ff Translations for errors 2024-12-06 20:46:04 +00:00
Reece Browne
4d017610b8 PDF decryption 2024-12-06 19:08:18 +00:00
Reece Browne
dcafc0d487 Merge branch 'decrypt' of https://github.com/Stirling-Tools/Stirling-PDF 2024-12-06 15:33:44 +00:00
Anthony Stirling
397a07afe8
english translation fixes (#2408)
* english

* Update messages_en_GB.properties
2024-12-06 12:25:08 +00:00
Ludy
1bc6b4149c
Update German translation + remove unnecessary comment (#2405) 2024-12-06 10:23:00 +00:00
Anthony Stirling
5a5a8bb7ba
quick fixes (#2404) 2024-12-05 19:55:34 +00:00
albanobattistella
400965ffc8
Update messages_it_IT.properties (#2401) 2024-12-05 17:39:49 +00:00
Omar Ahmed Hassan
f8f137a30a
Feature: Show permissions as a separate tab (#2396)
Show permissions as a separate tab

- Move permissions code into a separate for better readability and maintainability.
- Separate `Permissions` node from `Encryption` so that it would be displayed in the frontend as a separate tab.
- Use more user friendly permission labels such as replacing `canModify` with `Modifying` and values such as `Allowed` and `Not Allowed` instead of `true`, `false`.
- Show permissions regardless of the encryption state.
2024-12-05 17:00:23 +00:00
github-actions[bot]
f6a2d4784b
Update translation files (#2398)
Signed-off-by: GitHub Action <action@github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-12-05 16:02:35 +00:00
reecebrowne
526dc9f911
Only download one file on sign cert (#2397) 2024-12-05 15:58:27 +00:00
Anthony Stirling
cce9f74eb9
PDF Cert validation (#2394)
* verifyCerts

* cert info

* Hardening suggestions for Stirling-PDF / certValidate (#2395)

* Protect `readLine()` against DoS

* Switch order of literals to prevent NullPointerException

---------

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>

* some basic html excaping and translation fixing

---------

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
Co-authored-by: a <a>
2024-12-05 15:56:22 +00:00
Omar Ahmed Hassan
0e3865618d
Fix missing upload button (#2393)
The code snippet `input[type=file]{ display: none;}` was unintentionally hiding the upload button, to fix this, it was changed to only target input within `.input-container`
2024-12-05 11:16:16 +00:00
reecebrowne
d888ed1ae0
Feature/undo page break (#2389)
* Fix delete selected
Fix add page break where selected
Added undo logic for page breaks

* Add pages undo capability

* Fix page break when selected logic
2024-12-05 10:43:31 +00:00
Anthony Stirling
99d1b46d97
Update MetricsAggregatorService.java 2024-12-03 15:26:40 +00:00
Omar Ahmed Hassan
b7da84d257
Fix deserialization failure in Change Metadata (#2382)
* Fix deserialization failure from String to Map

Fix deserialization failure from String to Map that caused the following exception:
Resolved [org.springframework.web.bind.MethodArgumentNotValidException: Validation failed for argument [0] in public org.springframework.http.ResponseEntity<byte[]> stirling.software.SPDF.controller.api.misc.MetadataController.metadata(stirling.software.SPDF.model.api.misc.MetadataRequest) throws java.io.IOException: [Field error in object 'metadataRequest' on field 'allRequestParams': rejected value [{"customKey1" : "YourCustomKey", "customKeyValue1", "YourCustomValue"}]; codes [typeMismatch.metadataRequest.allRequestParams,typeMismatch.allRequestParams,typeMismatch.java.util.Map,typeMismatch];

