| Age | Commit message (Collapse) | Author |
|---|
|
* Add empty config.php and tracker.php files to each plugin that doesn't have them; add to whitelist of files that are included in new plugins generated by generate:plugin
* Add plugin files for plugins which were missing them
|
|
|
|
|
|
* Make sure xss entries is always an array.
* Update expected test files and submodule.
* Regenerate broken omnifixture dump.
* poc conversion to chrome headless for UI tests, single test works locally
* Get single test to pass on travis & local w/ headless chrome.
* Remove old diff viewer generation, and get output to look the same as before when there is a failure.
* Add global timeout & get ViewDataTableTest to pass.
* Convert BarGraph_spec.js.
* Convert EmptySite_spec.
* Update EvolutionGraph spec for chrome headless.
* Convert GoalsTable test & find/replace for common changes.
* Convert MeasurableManager.
* Another find & replace.
* Get Menus/OptOutForm to pass w/ chrome headless
* Convert PeriodSelector, PieGraph & PivotByDimension UI tests.
* undo unrelated debugging change
* Convert QuickAccess UI tests
* Converts ActionsDataTable UI tests
* reset viewport after each testsuite
* Converts RowEvolution UI tests
* Converts Theme UI tests
* Converts SiteSelector UI tests
* Converts CustomVariables UI test
* Converts DBStats UI test
* Ignore empty responses when calling api/controller
* Converts Dashboard UI tests
* Converts Live UI tests
* Converts SimpleUI tests
* Converts Installation UI tests
* Converts ImageGraph UI tests
* Converts Login UI tests
* Converts Marketplace UI tests
* Converts Insights UI tests
* Converts ReportExporting UI tests
* Converts UIIntegration tests
* Updates ViewDataTable UI tests
* Converts CoreUpdater UI tests
* Converts UsersManager UI tests
* Converts Morpheus UI tests
* Converts MultiSites UI tests
* Fix testEnvironment.callApi handling of array parameters
* Converts Overlay UI tests
* Converts PrivacyManager UI tests
* Converts ScheduledReports UI tests
* Converts SegmentEditor UI tests
* compare pixel difference in images
* Converts PeriodSelector UI tests
* allow a pixel difference
* Converts SingleMetricView UI tests
* Converts SitesManager UI tests
* Converts Transitions UI tests
* Converts MeasurableManager UI tests
* Move Mouse out of screen after each test suite
* Converts PieGraph UI tests
* Ensure cursor is not shown in focused input elements
* Converts VisitorMap UI tests
* Converts CustomLogo UI tests
* Converts BarGraph UI tests
* Converts EvolutionGraph UI tests
* Converts IntranetMeasurable UI tests
* Converts TrackingFailures UI tests
* Converts CampaignBuilder UI tests
* Converts TagManagerTeaser UI tests
* fix request url rewrite for changed port
* Converts TwoFactorAuth UI tests
* do not print full responses in logs, but size instead
* improve additional style injection
* use submodule branches
* fix request interception
* update dependencies
* [TEMP] disable dangerous link checks
* [TEMP] limit tests
* Use puppeteer@next and make sure diffs get uploaded properly.
* Use correct fs function.
* Allow timeout to be specified on command line for UI tests and debug console logs.
* timeout option tweak
* Setup diff dir once before running tests not before each suite.
* fix last commit
* Update screenshots and fix some specs.
* Convert some tests that were not converted during merge.
* updating screenshots
* Updating screenshots and fixing some tests.
* more test fixes
* couple more test fixes
* More test fixes and plugin updates.
* wait for jquery
* Fix some screenshots and tests.
* more test fixes
* debug travis test failure
* remove .only
* more test fixes and updated expected files
* another test fixing iteration
* typo
* another quick test change
* more tests updates
* Test fixes and & more debugging.
* more debugging and test fixes
* more fixes and debugging.
* remove .only
* Another round of fixed tests.
