meteor/packages at 37201062e1233ee6cb4627016303e40d1ad3fa4a - meteor - AtHeartEngineering

github/meteor

mirror of https://github.com/meteor/meteor.git synced 2026-05-02 03:01:46 -04:00

Files

History

David Glasser 37201062e1 Only allow users to configure login services that are actually part of the app.

(Well, and services with names like "registerLoginHandler", but whatever.)

This prevents this attack:
  - Alice launches site with Facebook login
  - Mallory sends configureLoginService method to configure the Twitter service
  - Alice runs "meteor add accounts-twitter" and is impressed that Twitter integration
    Just Works with no configuration
  - Now the app is using Mallory's credentials

2012-10-08 20:53:49 -07:00

..

Minor changes to deprecated absolute-url package based on code review comments

2012-09-20 07:33:08 -07:00

Only allow users to configure login services that are actually part of the app.

2012-10-08 20:53:49 -07:00

accounts-facebook

Large refactor of accounts-ui

2012-10-08 19:38:20 -07:00

accounts-github

Large refactor of accounts-ui

2012-10-08 19:38:20 -07:00

accounts-google

Large refactor of accounts-ui

2012-10-08 19:38:20 -07:00

accounts-oauth1-helper

Move login token generation into updateOrCreateUserFromExternalService.

2012-10-08 09:18:55 -07:00

accounts-oauth2-helper

Move login token generation into updateOrCreateUserFromExternalService.

2012-10-08 09:18:55 -07:00

accounts-oauth-helper

Rename and refactor Accounts.updateOrCreateUser.

2012-10-08 09:18:55 -07:00

accounts-password

accounts: Allow specifying explicit errors in Meteor.validateNewUser

2012-10-08 19:38:20 -07:00

accounts-twitter

Large refactor of accounts-ui

2012-10-08 19:38:20 -07:00

Large refactor of accounts-ui

2012-10-08 19:38:20 -07:00

accounts-ui-unstyled

Only allow users to configure login services that are actually part of the app.

2012-10-08 20:53:49 -07:00

Change URLs to use / instead of ?. It looks much nicer.

2012-10-04 23:51:31 -07:00

Large refactor of accounts-ui

2012-10-08 19:38:20 -07:00

Refactor bundler; new package API

2012-01-27 20:02:26 -08:00

eliminate App, proxy methods from Meteor

2012-03-16 02:55:14 -07:00

throw error if Backbone.History is called on server; fixes #191

2012-06-19 12:53:52 -07:00

bump bootstrap from 2.0.4 to 2.1.1

2012-09-16 12:10:21 -07:00

Refactor bundler; new package API

2012-01-27 20:02:26 -08:00

Better error reporting for coffescript.

2012-09-16 12:10:09 +10:00

Make everything in deps-utils private for now.

2012-10-05 15:26:22 -07:00

fix reactive <select> tag in IE 7-8

2012-09-24 12:06:19 -07:00

Make email tests pass when deployed.

2012-09-18 13:30:41 -07:00

Fold the absolute-url package into the meteor package

2012-09-19 16:19:54 -07:00

Fix for Handlebars helper functions returning null

2012-09-27 14:31:21 -07:00

gitignore .meteor directories in packages

2012-04-17 20:02:00 -07:00

Change some test names to make it easier to search output for failures.

2012-09-20 12:05:51 -07:00

Minor refactorings and comment tweaks for allow/deny/insecure.

2012-10-04 13:52:03 -07:00

updated jquery from 1.7.1 to 1.7.2

2012-04-17 01:07:48 -05:00

Refactor bundler; new package API

2012-01-27 20:02:26 -08:00

Refactor bundler; new package API

2012-01-27 20:02:26 -08:00

jquery-waypoints

Refactor bundler; new package API

2012-01-27 20:02:26 -08:00

Refactor bundler; new package API

2012-01-27 20:02:26 -08:00

fix jsparse comments in AST

2012-10-01 12:28:09 -07:00

fix CSS preproc tests when Chrome is zoomed

2012-09-18 11:23:49 -07:00

Meteor.Collection now takes its optional parameters ("manager" and some

2012-10-08 09:17:54 -07:00

Small improvements to LiveRange constructor docs.

2012-09-28 16:14:10 -07:00

localstorage-polyfill

localstorage polyfill: Try to not wait for Meteor.startup

2012-07-23 17:57:11 -07:00

Fix Meteor._debug on IE8,9

2012-07-11 23:03:26 -07:00

Meteor.Collection now takes its optional parameters ("manager" and some

2012-10-08 09:17:54 -07:00

Merge branch 'devel' into auth

2012-09-21 10:59:48 -07:00

create new package meyerweb-reset

2012-04-06 00:51:26 -07:00

Update the docs for the removed callback to Cursor.observe.

2012-10-04 18:28:12 -07:00

Meteor.Collection now takes its optional parameters ("manager" and some

2012-10-08 09:17:54 -07:00

Change all publicly documented APIs to use camelCase.

2012-09-17 14:26:45 -07:00

preserve-inputs

Tweaks from Geoff code review

2012-09-29 13:24:46 -07:00

Follow-up to ac9f553: only save migrationData if name provided.

2012-09-28 07:37:13 -07:00

fix CSS preproc tests when Chrome is zoomed

2012-09-18 11:23:49 -07:00

Make everything in deps-utils private for now.

2012-10-05 15:26:22 -07:00

Fixup regression from unintentional package API change associate w/ underscore upgrade.

2012-02-16 18:36:56 -08:00

Make everything in deps-utils private for now.

2012-10-05 15:26:22 -07:00

Fix race condition in spiderable.

2012-09-24 10:41:14 -07:00

Initial commit of SRP package.

2012-07-23 17:59:09 -07:00

Provide package 'meteor' to create the Meteor global

2012-02-23 02:21:10 -08:00

Merge branch 'devel' into auth

2012-10-06 11:10:56 -07:00

fix CSS preproc tests when Chrome is zoomed

2012-09-18 11:23:49 -07:00

Fix for Handlebars helper functions returning null

2012-09-27 14:31:21 -07:00

Make everything in deps-utils private for now.

2012-10-05 15:26:22 -07:00

test-in-browser

Make everything in deps-utils private for now.

2012-10-05 15:26:22 -07:00

Merge remote-tracking branch 'origin/devel' into auth

2012-09-24 22:36:15 -07:00

Upgrade all 3 copies of underscore. *sigh*

2012-04-23 21:45:02 -07:00

universal-events

fix removeEventListener args (FF test failure)

2012-08-22 12:11:55 -07:00

add missing semicolon

2012-09-15 18:32:06 -07:00

.gitignore

gitignore .meteor directories in packages

2012-04-17 20:02:00 -07:00