* Fix form binding for dynamic Map entries in Change Metadata

- Implemented support for dynamic key-value inputs in Change Metadata form using proper `name` attributes for Map (`allRequestParams`) binding.
- Fix form binding for dynamic Map (`allRequestParams`) entries in Change Metadata as the `allRequestParams` (Map name) was being sent as an empty map.
2024-12-03 08:28:34 +00:00
albanobattistella
6ff53aa5b3
Update messages_it_IT.properties (#2380) 2024-12-02 18:59:05 +00:00
github-actions[bot]
64cf5167c0
Update translation files (#2378)
Signed-off-by: GitHub Action <action@github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-12-02 18:18:16 +00:00
Omar Ahmed Hassan
de4637e8d4
Fix drag and drop area for file choosers by adding separate ones (#2368)
* Add separate drag and drop area for file choosers

 - Add separate drag and drop area for file choosers

### Why?
Previously, when there were multiple file choosers in the same page, if you attempted to drag and drop any files, they would be added to both file choosers as it was designed at first to handle 1 file chooser present, now that we have multiple ones, it is necessary to adapt our design to match the changing functionality.

### Can you not preserve the old overlay when there's only one file chooser present?
Yes, we can, but imagine as a user, you try to drag and drop a file in one page and the fields turn into drag and drop areas then you go to another page and try to drag and drop again but you encounter the old overlay instead, as a user you might get confused and ask yourself "What changed?" or if a user is telling another user the steps to drag and drop files and he didn't know about this case, then it would still be confusing, thus consistency is preferred in this case.

* Update file chooser UI

* Add support for listing and removing selected files and their file icons

- Selected files are listed below the file chooser in a selected files container.
- Users can now remove uploaded/selected files.
- Hide selected files container/box unless there are files selected/uploaded.
- Add separate overlay for each drag & drop area.

## FAQ:
- Why did you assign a unique id to each file? isn't the filename enough?
= Because a user might upload multiple files with the same name, if the user wanted to remove one of them, how would we differentiate between them? we won't be able to unless we assign an identifier, you might argue "we remove based on the filename and size", then what if the user uploaded the same file more than once (intentionally), then we would accidentally remove all the files even though that is not what the user wanted, so going with unique ID approach would prevent this issue/problem from occurring in the first place.

* Rename remove-file css class to remove-selected-file

- Rename remove-file css class to remove-selected-file to avoid css conflict with remove-file in merge.css

* Use input element to dispatch event on file removal

Use the correct element to dispatch "file-input-change" (input element is the correct one).

* Adapt file chooser UI to themes

- Adapt file chooser UI to themes by adjusting their font colors and background colors.
- Make text more visible in overlay by increasing the font size by 0.1rem and setting font weight to 550.

* Remove extra overlay border

- Removing overlay's border as it is unnecessary and only causing a double border issue on the file input container.

* Remove Browse button, highlight file chooser and make it clickable

- Remove browse button.
- Make the entire file chooser container clickable.
- Add glowing effect on hover for file chooser.
- Change color of file chooser on hover.

* Replace crypto.randomUUID() with UUID.uuidv4()

- Replace crypto.randomUUID() with UUID.uuidv4() as crypto.randomUUID() is only supported in secured contexts such as localhost 127.0.0.1 and over HTTPS

* Fix merge file removal not being reflected in file chooser

- Files removed from the list in merge page would now be reflected in the file chooser's container.

* Make inputElement optional in removeFileById

- Make inputElement optional in removeFileById, this way we could control changing inputElements files.

* Add translation support to file chooser

---------

Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2024-12-02 18:10:12 +00:00
Sai Kumar
3c0a8071dc
added support for new line break in stampController (#2370)
added support for new line in stampController

Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2024-12-02 17:48:19 +00:00
Omar Ahmed Hassan
04ccdf6f76
Fix: prevent fileInput.js from adding event listeners more than once (#2365)
Fix fileInput.js adding event listeners more than once