* more debugging & fixes
* more test changes
* more debugging and fixes
* Fixing more tests + some bug fixes.
* Couple more fixes.
* Couple more fixes.
* Fixing tracking failures test
* more fixes
* Last couple fixes hopefully.
* couple more test fixes
* more fixes, bug fix in usersmanager, some test updates
* Some more test fixes/changes.
* more and more fixes
* hoping for a green build
* Do not compare against existing files in dashboard_spec.
* more fixes, re-enabling travis
* really re-enable travis
* Install puppeteer on travis-ci.
* more fixes
* try to fix random failues
* remove return
* Convert some login tests I forgot and update UsersManager expected file
* Fix test for primary key update
* Update AddPrimaryKey.php
* More test fixes + implement synchronous comparison threshold (so no resemblejs)
* More wait fixes + reset token detection fix.
* couple more fixes
* Fix login/overlay screenshot issue & magick command running issue.
* identify is the executable on travis (hopefully) + fix some random failures
* Another run.
* Last fix.
* two more tweaks
* typo
|
|
* fix condition
* NullHandler must be end of writer array to allow other handlers to handle the message (since it seems to stop bubbling).
* Do not do php eol check during tests.
* Just in case.
* try to fix the build
* Add screenshot.
|
|
enable_framed_pages = 1. (#14133)
* Propagate token auth in ajax requests if something is widgetized OR if enable_framed_pages is set to 1.
* Add UI tests for embedding entire app.
* Forgot to add file.
* Adds missing UI file
|
|
|
|
|
|
|
|
* Rename long files.
* fix test name
* Try to fix several test failures.
* Rename expected files.
* --amend
* Try to fix tests.
* Fix more system tests.
* Fix more tests.
* Add debug log.
* Update CustomAlerts submodule for test fix.
* Fix some more screenshots.
* Fixing more tests.
* Update more expected test files & screenshots.
* Last couple fixes.
* update tagmanager submodule
* update submodule
* update submodule
|
|
* add new category profiles
* disable row evolution
* add real time reports
* improve style when full-width
* change menu order plus remove visitors report
* remove more traces of the profiles report
* fix some ui tests
* fix more tests
* fix tests
* fix some tests
* Update en.json
* Update SegmentedVisitorLog.js
* updates expected test files
* updates expected UI files
* Updating expected files.
* Update expected screenshot.
|
|
* add possibility to switch period in evolution graph
* fix some tests
* fix ui test
* Update screenshots.
|
|
avoid unintentionally sending private data to foreign servers
|
|
* fix some tests
* fix more tests
* fix more tests
|
|
|
|
|
|
|
|
(#13446)
* Use postMessage instead of directly making API calls in the overlay iframe.
* Make sure it will work when Matomo is on a subfolder.
* Increase overlay security with domain and method whitelists.
* Try to fix UI test.
* Fix tests + UI test blacklist check.
* broadcast.getValuesFromUrl does not decode URL params.
|
|
|
|
|
|
|
|
|
|
* Modifying "cookie authentication" to be more secure.
Instead of authenticating by token auth if it exists in the cookie, validate an existing session. If the session
has the user name stored as a session var, it has been authenticated. If the request has the same IP address and
user agent as the request that created the session, the request is from the user that created the session. If
both of these are true, then the session is valid, and we don't need a token auth to authenticate.
If the session is deleted before the Piwik auth cookie expires (due to garbage collection), we attempt to
re-authenticate using a secure hash of the token auth. We don't do this on every request since password_verify()
will, at BEST, add 3.5ms to every request.
* Invalidate existing sessions after user password change.
Invalidation is accomplished w/o having to individually touch sessions by:
1. Using the password hash as the piwik_auth key secret, instead of the token auth. So when a password changes, existing piwik_auth keys are no longer valid. This affects session re-authentication.
2. Saving the session start time & the last time a user's password was modified, and checking that the session start time is always newer than the password modification time.
