Table of Contents

About this Documentation

The goal of this documentation is to comprehensively explain Etherpad, both from a reference as well as a conceptual point of view.

Where appropriate, property types, method arguments, and the arguments provided to event handlers are detailed in a list underneath the topic heading.

Every .html file is generated based on the corresponding .md file in the doc/api/ folder in the source tree. The documentation is generated using the src/bin/doc/generate.js program. The HTML template is located at doc/template.html.

Statistics

Etherpad keeps track of the goings-on inside the edit machinery. If you'd like to have a look at this, just point your browser to /stats.

We currently measure:

Under the hood, we are happy to rely on measured for all our metrics needs.

To modify or simply access our stats in your plugin, simply require('ep_etherpad-lite/stats') which is a measured.Collection.

Localization

Etherpad provides a multi-language user interface, that's apart from your users' content, so users from different countries can collaborate on a single document, while still having the user interface displayed in their mother tongue.

Translating

We rely on https://translatewiki.net to handle the translation process for us, so if you'd like to help...

  1. Sign up at https://translatewiki.net
  2. Visit our TWN project page
  3. Click on Translate Etherpad lite interface
  4. Choose a target language, you'd like to translate our interface to, and hit Fetch
  5. Start translating!

Translations will be send back to us regularly and will eventually appear in the next release.

Implementation

Server-side

/src/locales contains files for all supported languages which contain the translated strings. Translation files are simple *.json files and look like this:

{ "pad.modals.connected": "Connecté."
, "pad.modals.uderdup": "Ouvrir dans une nouvelle fenêtre."
, "pad.toolbar.unindent.title": "Dèsindenter"
, "pad.toolbar.undo.title": "Annuler (Ctrl-Z)"
, "timeslider.pageTitle": "{{appTitle}} Curseur temporel"
, ...
}

Each translation consists of a key (the id of the string that is to be translated) and the translated string. Terms in curly braces must not be touched but left as they are, since they represent a dynamically changing part of the string like a variable. Imagine a message welcoming a user: Welcome, {{userName}}! would be translated as Ahoy, {{userName}}! in pirate.

Client-side

We use a language cookie to save your language settings if you change them. If you don't, we autodetect your locale using information from your browser. Then, the preferred language is fed into a library called html10n.js, which loads the appropriate translations and applies them to our templates. Its features include translation params, pluralization, include rules and a nice javascript API.

Localizing plugins

1. Mark the strings to translate

In the template files of your plugin, change all hardcoded messages/strings...

from:

<option value="0">Heading 1</option>

to:

<option data-l10n-id="ep_heading.h1" value="0"></option>

In the javascript files of your plugin, change all hardcoded messages/strings...

from:

alert ('Chat');

to:

alert(window._('pad.chat'));

2. Create translate files in the locales directory of your plugin

ep_your-plugin/locales/en.json

{ "ep_your-plugin.h1": "Heading 1"
}

ep_your-plugin/locales/es.json

{ "ep_your-plugin.h1": "Título 1"
}

Every time the http server is started, it will auto-detect your messages and merge them automatically with the core messages.

Overwrite core messages

You can overwrite Etherpad's core messages in your plugin's locale files. For example, if you want to replace Chat with Notes, simply add...

ep_your-plugin/locales/en.json

{ "ep_your-plugin.h1": "Heading 1"
, "pad.chat": "Notes"
}

Customization for Administrators

As an Etherpad administrator, it is possible to overwrite core messages as well as messages in plugins. These include error messages, labels, and user instructions. Whereas the localization in the source code is in separate files separated by locale, an administrator's custom localizations are in settings.json under the customLocaleStrings key, with each locale separated by a sub-key underneath.

For example, let's say you want to change the text on the "New Pad" button on Etherpad's home page. If you look in locales/en.json (or locales/en-gb.json) you'll see the key for this text is "index.newPad". You could add the following to settings.json:

  "customLocaleStrings": {
    "fr": {
      "index.newPad": "Créer un document"
    },
    "en-gb": {
      "index.newPad": "Create a document"
    },
    "en": {
      "index.newPad": "Create a document"
    }
  }

Docker

The official Docker image is available on https://hub.docker.com/r/etherpad/etherpad.

Downloading from Docker Hub

If you are ok downloading a prebuilt image from Docker Hub, these are the commands:

# gets the latest published version
docker pull etherpad/etherpad

# gets a specific version
docker pull etherpad/etherpad:1.8.0

Build a personalized container

If you want to use a personalized settings file, you will have to rebuild your image. All of the following instructions are as a member of the docker group. By default, the Etherpad Docker image is built and run in production mode: no development dependencies are installed, and asset bundling speeds up page load time.

Rebuilding with custom settings

Edit <BASEDIR>/settings.json.docker at your will. When rebuilding the image, this file will be copied inside your image and renamed to settings.json.

Each configuration parameter can also be set via an environment variable, using the syntax "${ENV_VAR}" or "${ENV_VAR:default_value}". For details, refer to settings.json.template.

Rebuilding including some plugins

If you want to install some plugins in your container, it is sufficient to list them in the ETHERPAD_PLUGINS build variable. The variable value has to be a space separated, double quoted list of plugin names (see examples).

Some plugins will need personalized settings. Just refer to the previous section, and include them in your custom settings.json.docker.

Rebuilding including export functionality for DOC/PDF/ODT

If you want to be able to export your pads to DOC/PDF/ODT files, you can install either Abiword or Libreoffice via setting a build variable.

Via Abiword

For installing Abiword, set the INSTALL_ABIWORD build variable to any value.

Also, you will need to configure the path to the abiword executable via setting the abiword property in <BASEDIR>/settings.json.docker to /usr/bin/abiword or via setting the environment variable ABIWORD to /usr/bin/abiword.

Via Libreoffice

For installing Libreoffice instead, set the INSTALL_SOFFICE build variable to any value.

Also, you will need to configure the path to the libreoffice executable via setting the soffice property in <BASEDIR>/settings.json.docker to /usr/bin/soffice or via setting the environment variable SOFFICE to /usr/bin/soffice.

Examples

Build a Docker image from the currently checked-out code:

docker build --tag <YOUR_USERNAME>/etherpad .

Include two plugins in the container:

docker build --build-arg ETHERPAD_PLUGINS="ep_comments_page ep_author_neat" --tag <YOUR_USERNAME>/etherpad .

Running your instance:

To run your instance:

docker run --detach --publish <DESIRED_PORT>:9001 <YOUR_USERNAME>/etherpad

And point your browser to http://<YOUR_IP>:<DESIRED_PORT>

Options available by default

The settings.json.docker available by default allows to control almost every setting via environment variables.

General

Variable Description Default
TITLE The name of the instance Etherpad
FAVICON favicon default name, or a fully specified URL to your own favicon favicon.ico
DEFAULT_PAD_TEXT The default text of a pad Welcome to Etherpad! This pad text is synchronized as you type, so that everyone viewing this page sees the same text. This allows you to collaborate seamlessly on documents! Get involved with Etherpad at https://etherpad.org
IP IP which etherpad should bind at. Change to :: for IPv6 0.0.0.0
PORT port which etherpad should bind at 9001
ADMIN_PASSWORD the password for the admin user (leave unspecified if you do not want to create it)
USER_PASSWORD the password for the first user user (leave unspecified if you do not want to create it)

Database

Variable Description Default
DB_TYPE a database supported by https://www.npmjs.com/package/ueberdb2 not set, thus will fall back to DirtyDB (please choose one instead)
DB_HOST the host of the database
DB_PORT the port of the database
DB_NAME the database name
DB_USER a database user with sufficient permissions to create tables
DB_PASS the password for the database username
DB_CHARSET the character set for the tables (only required for MySQL)
DB_FILENAME in case DB_TYPE is DirtyDB or sqlite, the database file. var/dirty.db, var/etherpad.sq3

If your database needs additional settings, you will have to use a personalized settings.json.docker and rebuild the container (or otherwise put the updated settings.json inside your image).

Pad Options

Variable Description Default
PAD_OPTIONS_NO_COLORS false
PAD_OPTIONS_SHOW_CONTROLS true
PAD_OPTIONS_SHOW_CHAT true
PAD_OPTIONS_SHOW_LINE_NUMBERS true
PAD_OPTIONS_USE_MONOSPACE_FONT false
PAD_OPTIONS_USER_NAME false
PAD_OPTIONS_USER_COLOR false
PAD_OPTIONS_RTL false
PAD_OPTIONS_ALWAYS_SHOW_CHAT false
PAD_OPTIONS_CHAT_AND_USERS false
PAD_OPTIONS_LANG en-gb

Shortcuts

Variable Description Default
PAD_SHORTCUTS_ENABLED_ALT_F9 focus on the File Menu and/or editbar true
PAD_SHORTCUTS_ENABLED_ALT_C focus on the Chat window true
PAD_SHORTCUTS_ENABLED_CMD_S save a revision true
PAD_SHORTCUTS_ENABLED_CMD_Z undo/redo true
PAD_SHORTCUTS_ENABLED_CMD_Y redo true
PAD_SHORTCUTS_ENABLED_CMD_I italic true
PAD_SHORTCUTS_ENABLED_CMD_B bold true
PAD_SHORTCUTS_ENABLED_CMD_U underline true
PAD_SHORTCUTS_ENABLED_CMD_H backspace true
PAD_SHORTCUTS_ENABLED_CMD_5 strike through true
PAD_SHORTCUTS_ENABLED_CMD_SHIFT_1 ordered list true
PAD_SHORTCUTS_ENABLED_CMD_SHIFT_2 shows a gritter popup showing a line author true
PAD_SHORTCUTS_ENABLED_CMD_SHIFT_L unordered list true
PAD_SHORTCUTS_ENABLED_CMD_SHIFT_N ordered list true
PAD_SHORTCUTS_ENABLED_CMD_SHIFT_C clear authorship true
PAD_SHORTCUTS_ENABLED_DELETE true
PAD_SHORTCUTS_ENABLED_RETURN true
PAD_SHORTCUTS_ENABLED_ESC in mozilla versions 14-19 avoid reconnecting pad true
PAD_SHORTCUTS_ENABLED_TAB indent true
PAD_SHORTCUTS_ENABLED_CTRL_HOME scroll to top of pad true
PAD_SHORTCUTS_ENABLED_PAGE_UP true
PAD_SHORTCUTS_ENABLED_PAGE_DOWN true

Skins

You can use the UI skin variants builder at /p/test#skinvariantsbuilder

For the colibris skin only, you can choose how to render the three main containers:

For each of the 3 containers you can choose 4 color combinations:

For the editor container, you can also make it full width by adding full-width-editor variant (by default editor is rendered as a page, with a max-width of 900px).

