Chrome users could submit the form multiple time by entering the TOTP
code and then pressing Enter key, or clicking the onscreen submit
button. This would be less likely on low latency connections (because
auto-submit would complete before the user presses Enter key) but quite
doable on high latency connections.
The fix is to attach an event handler to form's "onsubmit" events.
The handler lets the first event through, and call preventDefault()
on subsequent events. This takes care of:
* programmatic submits by calling form.requestSubmit()
* Enter key in an input field
* click on the onscreen submit button
When user double-clicks on text, browser selects a single word.
When user triple-clicks, browser selects a line or a paragraph
of text.
We have JS code that enables user to click on ping URL to copy
it to the clipboard. After copying it shows a small non-native
tooltip saying "Copied!" above the ping URL. This was interfering
with triple-click selection, the word "Copied!" would get selected
as well.
The fix is to use document body as the container of the tooltip,
not the ping URL span (which is the default).
Previously, if the user enters a weak password like "qwerty",
the score is 0, the password strength bar is empty (all gray).
It is easy to not notice the password strength bar at all.
Now, the lowest score for a non-empty password is 1, meaning
the user will see one red bar. This will hopefully draw more
attention to the password strength bar.
Users are still allowed to choose weak passwords.
The live-updating code still needs float timestamps, but
we only need them for the most recent event (so we know
the lower threshold for fetching new events). We now send
the float timestamp separately:
* in the `/log/` view, we put it in HTML content, in a <script> tag
* in the `/log_events/` view we put it in response header
The main benefit of this is smaller response sizes for the
`/log/` and `/log_events/` views.
* look up the favicon DOM element only once
* update the favicon only if title changes, not on every refresh
* details.js: use the base URL when constructing favicon URL
* Switch from nouislider to simpler <input type="range">
* Move it to a sidebar
Also, fix a bug in _get_events where the "start" local variable
got clobbered, and made the date range for the Notification
query wrong.
* MVP for notification groups.
* Addressed review comments.
* Push notification group to the front.
* Updated icons.
* Reduce code duplication.
* Show groups at the top.
* Add label to group forms.
* Add checkboxes for integration selection.
* CSS for checkboxes.
* Added tests for group notify.
In the "Details" and "Log" pages Healthchecks displays a list
of events (incoming pings and sent alerts). At the top of the
events list is a two- or three-way selector for selecting
the timezone for formatting event dates and times. The selector
options are "UTC", check's configured timezone, and "Browser's
time zone". The "Browser's time zone" used to be default, initial
selection for all checks.
With this change, for checks that use cron schedule, the default
selected timezone will be the check's configured timezone.
The "Browser's time zone" option is of course still there and the
user can switch to it to see dates and times in their local time.
Rationale: I semi-regularly get support requests about unexpected
or missing alerts, where the problem boil downs to a timezone
mismatch between the client and the Healthchecks server. Sometimes
the confusion seems to be caused by the user seeing ping arrival
times in their local time zone, comparing them to their cron
expression, and not realizing their server may be using a different
timezone. By switching the default display timezone to the check's
configured timezone, I hope users will be more likely to notice
discrepancies between ping arrival times, the cron schedule,
and their local clock.
For checks using simple schedules (timeout and grace), we still
default to browser's timezone for display.
Fixed CSS issues:
* In the tag input element, when entering a new tag,
the "Add ..." item was missing padding. Padding added.
* In the timezone selects the caret was hidden, so it was
hard to discover that timezone options can be filtered by typing.
Caret in timezone selects is now visible and blinking.