* Set session.gc_maxlifetime to login_cookie_expire time so session data does not disappear, remove session re-auth functionality & tie cookie hash to password modified time instead of password hash to retain automatic session invalidation on password change.
* In SessionInitializer, clear other cookie values so previously stored token auths will be removed.
* Make sure anonymous user is still default user whan authenticating.
* fixing test failures
* Remove hash checking in piwik_auth cookie.
piwik_auth cookie still required since it's presence indicates we should use SessionAuth instead of the normal authentication mechanism. Since there's always a session, even if you're not logged in, PIWIK_SESSID can't be used by itself to determine this.
* Make sure session auth doesnt break in edge case where ts_password_modified column does not exist.
* Clarify session destruction/invalidation logic in SessionAuth.
* Make UsersManagerTest slightly more comprehensive.
* Use Date::now()->getTimestampUTC() instead of time() in SessionFingerprint::initialize().
* Check getUser returns correct user info in SessionAuth for sanity.
* Add SessionInitializer::getAuthCookie() back since it is @api.
* Remove IP address from session auth info + check.
* Refactor session start changes so it is started in one place only.
* Remove SessionAuthCookieFactory & deprecate auth cookie INI config vars (still needed for SessionInitializer deprectaed method).
* Make sure user can still login if ts_password_modified column is not present in database.
* Rename ts_password_modified Update class.
* Update comment in SessionAuth to include why Piwik tries to create another session.
* Restore 3.x-dev SessionInitializer for BC (deprecated), move new SessionInitializer to core, add tests for both SessionInitializers.
* Change update to 3.5 version.
* Make sure normal auth implementation is used if sessionauth fails so anonymous user can be logged in.
* On logout clear session fingerprint so same session cannot be used to login.
* Change update name + bump version, and make sure Session::rememberMe() is called before session is started (otherwise it has no effect).
* Fixing tests.
* apply review fixes
* remove test
|
|
* Replace proxy redirect with rel=noreferrer
* Add noopener
* Restore action=redirect for non-Matomo links
* Wrap referring URLs
* NO target on download link
* Fix Github links
* Fix whitespace
* Fix tests
* Revert change
* Revert changes
* Fix tests
* Add noreferrer shim for MSIE 10
* Remove all action=redirect links
* Restore noreferrer
* Restore test
* Fix one more occurrence
* Update changelog
* Combine if's
* Fix changelog wording
* Fix stray whitespace
|
|
|
|
* Implements new referrer type for social networks
* removes footer message from social report
* Show social network referrers in Transitions
* update / improve tests
* Improves API code
* use transient cache instead of static properties
* remove debugging statement
* updates changelog
* cs
* Update expected test files.
* Update expected screenshots
|
|
* started working on some ACL concept
* acl implementation
* add category
* small tweaks
* more tweaks
* more api methods and fixes
* cache capabilities
* various enhancements, fixes, tweaks
* more tweaks
* added more tests and fixed some bugs
* fix parameter
* make sure to be BC
* make sure to be BC
* fix some tests
* more apis, translations, changelog entry, ...
* update db
* correct error message
* fix capabilities were not detected in tests
* directly access provider
* fix and add test
* JS api to check capabilities, better structure for capabilities in tests
* add ability to inject permissions
* apply review changes
* fix test
|
|
Only the files declaring a shebang have their execution bit set.