Variable Description Default
SKIN_NAME either no-skin, colibris or an existing directory under src/static/skins colibris
SKIN_VARIANTS multiple skin variants separated by spaces super-light-toolbar super-light-editor light-background

Logging

Variable Description Default
LOGLEVEL valid values are DEBUG, INFO, WARN and ERROR INFO
DISABLE_IP_LOGGING Privacy: disable IP logging false

Advanced

Variable Description Default
SHOW_SETTINGS_IN_ADMIN_PAGE hide/show the settings.json in admin page true
TRUST_PROXY set to true if you are using a reverse proxy in front of Etherpad (for example: Traefik for SSL termination via Let's Encrypt). This will affect security and correctness of the logs if not done false
IMPORT_MAX_FILE_SIZE maximum allowed file size when importing a pad, in bytes. 52428800 (50 MB)
IMPORT_EXPORT_MAX_REQ_PER_IP maximum number of import/export calls per IP. 10
IMPORT_EXPORT_RATE_LIMIT_WINDOW the call rate for import/export requests will be estimated in this time window (in milliseconds) 90000
COMMIT_RATE_LIMIT_DURATION duration of the rate limit window for commits by individual users/IPs (in seconds) 1
COMMIT_RATE_LIMIT_POINTS maximum number of changes per IP to allow during the rate limit window 10
SUPPRESS_ERRORS_IN_PAD_TEXT Should we suppress errors from being visible in the default Pad Text? false
REQUIRE_SESSION If this option is enabled, a user must have a session to access pads. This effectively allows only group pads to be accessed. false
EDIT_ONLY Users may edit pads but not create new ones. Pad creation is only via the API. This applies both to group pads and regular pads. false
MINIFY If true, all css & js will be minified before sending to the client. This will improve the loading performance massively, but makes it difficult to debug the javascript/css true
MAX_AGE How long may clients use served javascript code (in seconds)? Not setting this may cause problems during deployment. Set to 0 to disable caching. 21600 (6 hours)
ABIWORD Absolute path to the Abiword executable. Abiword is needed to get advanced import/export features of pads. Setting it to null disables Abiword and will only allow plain text and HTML import/exports. null
SOFFICE This is the absolute path to the soffice executable. LibreOffice can be used in lieu of Abiword to export pads. Setting it to null disables LibreOffice exporting. null
TIDY_HTML Path to the Tidy executable. Tidy is used to improve the quality of exported pads. Setting it to null disables Tidy. null
ALLOW_UNKNOWN_FILE_ENDS Allow import of file types other than the supported ones: txt, doc, docx, rtf, odt, html & htm true
REQUIRE_AUTHENTICATION This setting is used if you require authentication of all users. Note: "/admin" always requires authentication. false
REQUIRE_AUTHORIZATION Require authorization by a module, or a user with is_admin set, see below. false
AUTOMATIC_RECONNECTION_TIMEOUT Time (in seconds) to automatically reconnect pad when a "Force reconnect" message is shown to user. Set to 0 to disable automatic reconnection. 0
FOCUS_LINE_PERCENTAGE_ABOVE Percentage of viewport height to be additionally scrolled. e.g. 0.5, to place caret line in the middle of viewport, when user edits a line above of the viewport. Set to 0 to disable extra scrolling 0
FOCUS_LINE_PERCENTAGE_BELOW Percentage of viewport height to be additionally scrolled. e.g. 0.5, to place caret line in the middle of viewport, when user edits a line below of the viewport. Set to 0 to disable extra scrolling 0
FOCUS_LINE_PERCENTAGE_ARROW_UP Percentage of viewport height to be additionally scrolled when user presses arrow up in the line of the top of the viewport. Set to 0 to let the scroll to be handled as default by Etherpad 0
FOCUS_LINE_DURATION Time (in milliseconds) used to animate the scroll transition. Set to 0 to disable animation 0
FOCUS_LINE_CARET_SCROLL Flag to control if it should scroll when user places the caret in the last line of the viewport false
SOCKETIO_MAX_HTTP_BUFFER_SIZE The maximum size (in bytes) of a single message accepted via Socket.IO. If a client sends a larger message, its connection gets closed to prevent DoS (memory exhaustion) attacks. 10000
LOAD_TEST Allow Load Testing tools to hit the Etherpad Instance. WARNING: this will disable security on the instance. false
DUMP_ON_UNCLEAN_EXIT Enable dumping objects preventing a clean exit of Node.js. WARNING: this has a significant performance impact. false
EXPOSE_VERSION Expose Etherpad version in the web interface and in the Server http header. Do not enable on production machines. false

Examples

Use a Postgres database, no admin user enabled:

docker run -d \
    --name etherpad         \
    -p 9001:9001            \
    -e 'DB_TYPE=postgres'   \
    -e 'DB_HOST=db.local'   \
    -e 'DB_PORT=4321'       \
    -e 'DB_NAME=etherpad'   \
    -e 'DB_USER=dbusername' \
    -e 'DB_PASS=mypassword' \
    etherpad/etherpad

Run enabling the administrative user admin:

docker run -d \
    --name etherpad \
    -p 9001:9001 \
    -e 'ADMIN_PASSWORD=supersecret' \
    etherpad/etherpad

Run a test instance running DirtyDB on a persistent volume:

docker run -d \
    -v etherpad_data:/opt/etherpad-lite/var \
    -p 9001:9001 \
    etherpad/etherpad

Skins

You can customize Etherpad appearance using skins. A skin is a directory located under static/skins/<skin_name>, with the following contents:

You can choose a skin changing the parameter skinName in settings.json.

Since Etherpad 1.7.5, two skins are included:

Embed parameters

You can easily embed your etherpad-lite into any webpage by using iframes. You can configure the embedded pad using embed parameters.

Example:

Cut and paste the following code into any webpage to embed a pad. The parameters below will hide the chat and the line numbers and will auto-focus on Line 4.

<iframe src='http://pad.test.de/p/PAD_NAME#L4?showChat=false&showLineNumbers=false' width=600 height=400></iframe>

showLineNumbers

Default: true

showControls

Default: true

showChat

Default: true

useMonospaceFont

Default: false

userName

Default: "unnamed"

Example: userName=Etherpad%20User

userColor

Default: randomly chosen by pad server

Example: userColor=%23ff9900

noColors

Default: false

alwaysShowChat

Default: false

lang

Default: en

Example: lang=ar (translates the interface into Arabic)

rtl

Default: true Displays pad text from right to left.

#L

Default: 0 Focuses pad at specific line number and places caret at beginning of this line Special note: Is not a URL parameter but instead of a Hash value

HTTP API

What can I do with this API?

The API gives another web application control of the pads. The basic functions are

The API is designed in a way, so you can reuse your existing user system with their permissions, and map it to Etherpad. Means: Your web application still has to do authentication, but you can tell Etherpad via the api, which visitors should get which permissions. This allows Etherpad to fit into any web application and extend it with real-time functionality. You can embed the pads via an iframe into your website.

Take a look at HTTP API client libraries to check if a library in your favorite programming language is available.

OpenAPI

OpenAPI (formerly swagger) definitions are exposed under /api/openapi.json (latest) and /api/{version}/openapi.json. You can use official tools like Swagger Editor to view and explore them.

Examples

Example 1

A portal (such as WordPress) wants to give a user access to a new pad. Let's assume the user have the internal id 7 and his name is michael.

Portal maps the internal userid to an etherpad author.

Request: http://pad.domain/api/1/createAuthorIfNotExistsFor?apikey=secret&name=Michael&authorMapper=7

Response: {code: 0, message:"ok", data: {authorID: "a.s8oes9dhwrvt0zif"}}

Portal maps the internal userid to an etherpad group:

Request: http://pad.domain/api/1/createGroupIfNotExistsFor?apikey=secret&groupMapper=7

Response: {code: 0, message:"ok", data: {groupID: "g.s8oes9dhwrvt0zif"}}

Portal creates a pad in the userGroup

Request: http://pad.domain/api/1/createGroupPad?apikey=secret&groupID=g.s8oes9dhwrvt0zif&padName=samplePad&text=This is the first sentence in the pad

Response: {code: 0, message:"ok", data: null}

Portal starts the session for the user on the group:

Request: http://pad.domain/api/1/createSession?apikey=secret&groupID=g.s8oes9dhwrvt0zif&authorID=a.s8oes9dhwrvt0zif&validUntil=1312201246

Response: {"data":{"sessionID": "s.s8oes9dhwrvt0zif"}}

Portal places the cookie "sessionID" with the given value on the client and creates an iframe including the pad.

Example 2

A portal (such as WordPress) wants to transform the contents of a pad that multiple admins edited into a blog post.