- Fix a bug that caused fileInput.js to add event listeners more than once per HTML file as it's included in fileSelector fragment in fragments/common.html thus it's being loaded N times where N is the number of file selectors / custom file chooser / file input elements per HTML file, which resulted in each event actions being executed N times as well, which was prevalent in drag and drop operations such as dragging and dropping a file called y.png, it would be duplicated N times (as in /sign path).
2024-12-02 17:41:11 +00:00
Omar Ahmed Hassan
db02fba31f
Fix translations for watermark spacers (#2369)
Fix translations by adding a space between width/height and spacer and capitalize the first letter
2024-12-02 17:01:19 +00:00
Omar Ahmed Hassan
5b6f649e4e
Fix submit button in crop by adding id (#2374)
- Add missing ID to submit button in crop page.
2024-12-02 10:40:46 +00:00
Omar Ahmed Hassan
de23bb702c
Fix allowing multiple files to be dropped onto a single file input (#2359)
Fix a bug that allowed multiple files to be dropped onto a single-file input element

- Fix a bug that allowed multiple files to be dropped onto a single-file input element by accepting only the first file.
2024-11-29 17:31:14 +00:00
github-actions[bot]
25e564154e
Update 3rd Party Licenses (#2362)
Signed-off-by: GitHub Action <action@github.com>
Co-authored-by: GitHub Action <action@github.com>
2024-11-29 15:41:29 +00:00
Anthony Stirling
3633a979d3
fixes and other changes and debug of WIP SAML (#2360)
* backup

* remove debugs

* oauth to saml and compare fixes etc

* ee flag for saml

* more fixes

* info to debug

* remove unused repo

* spring dev fix for saml

* debugs

* saml stuff

* debugs

* fix
2024-11-29 15:11:59 +00:00
Omar Ahmed Hassan
99d481d69f
Fix Array.from syntax in nonmultiple file upload (#2357)
- Fix Array.from syntax in nonmultiple file upload as Array.from(<non-array or string>) returns an empty array which is the case when a file is selected from an input element (when multiple attribute isn't  supported) which can be found in Array.from(element.files[0]) -> results in an empty array.
2024-11-29 12:22:52 +00:00
albanobattistella
b2e6d89d16
Update messages_it_IT.properties (#2355) 2024-11-28 14:42:55 +00:00
github-actions[bot]
b59d2d15b4
Update translation files (#2354)
Signed-off-by: GitHub Action <action@github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2024-11-28 14:42:29 +00:00
Omar Ahmed Hassan
61e750646c
Feature: Undo Redo options multi tool #2297 (#2348)
* Implement Command class for Command Pattern

Created a base `Command` class to implement the **Command Pattern**. This class provides a skeletal implementation for `execute`, `undo`, and `redo` methods.

**Note:** This class is intended to be subclassed and not instantiated directly.

* Add undo/redo stacks and operations

* Use rotate element command to perform execute/undo/redo operations

* Handle commands executed through events
- Add "command-execution" event listener to execute commands that are not invoked from the same class while adding the command to the undo stack and clearing the redo stack.

* Add and use rotate all command to rotate/redo/undo all elements

* Use command pattern to delete pages

* Use command pattern for page selection

* Use command pattern to move pages up and down

* Use command pattern to remove selected pages

* Use command pattern to perform the splitting operation

* Add undo/redo functionality with filename input exclusion

- Implement undo (Ctrl+Z) and redo (Ctrl+Y) functionality.
- Prevent undo/redo actions when the filename input field is focused.
- Ensures proper handling of undo/redo actions without interfering with text editing.

* Introduce UndoManager for managing undo/redo operations

 - Encapsulate undo/redo stacks and operations within UndoManager.
- Simplify handling of undo/redo functionality through a dedicated manager.

* Call execute on splitAllCommand

- Fix a bug that caused split all functionality to not work as execute() wasn't called on splitAllCommand

* Add undo/redo buttons to multi tool

- Add undo/redo buttons to multi tool
- Dispatch an event upon state change (such as changes in the undo/redo stacks) to update the UI accordingly.

* Add undo/redo to translations

* Replace hard-coded "Undo"/"Redo" with translation keys in multi tool

---------

Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2024-11-28 14:25:13 +00:00