Everything else is not executable to avoid possible security issues
|
|
* set correct lineThickness and fix default fill color
* update UI files
|
|
* Format metrics in row evolution popover correctly
* Update UI files
|
|
* replace sparkline library with modern equivalent
* test setting $enableSparklineImages to true for UI tests
* update LEGALNOTICE
* add minimum and maximum dots
* further improve sparklines
- no minimum/maximum if they are the same
- add offset to the top so that maximum isn't stuck at the border
- doubled resolution of image as it was a bit blurry and it's still
<1.5KB
* fix display size of sparklines
* make Sparklines red
* fix sparkline size in rowEvoluton
* change line colors to black
* lastPoint and padding
* update Sparkline to new version
* remove possibility to disable sparklines ($enableSparklineImages)
* handle formatted numbers
* Updates UI files
|
|
|
|
`broadcast.propagateAjax`, `broadcast.pageLoad` (#12363)
* deprecates broadcast.propagateAjax()
* make overlay js independed from history service and some broadcast methods
* deprecates historyService alogn with some broadcast methods
* make popovers work in widgetized dashboard without history service
* do not update overlay page/sidebar when iframe url didn't change
prevents reloading data when opening a popover
|
|
* Do not use sync ajax requests
* adds deprecation comments
* convert some methods to be fully async
* adds minimum waittime after page load in ui tests
* improve wait times
|
|
* Allow segmented visitor log popup to launch visitor profile & modify popover management to use window history to retain last opened popover.
* Keep track of popovers opened so closing popover when initial page load w/ popover does not result in exiting matomo + only do window.history.back() in one place.
* Decouple popover stack from window history because its too complicated to make that work.
* Reset popover stack as precaution.
* Clean up visitor log tooltips on destruction.
* Fix widgetized popover open/close.
* Another precaution against zombie tooltips.
* Reset popover stack if user clicks outside of modal and scroll to loading dialog in odd case where it is created oustide of current viewport.
* Update expected screenshots.
|
|
|
|
|
|
* move Overlay UI tests to Overlay plugin
* remove UI files that has been moved
* move Login UI tests to Login plugin
* check for element instead of comparing screenshots
* Move Installation UI tests to it's plugin
* Move UI tests for Marketplace to Marketplace plugin
* Updates Sync Screenshots command to download test files to correct directories
* ensure shortcut help is always tested with same useragent
* Move VisitorMap UI tests to UserCountryMap plugin
* Move Morpheus UI tests to plugin
* Move MultiSites UI tests zu plugin
* Move ActionsDataTable UI tests to Actions plugin
* Renames Test directories to tests
* Move UsersManager UI tests to plugin
* Move CoreUpdater UI tests to plugin
* Move DBStats UI tests to plugin
* Move Transitions UI tests to plugin
* Move Insights UI tests to plugin
* improve UI tests splitting on travis
* Moves SegmentEditor UI tests to plugin
* Moves SitesManager UI tests to plugin
* Moves ImageGraph UI tests to plugin
* move live ui test files to git lfs
* remove retry
* update test file
* improve splitting for travis
* prevent test from failing randomly
|
|
* Use more font icons instead of images
* update ui files
* fix test
* update UI files
|
|
|
|
|
|
|
|
* Replace all occurences of Piwik in english translations of Actions plugin
* translation update
* Replace all occurences of Piwik in english translations of API plugin
* translation update
* Replace all occurences of Piwik in english translations of core
* replace Piwik occurrences
* Rename widget piwik.org blog => matomo.org blog
* fix widget name
* replaced some more piwik mentions
* Renamed to Matomo a few strings
* Replaced more strings to Matomo in JSON files, twig templates
* Replaced more strings to Matomo in INI file
* Replaced more strings to Matomo in API docs, error messages, feedback forms
* introduce API.getMatomoVersion and ExampleAPI.getMatomoVersion API + deprecate old ones
|
|
* renaming more Piwik mentions
* some more updates
* fix some tests
* support matomo partially as require string
* fix tests
* fix failing system test
* fix tests
* fix system test
* fix test
|
|
|
|
|
|
* http://piwik.org -> https://piwik.org
* more HTTPS URLs
* some more HTTPS URLs
* test README
* don't show "Plugin Hompage" for Piwik plugins
* fix tests
* compile minified js
(hope I didn't break anything)
* some more small changes
* fix UI test
* comment length in piwik.js changed due to https links
* fix test
* update ui file
* update submodule
|
|
|
|
|
|
|