Portal retrieves the contents of the pad for entry into the db as a blog post:

Request: http://pad.domain/api/1/getText?apikey=secret&padID=g.s8oes9dhwrvt0zif$123

Response: {code: 0, message:"ok", data: {text:"Welcome Text"}}

Portal submits content into new blog post

Portal.AddNewBlog(content)

Usage

API version

The latest version is 1.2.14

The current version can be queried via /api.

Request Format

The API is accessible via HTTP. Starting from 1.8, API endpoints can be invoked indifferently via GET or POST.

The URL of the HTTP request is of the form: /api/$APIVERSION/$FUNCTIONNAME. $APIVERSION depends on the endpoint you want to use. Depending on the verb you use (GET or POST) parameters can be passed differently.

When invoking via GET (mandatory until 1.7.5 included), parameters must be included in the query string (example: /api/$APIVERSION/$FUNCTIONNAME?apikey=<APIKEY>&param1=value1). Please note that starting with nodejs 8.14+ the total size of HTTP request headers has been capped to 8192 bytes. This limits the quantity of data that can be sent in an API request.

Starting from Etherpad 1.8 it is also possible to invoke the HTTP API via POST. In this case, querystring parameters will still be accepted, but any parameter with the same name sent via POST will take precedence. If you need to send large chunks of text (for example, for setText()) it is advisable to invoke via POST.

Example with cURL using GET (toy example, no encoding):

curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname&text=this_text_will_NOT_be_encoded_by_curl_use_next_example"

Example with cURL using GET (better example, encodes text):

curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname" --get --data-urlencode "text=Text sent via GET with proper encoding. For big documents, please use POST"

Example with cURL using POST:

curl "http://pad.domain/api/1/setText?apikey=secret&padID=padname" --data-urlencode "text=Text sent via POST with proper encoding. For big texts (>8 KB), use this method"

Response Format

Responses are valid JSON in the following format:

{
  "code": number,
  "message": string,
  "data": obj
}

Overview

API Overview

Data Types

Authentication

Authentication works via a token that is sent with each request as a post parameter. There is a single token per Etherpad deployment. This token will be random string, generated by Etherpad at the first start. It will be saved in APIKEY.txt in the root folder of Etherpad. Only Etherpad and the requesting application knows this key. Token management will not be exposed through this API.

Node Interoperability

All functions will also be available through a node module accessible from other node.js applications.

API Methods

Groups

Pads can belong to a group. The padID of grouppads is starting with a groupID like g.asdfasdfasdfasdf$test

createGroup()

creates a new group

Example returns:

createGroupIfNotExistsFor(groupMapper)

this functions helps you to map your application group ids to Etherpad group ids

Example returns:

deleteGroup(groupID)

deletes a group

Example returns:

listPads(groupID)

returns all pads of this group

Example returns:

createGroupPad(groupID, padName [, text])

creates a new pad in this group

Example returns:

listAllGroups()

lists all existing groups

Example returns:

Author

These authors are bound to the attributes the users choose (color and name).

createAuthor([name])

creates a new author

Example returns:

createAuthorIfNotExistsFor(authorMapper [, name])

this functions helps you to map your application author ids to Etherpad author ids

Example returns:

listPadsOfAuthor(authorID)

returns an array of all pads this author contributed to

Example returns:

getAuthorName(authorID)

Returns the Author Name of the author

Example returns:

-> can't be deleted cause this would involve scanning all the pads where this author was

Session

Sessions can be created between a group and an author. This allows an author to access more than one group. The sessionID will be set as a cookie to the client and is valid until a certain date. The session cookie can also contain multiple comma-separated sessionIDs, allowing a user to edit pads in different groups at the same time. Only users with a valid session for this group, can access group pads. You can create a session after you authenticated the user at your web application, to give them access to the pads. You should save the sessionID of this session and delete it after the user logged out.

createSession(groupID, authorID, validUntil)

creates a new session. validUntil is an unix timestamp in seconds

Example returns:

deleteSession(sessionID)

deletes a session

Example returns:

getSessionInfo(sessionID)

returns information about a session

Example returns:

listSessionsOfGroup(groupID)

returns all sessions of a group

Example returns:

listSessionsOfAuthor(authorID)

returns all sessions of an author

Example returns:

Pad Content

Pad content can be updated and retrieved through the API

getText(padID, [rev])

returns the text of a pad

Example returns:

setText(padID, text)

Sets the text of a pad.

If your text is long (>8 KB), please invoke via POST and include text parameter in the body of the request, not in the URL (since Etherpad 1.8).

Example returns:

appendText(padID, text)

Appends text to a pad.

If your text is long (>8 KB), please invoke via POST and include text parameter in the body of the request, not in the URL (since Etherpad 1.8).

Example returns:

getHTML(padID, [rev])

returns the text of a pad formatted as HTML

Example returns:

setHTML(padID, html)

sets the text of a pad based on HTML, HTML must be well-formed. Malformed HTML will send a warning to the API log.

If html is long (>8 KB), please invoke via POST and include html parameter in the body of the request, not in the URL (since Etherpad 1.8).

Example returns:

getAttributePool(padID)

returns the attribute pool of a pad

Example returns:

getRevisionChangeset(padID, [rev])

get the changeset at a given revision, or last revision if 'rev' is not defined.

Example returns:

createDiffHTML(padID, startRev, endRev)

returns an object of diffs from 2 points in a pad

Example returns:

restoreRevision(padId, rev)

Restores revision from past as new changeset

Example returns:

Chat

getChatHistory(padID, [start, end])

returns

Example returns:

getChatHead(padID)

returns the chatHead (last number of the last chat-message) of the pad

Example returns:

appendChatMessage(padID, text, authorID [, time])

creates a chat message, saves it to the database and sends it to all connected clients of this pad

Example returns:

Pad

Group pads are normal pads, but with the name schema GROUPID$PADNAME. A security manager controls access of them and it's forbidden for normal pads to include a $ in the name.

createPad(padID [, text])

creates a new (non-group) pad. Note that if you need to create a group Pad, you should call createGroupPad. You get an error message if you use one of the following characters in the padID: "/", "?", "&" or "#".

Example returns:

getRevisionsCount(padID)

returns the number of revisions of this pad

Example returns:

getSavedRevisionsCount(padID)

returns the number of saved revisions of this pad

Example returns:

listSavedRevisions(padID)

returns the list of saved revisions of this pad

Example returns:

saveRevision(padID [, rev])

saves a revision

Example returns:

padUsersCount(padID)

returns the number of user that are currently editing this pad

Example returns:

padUsers(padID)

returns the list of users that are currently editing this pad

Example returns:

deletePad(padID)

deletes a pad

Example returns:

copyPad(sourceID, destinationID[, force=false])

copies a pad with full history and chat. If force is true and the destination pad exists, it will be overwritten.

Example returns:

copyPadWithoutHistory(sourceID, destinationID[, force=false])

copies a pad without copying the history and chat. If force is true and the destination pad exists, it will be overwritten. Note that all the revisions will be lost! In most of the cases one should use copyPad API instead.

Example returns:

movePad(sourceID, destinationID[, force=false])

moves a pad. If force is true and the destination pad exists, it will be overwritten.

Example returns:

getReadOnlyID(padID)

returns the read only link of a pad

Example returns:

getPadID(readOnlyID)

returns the id of a pad which is assigned to the readOnlyID

Example returns:

setPublicStatus(padID, publicStatus)

sets a boolean for the public status of a pad

Example returns:

getPublicStatus(padID)

return true of false

Example returns:

listAuthorsOfPad(padID)

returns an array of authors who contributed to this pad

Example returns:

getLastEdited(padID)

returns the timestamp of the last revision of the pad

Example returns:

sendClientsMessage(padID, msg)

sends a custom message of type msg to the pad

Example returns:

checkToken()

returns ok when the current api token is valid

Example returns:

Pads

listAllPads()

lists all pads on this epl instance

Example returns:

Global

getStats()

get stats of the etherpad instance

Example returns

Hooks

A hook function is registered with a hook via the plugin's ep.json file. See the Plugins section for details. A hook may have many registered functions from different plugins.

Some hooks call their registered functions one at a time until one of them returns a value. Others always call all of their registered functions and combine the results (if applicable).

Registered hook functions

Note: The documentation in this section applies to every hook unless the hook-specific documentation says otherwise.

Arguments

Hook functions are called with three arguments:

  1. hookName - The name of the hook being invoked.
  2. context - An object with some relevant information about the context of the call. See the hook-specific documentation for details.
  3. cb - For asynchronous operations this callback can be called to signal completion and optionally provide a return value. The callback takes a single argument, the meaning of which depends on the hook (see the "Return values" section for general information that applies to most hooks). This callback always returns undefined.

Expected behavior

The presence of a callback parameter suggests that every hook function can run asynchronously. While that is the eventual goal, there are some legacy hooks that expect their hook functions to provide a value synchronously. For such hooks, the hook functions must do one of the following:

For hooks that permit asynchronous behavior, the hook functions must do one or more of the following:

Note that the acceptable behaviors for asynchronous hook functions is a superset of the acceptable behaviors for synchronous hook functions.

WARNING: The number of parameters is determined by examining Function.length, which does not count default parameters or "rest" parameters. To avoid problems, do not use default or rest parameters when defining hook functions.

Return values

A hook function can provide a value to Etherpad in one of the following ways:

Examples:

exports.exampleOne = (hookName, context, callback) => {
  return 'valueOne';
};

exports.exampleTwo = (hookName, context, callback) => {
  callback('valueTwo');
  return;
};

// ONLY FOR HOOKS THAT PERMIT ASYNCHRONOUS BEHAVIOR
exports.exampleThree = (hookName, context, callback) => {
  return new Promise('valueThree');
};

// ONLY FOR HOOKS THAT PERMIT ASYNCHRONOUS BEHAVIOR
exports.exampleFour = (hookName, context, callback) => {
  callback(new Promise('valueFour'));
  return;
};

// ONLY FOR HOOKS THAT PERMIT ASYNCHRONOUS BEHAVIOR
exports.exampleFive = async (hookName, context) => {
  // Note that this function is async, so it actually returns a Promise that
  // is resolved to 'valueFive'.
  return 'valueFive';
};

Etherpad collects the values provided by the hook functions into an array, filters out all undefined values, then flattens the array one level. Flattening one level makes it possible for a hook function to behave as if it were multiple separate hook functions.

For example: Suppose a hook has eight registered functions that return the following values: 1, [2], ['3a', '3b'] [[4]], undefined, [undefined], [], and null. The value returned to the caller of the hook is [1, 2, '3a', '3b', [4], undefined, null].

Client-side hooks

Most of these hooks are called during or in order to set up the formatting process.

documentReady

Called from: src/templates/pad.html

Things in context:

nothing

This hook proxies the functionality of jQuery's $(document).ready event.

aceDomLinePreProcessLineAttributes

Called from: src/static/js/domline.js

Things in context:

  1. domline - The current DOM line being processed
  2. cls - The class of the current block element (useful for styling)

This hook is called for elements in the DOM that have the "lineMarkerAttribute" set. You can add elements into this category with the aceRegisterBlockElements hook above. This hook is run BEFORE the numbered and ordered lists logic is applied.

The return value of this hook should have the following structure:

{ preHtml: String, postHtml: String, processedMarker: Boolean }

The preHtml and postHtml values will be added to the HTML display of the element, and if processedMarker is true, the engine won't try to process it any more.

aceDomLineProcessLineAttributes

Called from: src/static/js/domline.js

Things in context:

  1. domline - The current DOM line being processed
  2. cls - The class of the current block element (useful for styling)

This hook is called for elements in the DOM that have the "lineMarkerAttribute" set. You can add elements into this category with the aceRegisterBlockElements hook above. This hook is run AFTER the ordered and numbered lists logic is applied.

The return value of this hook should have the following structure:

{ preHtml: String, postHtml: String, processedMarker: Boolean }

The preHtml and postHtml values will be added to the HTML display of the element, and if processedMarker is true, the engine won't try to process it any more.

aceCreateDomLine

Called from: src/static/js/domline.js

Things in context:

  1. domline - the current DOM line being processed
  2. cls - The class of the current element (useful for styling)

This hook is called for any line being processed by the formatting engine, unless the aceDomLineProcessLineAttributes hook from above returned true, in which case this hook is skipped.

The return value of this hook should have the following structure:

{ extraOpenTags: String, extraCloseTags: String, cls: String }

extraOpenTags and extraCloseTags will be added before and after the element in question, and cls will be the new class of the element going forward.

acePostWriteDomLineHTML

Called from: src/static/js/domline.js

Things in context:

  1. node - the DOM node that just got written to the page

This hook is for right after a node has been fully formatted and written to the page.

aceAttribsToClasses

Called from: src/static/js/linestylefilter.js

Things in context:

  1. linestylefilter - the JavaScript object that's currently processing the ace attributes
  2. key - the current attribute being processed
  3. value - the value of the attribute being processed

This hook is called during the attribute processing procedure, and should be used to translate key, value pairs into valid HTML classes that can be inserted into the DOM.

The return value for this function should be a list of classes, which will then be parsed into a valid class string.

aceAttribClasses

Called from: src/static/js/linestylefilter.js

Things in context:

  1. Attributes - Object of Attributes

This hook is called when attributes are investigated on a line. It is useful if you want to add another attribute type or property type to a pad.

Example:

exports.aceAttribClasses = function(hook_name, attr, cb){
  attr.sub = 'tag:sub';
  cb(attr);
}

aceGetFilterStack

Called from: src/static/js/linestylefilter.js

Things in context:

  1. linestylefilter - the JavaScript object that's currently processing the ace attributes
  2. browser - an object indicating which browser is accessing the page

This hook is called to apply custom regular expression filters to a set of styles. The one example available is the ep_linkify plugin, which adds internal links. They use it to find the telltale [[ ]] syntax that signifies internal links, and finding that syntax, they add in the internalHref attribute to be later used by the aceCreateDomLine hook (documented above).

aceEditorCSS

Called from: src/static/js/ace.js

Things in context: None

This hook is provided to allow custom CSS files to be loaded. The return value should be an array of resource urls or paths relative to the plugins directory.

aceInitInnerdocbodyHead

Called from: src/static/js/ace.js

Things in context:

  1. iframeHTML - the HTML of the editor iframe up to this point, in array format

This hook is called during the creation of the editor HTML. The array should have lines of HTML added to it, giving the plugin author a chance to add in meta, script, link, and other tags that go into the <head> element of the editor HTML document.

aceEditEvent

Called from: src/static/js/ace2_inner.js

Things in context:

  1. callstack - a bunch of information about the current action
  2. editorInfo - information about the user who is making the change
  3. rep - information about where the change is being made
  4. documentAttributeManager - information about attributes in the document (this is a mystery to me)

This hook is made available to edit the edit events that might occur when changes are made. Currently you can change the editor information, some of the meanings of the edit, and so on. You can also make internal changes (internal to your plugin) that use the information provided by the edit event.

aceRegisterNonScrollableEditEvents

Called from: src/static/js/ace2_inner.js

Things in context: None

When aceEditEvent (documented above) finishes processing the event, it scrolls the viewport to make caret visible to the user, but if you don't want that behavior to happen you can use this hook to register which edit events should not scroll viewport. The return value of this hook should be a list of event names.

Example:

exports.aceRegisterNonScrollableEditEvents = function(){
  return [ 'repaginate', 'updatePageCount' ];
}

aceRegisterBlockElements

Called from: src/static/js/ace2_inner.js

Things in context: None

The return value of this hook will add elements into the "lineMarkerAttribute" category, making the aceDomLineProcessLineAttributes hook (documented below) call for those elements.

aceInitialized

Called from: src/static/js/ace2_inner.js

Things in context:

  1. editorInfo - information about the user who will be making changes through the interface, and a way to insert functions into the main ace object (see ep_headings)
  2. rep - information about where the user's cursor is
  3. documentAttributeManager - some kind of magic

This hook is for inserting further information into the ace engine, for later use in formatting hooks.

postAceInit

Called from: src/static/js/pad.js

Things in context:

  1. ace - the ace object that is applied to this editor.
  2. clientVars - Object containing client-side configuration such as author ID and plugin settings. Your plugin can manipulate this object via the clientVars server-side hook.
  3. pad - the pad object of the current pad.

postToolbarInit

Called from: src/static/js/pad_editbar.js

Things in context:

  1. ace - the ace object that is applied to this editor.
  2. toolbar - Editbar instance. See below for the Editbar documentation.

Can be used to register custom actions to the toolbar.

Usage examples:

postTimesliderInit

Called from: src/static/js/timeslider.js

There doesn't appear to be any example available of this particular hook being used, but it gets fired after the timeslider is all set up.

goToRevisionEvent

Called from: src/static/js/broadcast.js

Things in context:

  1. rev - The newRevision

This hook gets fired both on timeslider load (as timeslider shows a new revision) and when the new revision is showed to a user. There doesn't appear to be any example available of this particular hook being used.

userJoinOrUpdate

Called from: src/static/js/pad_userlist.js

Things in context:

  1. info - the user information

This hook is called on the client side whenever a user joins or changes. This can be used to create notifications or an alternate user list.

chatNewMessage

Called from: src/static/js/chat.js

This hook runs on the client side whenever a chat message is received from the server. It can be used to create different notifications for chat messages. Hook functions can modify the author, authorName, duration, rendered, sticky, text, and timeStr context properties to change how the message is processed. The text and timeStr properties may contain HTML and come pre-sanitized; plugins should be careful to sanitize any added user input to avoid introducing an XSS vulnerability.

Context properties:

chatSendMessage

Called from: src/static/js/chat.js

This hook runs on the client side whenever the user sends a new chat message. Plugins can mutate the message object to change the message text or add metadata to control how the message will be rendered by the chatNewMessage hook.

Context properties:

collectContentPre

Called from: src/static/js/contentcollector.js

Things in context:

  1. cc - the contentcollector object
  2. state - the current state of the change being made
  3. tname - the tag name of this node currently being processed
  4. styl - the style applied to the node (probably CSS) -- Note the typo
  5. cls - the HTML class string of the node

This hook is called before the content of a node is collected by the usual methods. The cc object can be used to do a bunch of things that modify the content of the pad. See, for example, the heading1 plugin for etherpad original.

E.g. if you need to apply an attribute to newly inserted characters, call cc.doAttrib(state, "attributeName") which results in an attribute attributeName=true.

If you want to specify also a value, call cc.doAttrib(state, "attributeName::value") which results in an attribute attributeName=value.

collectContentImage

Called from: src/static/js/contentcollector.js

Things in context:

  1. cc - the contentcollector object
  2. state - the current state of the change being made
  3. tname - the tag name of this node currently being processed
  4. style - the style applied to the node (probably CSS)
  5. cls - the HTML class string of the node
  6. node - the node being modified

This hook is called before the content of an image node is collected by the usual methods. The cc object can be used to do a bunch of things that modify the content of the pad.

Example:

exports.collectContentImage = function(name, context){
  context.state.lineAttributes.img = context.node.outerHTML;
}

collectContentPost

Called from: src/static/js/contentcollector.js

Things in context:

  1. cc - the contentcollector object
  2. state - the current state of the change being made
  3. tname - the tag name of this node currently being processed
  4. style - the style applied to the node (probably CSS)
  5. cls - the HTML class string of the node

This hook is called after the content of a node is collected by the usual methods. The cc object can be used to do a bunch of things that modify the content of the pad. See, for example, the heading1 plugin for etherpad original.

handleClientMessage_name

Called from: src/static/js/collab_client.js

Things in context:

  1. payload - the data that got sent with the message (use it for custom message content)

This hook gets called every time the client receives a message of type name. This can most notably be used with the new HTTP API call, "sendClientsMessage", which sends a custom message type to all clients connected to a pad. You can also use this to handle existing types.

collab_client.js has a pretty extensive list of message types, if you want to take a look.

aceStartLineAndCharForPoint-aceEndLineAndCharForPoint

Called from: src/static/js/ace2_inner.js

Things in context:

  1. callstack - a bunch of information about the current action
  2. editorInfo - information about the user who is making the change
  3. rep - information about where the change is being made
  4. root - the span element of the current line
  5. point - the starting/ending element where the cursor highlights
  6. documentAttributeManager - information about attributes in the document

This hook is provided to allow a plugin to turn DOM node selection into [line,char] selection. The return value should be an array of [line,char]

aceKeyEvent

Called from: src/static/js/ace2_inner.js

Things in context:

  1. callstack - a bunch of information about the current action
  2. editorInfo - information about the user who is making the change
  3. rep - information about where the change is being made
  4. documentAttributeManager - information about attributes in the document
  5. evt - the fired event

This hook is provided to allow a plugin to handle key events. The return value should be true if you have handled the event.

collectContentLineText

Called from: src/static/js/contentcollector.js

Things in context:

  1. cc - the contentcollector object
  2. state - the current state of the change being made
  3. tname - the tag name of this node currently being processed
  4. text - the text for that line

This hook allows you to validate/manipulate the text before it's sent to the server side. To change the text, either:

Example:

exports.collectContentLineText = (hookName, context) => {
  context.text = tweakText(context.text);
};

collectContentLineBreak

Called from: src/static/js/contentcollector.js

Things in context:

  1. cc - the contentcollector object
  2. state - the current state of the change being made
  3. tname - the tag name of this node currently being processed

This hook is provided to allow whether the br tag should induce a new magic domline or not. The return value should be either true(break the line) or false.

disableAuthorColorsForThisLine

Called from: src/static/js/linestylefilter.js

Things in context:

  1. linestylefilter - the JavaScript object that's currently processing the ace attributes
  2. text - the line text
  3. class - line class

This hook is provided to allow whether a given line should be deliniated with multiple authors. Multiple authors in one line cause the creation of magic span lines. This might not suit you and now you can disable it and handle your own deliniation. The return value should be either true(disable) or false.

aceSetAuthorStyle

Called from: src/static/js/ace2_inner.js

Things in context:

  1. dynamicCSS - css manager for inner ace
  2. outerDynamicCSS - css manager for outer ace
  3. parentDynamicCSS - css manager for parent document
  4. info - author style info
  5. author - author info
  6. authorSelector - css selector for author span in inner ace

This hook is provided to allow author highlight style to be modified. Registered hooks should return 1 if the plugin handles highlighting. If no plugin returns 1, the core will use the default background-based highlighting.

aceSelectionChanged

Called from: src/static/js/ace2_inner.js

Things in context:

  1. rep - information about where the user's cursor is
  2. documentAttributeManager - information about attributes in the document

This hook allows a plugin to react to a cursor or selection change, perhaps to update a UI element based on the style at the cursor location.

Server-side hooks

These hooks are called on server-side.

loadSettings

Called from: src/node/server.js

Things in context:

  1. settings - the settings object

Use this hook to receive the global settings in your plugin.

shutdown

Called from: src/node/server.js

Things in context: None

This hook runs before shutdown. Use it to stop timers, close sockets and files, flush buffers, etc. The database is not available while this hook is running. The shutdown function must not block for long because there is a short timeout before the process is forcibly terminated.

The shutdown function must return a Promise, which must resolve to undefined. Returning callback(value) will return a Promise that is resolved to value.

Example:

// using an async function
exports.shutdown = async (hookName, context) => {
  await flushBuffers();
};

pluginUninstall

Called from: src/static/js/pluginfw/installer.js

Things in context:

  1. plugin_name - self-explanatory

If this hook returns an error, the callback to the uninstall function gets an error as well. This mostly seems useful for handling additional features added in based on the installation of other plugins, which is pretty cool!

pluginInstall

Called from: src/static/js/pluginfw/installer.js

Things in context:

  1. plugin_name - self-explanatory

If this hook returns an error, the callback to the install function gets an error, too. This seems useful for adding in features when a particular plugin is installed.

init_<plugin name>

Called from: src/static/js/pluginfw/plugins.js

Run during startup after the named plugin is initialized.

Context properties: None

expressConfigure

Called from: src/node/hooks/express.js

Things in context:

  1. app - the main application object

This is a helpful hook for changing the behavior and configuration of the application. It's called right after the application gets configured.

expressCreateServer

Called from: src/node/hooks/express.js

Things in context:

  1. app - the main express application object (helpful for adding new paths and such)
  2. server - the http server object

This hook gets called after the application object has been created, but before it starts listening. This is similar to the expressConfigure hook, but it's not guaranteed that the application object will have all relevant configuration variables.

expressCloseServer

Called from: src/node/hooks/express.js

Things in context: Nothing

This hook is called when the HTTP server is closing, which happens during shutdown (see the shutdown hook) and when the server restarts (e.g., when a plugin is installed via the /admin/plugins page). The HTTP server may or may not already be closed when this hook executes.

Example:

exports.expressCloseServer = async () => {
  await doSomeCleanup();
};

eejsBlock_<name>

Called from: src/node/eejs/index.js

Things in context:

  1. content - the content of the block

This hook gets called upon the rendering of an ejs template block. For any specific kind of block, you can change how that block gets rendered by modifying the content object passed in.

Available blocks in pad.html are:

timeslider.html blocks:

index.html blocks:

padInitToolbar

Called from: src/node/hooks/express/specialpages.js

Things in context:

  1. toolbar - the toolbar controller that will render the toolbar eventually

Here you can add custom toolbar items that will be available in the toolbar config in settings.json. For more about the toolbar controller see the API section.

Usage examples:

onAccessCheck

Called from: src/node/db/SecurityManager.js

Things in context:

  1. padID - the real ID (never the read-only ID) of the pad the user wants to access
  2. token - the token of the author
  3. sessionCookie - the session the use has

This hook gets called when the access to the concrete pad is being checked. Return false to deny access.

padCreate

Called from: src/node/db/Pad.js

Things in context:

  1. pad - the pad instance
  2. author - the id of the author who created the pad

This hook gets called when a new pad was created.

padLoad

Called from: src/node/db/PadManager.js

Called when a pad is loaded, including after new pad creation.

Context properties:

padUpdate

Called from: src/node/db/Pad.js

Things in context:

  1. pad - the pad instance
  2. author - the id of the author who updated the pad
  3. revs - the index of the new revision
  4. changeset - the changeset of this revision (see Changeset Library)

This hook gets called when an existing pad was updated.

padCopy

Called from: src/node/db/Pad.js

Things in context:

  1. originalPad - the source pad instance
  2. destinationID - the id of the pad copied from originalPad

This hook gets called when an existing pad was copied.

Usage examples:

padRemove

Called from: src/node/db/Pad.js

Things in context:

  1. padID

This hook gets called when an existing pad was removed/deleted.

Usage examples:

socketio

Called from: src/node/hooks/express/socketio.js

Things in context:

  1. app - the application object
  2. io - the socketio object
  3. server - the http server object

I have no idea what this is useful for, someone else will have to add this description.

preAuthorize

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object
  3. next - bypass callback. If this is called instead of the normal callback then all remaining access checks are skipped.

This hook is called for each HTTP request before any authentication checks are performed. Example uses:

A preAuthorize function is always called for each request unless a preAuthorize function from another plugin (if any) has already explicitly granted or denied the request.

You can pass the following values to the provided callback:

Example:

exports.preAuthorize = (hookName, context, cb) => {
  if (ipAddressIsFirewalled(context.req)) return cb([false]);
  if (requestIsForStaticContent(context.req)) return cb([true]);
  if (requestIsForOAuthCallback(context.req)) return cb([true]);
  return cb([]);
};

authorize

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object
  3. next - ?
  4. resource - the path being accessed

This hook is called to handle authorization. It is especially useful for controlling access to specific paths.

A plugin's authorize function is only called if all of the following are true:

Note that the authorize hook cannot grant access to /admin pages. If admin access is desired, the is_admin user setting must be set to true. This can be set in the settings file or by the authenticate hook.

You can pass the following values to the provided callback:

Example:

exports.authorize = (hookName, context, cb) => {
  const user = context.req.session.user;
  const path = context.req.path;  // or context.resource
  if (isExplicitlyProhibited(user, path)) return cb([false]);
  if (isExplicitlyAllowed(user, path)) return cb([true]);
  return cb([]);  // Let the next authorization plugin decide
};

authenticate

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object
  3. users - the users object from settings.json (possibly modified by plugins)
  4. next - ?
  5. username - the username used (optional)
  6. password - the password used (optional)

This hook is called to handle authentication.

Plugins that supply an authenticate function should probably also supply an authnFailure function unless falling back to HTTP basic authentication is appropriate upon authentication failure.

This hook is only called if either the requireAuthentication setting is true or the request is for an /admin page.

Calling the provided callback with [true] or [false] will cause authentication to succeed or fail, respectively. Calling the callback with [] or undefined will defer the authentication decision to the next authentication plugin (if any, otherwise fall back to HTTP basic authentication).

If you wish to provide a mix of restricted and anonymous access (e.g., some pads are private, others are public), you can "authenticate" (as a guest account) users that have not yet logged in, and rely on other hooks (e.g., authorize, onAccessCheck, handleMessageSecurity) to authorize specific privileged actions.

If authentication is successful, the authenticate function MUST set context.req.session.user to the user's settings object. The username property of this object should be set to the user's username. The settings object should come from global settings (context.users[username]).

Example:

exports.authenticate = (hook_name, context, cb) => {
  if (notApplicableToThisPlugin(context)) {
    return cb([]);  // Let the next authentication plugin decide
  }
  const username = authenticate(context);
  if (!username) {
    console.warn(`ep_myplugin.authenticate: Failed authentication from IP ${context.req.ip}`);
    return cb([false]);
  }
  console.info(`ep_myplugin.authenticate: Successful authentication from IP ${context.req.ip} for user ${username}`);
  const users = context.users;
  if (!(username in users)) users[username] = {};
  users[username].username = username;
  context.req.session.user = users[username];
  return cb([true]);
};

authFailure

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object
  3. next - ?

DEPRECATED: Use authnFailure or authzFailure instead.

This hook is called to handle an authentication or authorization failure.

Plugins that supply an authenticate function should probably also supply an authnFailure function unless falling back to HTTP basic authentication is appropriate upon authentication failure.

A plugin's authFailure function is only called if all of the following are true:

Calling the provided callback with [true] tells Etherpad that the failure was handled and no further error handling is required. Calling the callback with [] or undefined defers error handling to the next authFailure plugin (if any, otherwise fall back to HTTP basic authentication for an authentication failure or a generic 403 page for an authorization failure).

Example:

exports.authFailure = (hookName, context, cb) => {
  if (notApplicableToThisPlugin(context)) {
    return cb([]);  // Let the next plugin handle the error
  }
  context.res.redirect(makeLoginURL(context.req));
  return cb([true]);
};

preAuthzFailure

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object

This hook is called to handle a pre-authentication authorization failure.

A plugin's preAuthzFailure function is only called if the pre-authentication authorization failure was not already handled by a preAuthzFailure function from another plugin.

Calling the provided callback with [true] tells Etherpad that the failure was handled and no further error handling is required. Calling the callback with [] or undefined defers error handling to a preAuthzFailure function from another plugin (if any, otherwise fall back to a generic 403 error page).

Example:

exports.preAuthzFailure = (hookName, context, cb) => {
  if (notApplicableToThisPlugin(context)) return cb([]);
  context.res.status(403).send(renderFancy403Page(context.req));
  return cb([true]);
};

authnFailure

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object

This hook is called to handle an authentication failure.

Plugins that supply an authenticate function should probably also supply an authnFailure function unless falling back to HTTP basic authentication is appropriate upon authentication failure.

A plugin's authnFailure function is only called if the authentication failure was not already handled by an authnFailure function from another plugin.

Calling the provided callback with [true] tells Etherpad that the failure was handled and no further error handling is required. Calling the callback with [] or undefined defers error handling to an authnFailure function from another plugin (if any, otherwise fall back to the deprecated authFailure hook).

Example:

exports.authnFailure = (hookName, context, cb) => {
  if (notApplicableToThisPlugin(context)) return cb([]);
  context.res.redirect(makeLoginURL(context.req));
  return cb([true]);
};

authzFailure

Called from: src/node/hooks/express/webaccess.js

Things in context:

  1. req - the request object
  2. res - the response object

This hook is called to handle a post-authentication authorization failure.

A plugin's authzFailure function is only called if the authorization failure was not already handled by an authzFailure function from another plugin.

Calling the provided callback with [true] tells Etherpad that the failure was handled and no further error handling is required. Calling the callback with [] or undefined defers error handling to an authzFailure function from another plugin (if any, otherwise fall back to the deprecated authFailure hook).

Example:

exports.authzFailure = (hookName, context, cb) => {
  if (notApplicableToThisPlugin(context)) return cb([]);
  if (needsPremiumAccount(context.req) && !context.req.session.user.premium) {
    context.res.status(200).send(makeUpgradeToPremiumAccountPage(context.req));
    return cb([true]);
  }
  // Use the generic 403 forbidden response.
  return cb([]);
};

handleMessage

Called from: src/node/handler/PadMessageHandler.js

Things in context:

  1. message - the message being handled
  2. socket - the socket.io Socket object
  3. client - deprecated synonym of socket

This hook allows plugins to drop or modify incoming socket.io messages from clients, before Etherpad processes them.

The handleMessage function must return a Promise. If the Promise resolves to null, the message is dropped. Returning callback(value) will return a Promise that is resolved to value.

Examples:

// Using an async function:
exports.handleMessage = async (hookName, {message, socket}) => {
  if (message.type === 'USERINFO_UPDATE') {
    // Force the display name to the name associated with the account.
    const user = socket.client.request.session.user || {};
    if (user.name) message.data.userInfo.name = user.name;
  }
};

// Using a regular function:
exports.handleMessage = (hookName, {message, socket}, callback) => {
  if (message.type === 'USERINFO_UPDATE') {
    // Force the display name to the name associated with the account.
    const user = socket.client.request.session.user || {};
    if (user.name) message.data.userInfo.name = user.name;
  }
  return callback();
};

handleMessageSecurity

Called from: src/node/handler/PadMessageHandler.js

Things in context:

  1. message - the message being handled
  2. socket - the socket.io Socket object
  3. client - deprecated synonym of socket

This hook allows plugins to grant temporary write access to a pad. It is called for each incoming message from a client. If write access is granted, it applies to the current message and all future messages from the same socket.io connection until the next CLIENT_READY message. Read-only access is reset after each CLIENT_READY message, so granting write access has no effect for those message types.

The handleMessageSecurity function must return a Promise. If the Promise resolves to true, write access is granted as described above. Returning callback(value) will return a Promise that is resolved to value.

Examples:

// Using an async function:
exports.handleMessageSecurity = async (hookName, {message, socket}) => {
  if (shouldGrantWriteAccess(message, socket)) return true;
  return;
};

// Using a regular function:
exports.handleMessageSecurity = (hookName, {message, socket}, callback) => {
  if (shouldGrantWriteAccess(message, socket)) return callback(true);
  return callback();
};

clientVars

Called from: src/node/handler/PadMessageHandler.js

Things in context:

  1. clientVars - the basic clientVars built by the core
  2. pad - the pad this session is about
  3. socket - the socket.io Socket object

This hook is called after a client connects but before the initial configuration is sent to the client. Plugins can use this hook to manipulate the configuration. (Example: Add a tracking ID for an external analytics tool that is used client-side.)

You can manipulate clientVars in two different ways:

If needed, you can access the user's account information (if authenticated) via context.socket.client.request.session.user.

Examples:

// Using an async function
exports.clientVars = async (hookName, context) => {
  const user = context.socket.client.request.session.user || {};
  return {'accountUsername': user.username || '<unknown>'}
};

// Using a regular function
exports.clientVars = (hookName, context, callback) => {
  const user = context.socket.client.request.session.user || {};
  return callback({'accountUsername': user.username || '<unknown>'});
};

getLineHTMLForExport

Called from: src/node/utils/ExportHtml.js

Things in context:

  1. apool - pool object
  2. attribLine - line attributes
  3. text - line text

This hook will allow a plug-in developer to re-write each line when exporting to HTML.

Example:

var Changeset = require("ep_etherpad-lite/static/js/Changeset");

exports.getLineHTMLForExport = function (hook, context) {
  var header = _analyzeLine(context.attribLine, context.apool);
  if (header) {
    return "<" + header + ">" + context.lineContent + "</" + header + ">";
  }
}

function _analyzeLine(alineAttrs, apool) {
  var header = null;
  if (alineAttrs) {
    var opIter = Changeset.opIterator(alineAttrs);
    if (opIter.hasNext()) {
      var op = opIter.next();
      header = Changeset.opAttributeValue(op, 'heading', apool);
    }
  }
  return header;
}

exportHTMLAdditionalContent

Called from: src/node/utils/ExportHtml.js

Things in context:

  1. padId

This hook will allow a plug-in developer to include additional HTML content in the body of the exported HTML.

Example:

exports.exportHTMLAdditionalContent = async (hookName, {padId}) => {
  return 'I am groot in ' + padId;
};

stylesForExport

Called from: src/node/utils/ExportHtml.js

Things in context:

  1. padId - The Pad Id

This hook will allow a plug-in developer to append Styles to the Exported HTML.

Example:

exports.stylesForExport = function(hook, padId, cb){
  cb("body{font-size:13.37em !important}");
}

aceAttribClasses

Called from: src/static/js/linestylefilter.js

This hook is called when attributes are investigated on a line. It is useful if you want to add another attribute type or property type to a pad.

An attributes object is passed to the aceAttribClasses hook functions instead of the usual context object. A hook function can either modify this object directly or provide an object whose properties will be assigned to the attributes object.

Example:

exports.aceAttribClasses = (hookName, attrs, cb) => {
  return cb([{
    sub: 'tag:sub',
  }]);
};

exportFileName

Called from src/node/handler/ExportHandler.js

Things in context:

  1. padId

This hook will allow a plug-in developer to modify the file name of an exported pad. This is useful if you want to export a pad under another name and/or hide the padId under export. Note that the doctype or file extension cannot be modified for security reasons.

Example:

exports.exportFileName = function(hook, padId, callback){
  callback("newFileName"+padId);
}

exportHtmlAdditionalTags

Called from src/node/utils/ExportHtml.js

Things in context:

  1. Pad object

This hook will allow a plug-in developer to include more properties and attributes to support during HTML Export. If tags are stored as ['color', 'red'] on the attribute pool, use exportHtmlAdditionalTagsWithData instead. An Array should be returned.

Example:

// Add the props to be supported in export
exports.exportHtmlAdditionalTags = function(hook, pad, cb){
  var padId = pad.id;
  cb(["massive","jugs"]);
};

exportHtmlAdditionalTagsWithData

Called from src/node/utils/ExportHtml.js

Things in context:

  1. Pad object

Identical to exportHtmlAdditionalTags, but for tags that are stored with a specific value (not simply true) on the attribute pool. For example ['color', 'red'], instead of ['bold', true]. This hook will allow a plug-in developer to include more properties and attributes to support during HTML Export. An Array of arrays should be returned. The exported HTML will contain tags like <span data-color="red"> for the content where attributes are ['color', 'red'].

Example:

// Add the props to be supported in export
exports.exportHtmlAdditionalTagsWithData = function(hook, pad, cb){
  var padId = pad.id;
  cb([["color", "red"], ["color", "blue"]]);
};

exportEtherpadAdditionalContent

Called from src/node/utils/ExportEtherpad.js and src/node/utils/ImportEtherpad.js

Things in context: Nothing

Useful for exporting and importing pad metadata that is stored in the database but not in the pad's content or attributes. For example, in ep_comments_page the comments are stored as comments:padId:uniqueIdOfComment so a complete export of all pad data to an .etherpad file must include the comments:padId:* records.

Example:

// Add support for exporting comments metadata
exports.exportEtherpadAdditionalContent = () => ['comments'];

import

Called from: src/node/handler/ImportHandler.js

Called when a user submits a document for import, before the document is converted to HTML. The hook function should return a truthy value if the hook function elected to convert the document to HTML.

Context properties:

userJoin

Called from: src/node/handler/PadMessageHandler.js

Called after users have been notified that a new user has joined the pad.

Context properties:

Example:

exports.userJoin = async (hookName, {authorId, displayName, padId}) => {
  console.log(`${authorId} (${displayName}) joined pad ${padId});
};

userLeave

Called from: src/node/handler/PadMessageHandler.js

Called when a user disconnects from a pad. This is useful if you want to perform certain actions after a pad has been edited.

Context properties:

Example:

exports.userLeave = async (hookName, {author, padId}) => {
  console.log(`${author} left pad ${padId}`);
};

chatNewMessage

Called from: src/node/handler/PadMessageHandler.js

Called when a user (or plugin) generates a new chat message, just before it is saved to the pad and relayed to all connected users.

Context properties:

editorInfo

editorInfo.ace_replaceRange(start, end, text)

This function replaces a range (from start to end) with text.

editorInfo.ace_getRep()

Returns the rep object.

editorInfo.ace_getAuthor()

editorInfo.ace_inCallStack()

editorInfo.ace_inCallStackIfNecessary(?)

editorInfo.ace_focus(?)

editorInfo.ace_importText(?)

editorInfo.ace_importAText(?)

editorInfo.ace_exportText(?)

editorInfo.ace_editorChangedSize(?)

editorInfo.ace_setOnKeyPress(?)

editorInfo.ace_setOnKeyDown(?)

editorInfo.ace_setNotifyDirty(?)

editorInfo.ace_dispose(?)

editorInfo.ace_setEditable(bool)

editorInfo.ace_execCommand(?)

editorInfo.ace_callWithAce(fn, callStack, normalize)

editorInfo.ace_setProperty(key, value)

editorInfo.ace_setBaseText(txt)

editorInfo.ace_setBaseAttributedText(atxt, apoolJsonObj)

editorInfo.ace_applyChangesToBase(c, optAuthor, apoolJsonObj)

editorInfo.ace_prepareUserChangeset()

editorInfo.ace_applyPreparedChangesetToBase()

editorInfo.ace_setUserChangeNotificationCallback(f)

editorInfo.ace_setAuthorInfo(author, info)

editorInfo.ace_fastIncorp(?)

editorInfo.ace_isCaret(?)

editorInfo.ace_getLineAndCharForPoint(?)

editorInfo.ace_performDocumentApplyAttributesToCharRange(?)

editorInfo.ace_setAttributeOnSelection(attribute, enabled)

Sets an attribute on current range. Example: `call.editorInfo.ace_setAttributeOnSelection("turkey::balls", true); // turkey is the attribute here, balls is the value Notes: to remove the attribute pass enabled as false

editorInfo.ace_toggleAttributeOnSelection(?)

editorInfo.ace_getAttributeOnSelection(attribute, prevChar)

Returns a boolean if an attribute exists on a selected range. prevChar value should be true if you want to get the previous Character attribute instead of the current selection for example if the caret is at position 0,1 (after first character) it's probable you want the attributes on the character at 0,0 The attribute should be the string name of the attribute applied to the selection IE subscript Example usage: Apply the activeButton Class to a button if an attribute is on a highlighted/selected caret position or range. Example var isItThere = documentAttributeManager.getAttributeOnSelection("turkey::balls", true);

See the ep_subscript plugin for an example of this function in action. Notes: Does not work on first or last character of a line. Suffers from a race condition if called with aceEditEvent.

editorInfo.ace_performSelectionChange(?)

editorInfo.ace_doIndentOutdent(?)

editorInfo.ace_doUndoRedo(?)

editorInfo.ace_doInsertUnorderedList(?)

editorInfo.ace_doInsertOrderedList(?)

editorInfo.ace_performDocumentApplyAttributesToRange()

editorInfo.ace_getAuthorInfos()

Returns an info object about the author. Object key = author_id and info includes author's bg color value. Use to define your own authorship.

editorInfo.ace_performDocumentReplaceRange(start, end, newText)

This function replaces a range (from [x1,y1] to [x2,y2]) with newText.

editorInfo.ace_performDocumentReplaceCharRange(startChar, endChar, newText)

This function replaces a range (from y1 to y2) with newText.

editorInfo.ace_renumberList(lineNum)

If you delete a line, calling this method will fix the line numbering.

editorInfo.ace_doReturnKey()

Forces a return key at the current caret position.

editorInfo.ace_isBlockElement(element)

Returns true if your passed element is registered as a block element

editorInfo.ace_getLineListType(lineNum)

Returns the line's html list type.

editorInfo.ace_caretLine()

Returns X position of the caret.

editorInfo.ace_caretColumn()

Returns Y position of the caret.

editorInfo.ace_caretDocChar()

Returns the Y offset starting from [x=0,y=0]

editorInfo.ace_isWordChar(?)

Changeset Library

The changeset library provides tools to create, read, and apply changesets.

Changeset

const Changeset = require('ep_etherpad-lite/static/js/Changeset');

A changeset describes the difference between two revisions of a document. When a user edits a pad, the browser generates and sends a changeset to the server, which relays it to the other users and saves a copy (so that every past revision is accessible).

A transmitted changeset looks like this:

'Z:z>1|2=m=b*0|1+1$\n'

Attribute Pool

const AttributePool = require('ep_etherpad-lite/static/js/AttributePool');

Changesets do not include any attribute key–value pairs. Instead, they use numeric identifiers that reference attributes kept in an attribute pool. This attribute interning reduces the transmission overhead of attributes that are used many times.

There is one attribute pool per pad, and it includes every current and historical attribute used in the pad.

Further Reading

Detailed information about the changesets & Easysync protocol:

Plugin Framework

require("ep_etherpad-lite/static/js/plugingfw/plugins")

plugins.update

require("ep_etherpad-lite/static/js/plugingfw/plugins").update() will use npm to list all installed modules and read their ep.json files, registering the contained hooks. A hook registration is a pair of a hook name and a function reference (filename for require() plus function name)

hooks.callAll

require("ep_etherpad-lite/static/js/plugingfw/hooks").callAll("hook_name", {argname:value}) will call all hook functions registered for hook_name with {argname:value}.

hooks.aCallAll

?

...

Toolbar controller

src/node/utils/toolbar.js

button(opts)

Returns: {Button}

Example:

var orderedlist = toolbar.button({
  command: "insertorderedlist",
  localizationId: "pad.toolbar.ol.title",
  class: "buttonicon buttonicon-insertorderedlist"
})

You can also create buttons with text:

var myButton = toolbar.button({
  command: "myButton",
  localizationId: "myPlugin.toolbar.myButton",
  class: "buttontext"
})

selectButton(opts)

Returns: {SelectButton}

SelectButton.addOption(value, text, attributes)

registerButton(name, item)

isEnabled()

disable()

toggleDropDown(dropdown)

Shows the dropdown div.popup whose id equals dropdown.

registerCommand(cmd, callback)

Register a handler for a specific command. Commands are fired if the corresponding button is clicked or the corresponding select is changed.

registerAceCommand(cmd, callback)

Creates an ace callstack and calls the callback with an ace instance (and a toolbar item, if applicable): callback(cmd, ace, item).

Example:

toolbar.registerAceCommand("insertorderedlist", function (cmd, ace) {
  ace.ace_doInsertOrderedList();
});

registerDropdownCommand(cmd, dropdown)

Ties a div.popup where id equals dropdown to a command fired by clicking a button.

triggerCommand(cmd[, item])

Triggers a command (optionally with some internal representation of the toolbar item that triggered it).

Plugins

Etherpad allows you to extend its functionality with plugins. A plugin registers hooks (functions) for certain events (thus certain features) in Etherpad to execute its own functionality based on these events.

Publicly available plugins can be found in the npm registry (see https://npmjs.org). Etherpad's naming convention for plugins is to prefix your plugins with ep_. So, e.g. it's ep_flubberworms. Thus you can install plugins from npm, using npm install --no-save --legacy-peer-deps ep_flubberworm in Etherpad's root directory.

You can also browse to http://yourEtherpadInstan.ce/admin/plugins, which will list all installed plugins and those available on npm. It even provides functionality to search through all available plugins.

Folder structure

Ideally a plugin has the following folder structure:

ep_<plugin>/
 ├ .github/
 │  └ workflows/
 │     └ npmpublish.yml  ◄─ GitHub workflow to auto-publish on push
 ├ static/
 │  ├ css/               ◄─ static .css files
 │  ├ images/            ◄─ static image files
 │  ├ js/
 │  │  └ index.js        ◄─ static client-side code
 │  └ tests/
 │     ├ backend/
 │     │  └ specs/       ◄─ backend (server) tests
 │     └ frontend/
 │        └ specs/       ◄─ frontend (client) tests
 ├ templates/            ◄─ EJS templates (.html, .js, .css, etc.)
 ├ locales/
 │  ├ en.json            ◄─ English (US) strings
 │  └ qqq.json           ◄─ optional hints for translators
 ├ .travis.yml           ◄─ Travis CI config
 ├ LICENSE
 ├ README.md
 ├ ep.json               ◄─ Etherpad plugin definition
 ├ index.js              ◄─ server-side code
 ├ package.json
 └ package-lock.json

If your plugin includes client-side hooks, put them in static/js/. If you're adding in CSS or image files, you should put those files in static/css/ and static/image/, respectively, and templates go into templates/. Translations go into locales/. Tests go in static/tests/backend/specs/ and static/tests/frontend/specs/.

A Standard directory structure like this makes it easier to navigate through your code. That said, do note, that this is not actually required to make your plugin run. If you want to make use of our i18n system, you need to put your translations into locales/, though, in order to have them integrated. (See "Localization" for more info on how to localize your plugin.)

Plugin definition

Your plugin definition goes into ep.json. In this file you register your hook functions, indicate the parts of your plugin and the order of execution. (A documentation of all available events to hook into can be found in chapter hooks.)

{
  "parts": [
    {
      "name": "nameThisPartHoweverYouWant",
      "hooks": {
        "authenticate": "ep_<plugin>/<file>:functionName1",
        "expressCreateServer": "ep_<plugin>/<file>:functionName2"
      },
      "client_hooks": {
        "acePopulateDOMLine": "ep_<plugin>/<file>:functionName3"
      }
    }
  ]
}

A hook function registration maps a hook name to a hook function specification. The hook function specification looks like ep_example/file.js:functionName. It consists of two parts separated by a colon: a module name to require() and the name of a function exported by the named module. See module.exports for how to export a function.

For the module name you can omit the .js suffix, and if the file is index.js you can use just the directory name. You can also omit the module name entirely, in which case it defaults to the plugin name (e.g., ep_example).

You can also omit the function name. If you do, Etherpad will look for an exported function whose name matches the name of the hook (e.g., authenticate).

If either the module name or the function name is omitted (or both), the colon may also be omitted unless the provided module name contains a colon. (So if the module name is C:\foo.js then the hook function specification with the function name omitted would be "C:\\foo.js:".)

Examples: Suppose the plugin name is ep_example. All of the following are equivalent, and will cause the authorize hook to call the exports.authorize function in index.js from the ep_example plugin:

Client hooks and server hooks

There are server hooks, which will be executed on the server (e.g. expressCreateServer), and there are client hooks, which are executed on the client (e.g. acePopulateDomLine). Be sure to not make assumptions about the environment your code is running in, e.g. don't try to access process, if you know your code will be run on the client, and likewise, don't try to access window on the server...

Styling

When you install a client-side plugin (e.g. one that implements at least one client-side hook), the plugin name is added to the class attribute of the div #editorcontainerbox in the main window. This gives you the opportunity of tuning the appearance of the main UI in your plugin.

For example, this is the markup with no plugins installed:

<div id="editorcontainerbox" class="">

and this is the contents after installing someplugin:

<div id="editorcontainerbox" class="ep_someplugin">

This feature was introduced in Etherpad 1.8.

Parts

As your plugins become more and more complex, you will find yourself in the need to manage dependencies between plugins. E.g. you want the hooks of a certain plugin to be executed before (or after) yours. You can also manage these dependencies in your plugin definition file ep.json:

{
  "parts": [
    {
      "name": "onepart",
      "pre": [],
      "post": ["ep_onemoreplugin/partone"]
      "hooks": {
        "storeBar": "ep_monospace/plugin:storeBar",
        "getFoo": "ep_monospace/plugin:getFoo",
      }
    },
    {
      "name": "otherpart",
      "pre": ["ep_my_example/somepart", "ep_otherplugin/main"],
      "post": [],
      "hooks": {
        "someEvent": "ep_my_example/otherpart:someEvent",
        "another": "ep_my_example/otherpart:another"
      }
    }
  ]
}

Usually a plugin will add only one functionality at a time, so it will probably only use one part definition to register its hooks. However, sometimes you have to put different (unrelated) functionalities into one plugin. For this you will want use parts, so other plugins can depend on them.

pre/post

The "pre" and "post" definitions, affect the order in which parts of a plugin are executed. This ensures that plugins and their hooks are executed in the correct order.

"pre" lists parts that must be executed before the defining part. "post" lists parts that must be executed after the defining part.

You can, on a basic level, think of this as double-ended dependency listing. If you have a dependency on another plugin, you can make sure it loads before yours by putting it in "pre". If you are setting up things that might need to be used by a plugin later, you can ensure proper order by putting it in "post".

Note that it would be far more sane to use "pre" in almost any case, but if you want to change config variables for another plugin, or maybe modify its environment, "post" could definitely be useful.

Also, note that dependencies should also be listed in your package.json, so they can be npm install'd automagically when your plugin gets installed.

Package definition

Your plugin must also contain a package definition file, called package.json, in the project root - this file contains various metadata relevant to your plugin, such as the name and version number, author, project hompage, contributors, a short description, etc. If you publish your plugin on npm, these metadata are used for package search etc., but it's necessary for Etherpad plugins, even if you don't publish your plugin.

{
  "name": "ep_PLUGINNAME",
  "version": "0.0.1",
  "description": "DESCRIPTION",
  "author": "USERNAME (REAL NAME) <MAIL@EXAMPLE.COM>",
  "contributors": [],
  "dependencies": {"MODULE": "0.3.20"},
  "engines": {"node": ">=12.13.0"}
}

Templates

If your plugin adds or modifies the front end HTML (e.g. adding buttons or changing their functions), you should put the necessary HTML code for such operations in templates/, in files of type ".ejs", since Etherpad uses EJS for HTML templating. See the following link for more information about EJS: https://github.com/visionmedia/ejs.

Writing and running front-end tests for your plugin

Etherpad allows you to easily create front-end tests for plugins.

  1. Create a new folder: %your_plugin%/static/tests/frontend/specs
  2. Put your spec file in there. (Example spec files are visible in %etherpad_root_folder%/frontend/tests/specs.)
  3. Visit http://yourserver.com/frontend/tests and your front-end tests will run.

Cookies

Cookies used by Etherpad.

Name Sample value Domain Path Expires/max-age Http-only Secure Usage description
express_sid s%3A7yCNjRmTW8ylGQ53I2IhOwYF9... example.org / Session true true Session ID of the Express web framework. When Etherpad is behind a reverse proxy, and an administrator wants to use session stickiness, he may use this cookie. If you are behind a reverse proxy, please remember to set trustProxy: true in settings.json. Set in webaccess.js#L131.
language en example.org / Session false true The language of the UI (e.g.: en-GB, it). Set in pad_editor.js#L111.
prefs / prefsHttp %7B%22epThemesExtTheme%22... example.org /p year 3000 false true Client-side preferences (e.g.: font family, chat always visible, show authorship colors, ...). Set in pad_cookie.js#L49. prefs is used if Etherpad is accessed over HTTPS, prefsHttp if accessed over HTTP. For more info see https://github.com/ether/etherpad-lite/issues/3179.
token t.tFzkihhhBf4xKEpCK3PU example.org / 60 days false true A random token representing the author, of the form t.randomstring_of_lenght_20. The random string is generated by the client, at (pad.js#L55-L66). This cookie is always set by the client (at pad.js#L153-L158) without any solicitation from the server. It is used for all the pads accessed via the web UI (not used for the HTTP API). On the server side, its value is accessed at SecurityManager.js#L33.

For more info, visit the related discussion at https://github.com/ether/etherpad-lite/issues/3563.

Etherpad HTTP API clients may make use (if they choose so) to send another cookie:

Name Sample value Domain Usage description
sessionID s.1c70968b333b25476a2c7bdd0e0bed17 example.org Sessions can be created between a group and an author. This allows an author to access more than one group. The sessionID will be set as a cookie to the client and is valid until a certain date. The session cookie can also contain multiple comma-separated sessionIDs, allowing a user to edit pads in different groups at the same time. More info - https://github.com/ether/etherpad-lite/blob/develop/doc/api/http_api.md#session

Database structure

Keys and their values

groups

A list of all existing groups (a JSON object with groupIDs as keys and 1 as values).

pad:$PADID

Contains all information about pads

pad:$PADID:revs:$REVNUM

Saves a revision $REVNUM of pad $PADID

pad:$PADID:chat:$CHATNUM

Saves a chat entry with num $CHATNUM of pad $PADID

pad2readonly:$PADID

Translates a padID to a readonlyID

readonly2pad:$READONLYID

Translates a readonlyID to a padID

token2author:$TOKENID

Translates a token to an authorID

globalAuthor:$AUTHORID

Information about an author

mapper2group:$MAPPER

Maps an external application identifier to an internal group

mapper2author:$MAPPER

Maps an external application identifier to an internal author

group:$GROUPID

a group of pads

author2sessions:$AUTHORID

saves the sessions of an author

group2sessions:$GROUPID