summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--README.md10
-rw-r--r--lib/csp.js5
-rw-r--r--public/js/index.js6
-rw-r--r--test/csp.js15
4 files changed, 33 insertions, 3 deletions
diff --git a/README.md b/README.md
index dacdfe17..e02b9346 100644
--- a/README.md
+++ b/README.md
@@ -66,6 +66,16 @@ To use CodiMD, your browser should match or exceed these versions:
- ![Opera](https://raw.githubusercontent.com/alrra/browser-logos/HEAD/src/opera/opera_24x24.png) Opera >= 34, ![Opera Mini](https://raw.githubusercontent.com/alrra/browser-logos/HEAD/src/opera-mini/opera-mini_24x24.png) Opera Mini not supported
- ![Android Browser](https://raw.githubusercontent.com/alrra/browser-logos/HEAD/src/android-webview-beta/android-webview-beta_24x24.png) Android Browser >= 4.4
+## Backup/restore your instance
+
+To backup codimd, you should:
+
+- backup your database
+- backup your custom config file if you have one
+- backup the upload folder (see the [uploadsPath](./docs/configuration.md#codimd-paths-stuff) config directive)
+
+Restoring an existing instance of codimd is then just a matter of restoring these elements.
+
## Related Tools
Our community has created related tools, we'd like to highlight [codimd-cli](https://github.com/codimd/cli)
diff --git a/lib/csp.js b/lib/csp.js
index fe8bea01..24399436 100644
--- a/lib/csp.js
+++ b/lib/csp.js
@@ -32,6 +32,10 @@ var googleAnalyticsDirectives = {
scriptSrc: ['https://www.google-analytics.com']
}
+var dropboxDirectives = {
+ scriptSrc: ['https://www.dropbox.com', '\'unsafe-inline\'']
+}
+
CspStrategy.computeDirectives = function () {
var directives = {}
mergeDirectives(directives, config.csp.directives)
@@ -39,6 +43,7 @@ CspStrategy.computeDirectives = function () {
mergeDirectivesIf(config.useCDN, directives, cdnDirectives)
mergeDirectivesIf(config.csp.addDisqus, directives, disqusDirectives)
mergeDirectivesIf(config.csp.addGoogleAnalytics, directives, googleAnalyticsDirectives)
+ mergeDirectivesIf(config.dropbox.appKey, directives, dropboxDirectives)
if (!areAllInlineScriptsAllowed(directives)) {
addInlineScriptExceptions(directives)
}
diff --git a/public/js/index.js b/public/js/index.js
index 36f396fa..9946e6fd 100644
--- a/public/js/index.js
+++ b/public/js/index.js
@@ -944,7 +944,8 @@ ui.toolbar.download.rawhtml.click(function (e) {
// pdf
ui.toolbar.download.pdf.attr('download', '').attr('href', noteurl + '/pdf')
// export to dropbox
-ui.toolbar.export.dropbox.click(function () {
+ui.toolbar.export.dropbox.click(function (event) {
+ event.preventDefault()
var filename = renderFilename(ui.area.markdown) + '.md'
var options = {
files: [
@@ -996,7 +997,8 @@ ui.toolbar.export.snippet.click(function () {
})
})
// import from dropbox
-ui.toolbar.import.dropbox.click(function () {
+ui.toolbar.import.dropbox.click(function (event) {
+ event.preventDefault()
var options = {
success: function (files) {
ui.spinner.show()
diff --git a/test/csp.js b/test/csp.js
index 8cf24b9a..d081cef0 100644
--- a/test/csp.js
+++ b/test/csp.js
@@ -27,7 +27,10 @@ describe('Content security policies', function () {
upgradeInsecureRequests: 'auto',
reportURI: undefined
},
- useCDN: true
+ useCDN: true,
+ dropbox: {
+ appKey: undefined
+ }
}
})
@@ -78,6 +81,16 @@ describe('Content security policies', function () {
assert(!csp.computeDirectives().fontSrc.includes('https://*.disquscdn.com'))
})
+ it('Include dropbox if configured', function () {
+ let testconfig = defaultConfig
+ testconfig.dropbox.appKey = 'hedgedoc'
+ mock('../lib/config', testconfig)
+ csp = mock.reRequire('../lib/csp')
+
+ assert(csp.computeDirectives().scriptSrc.includes('https://www.dropbox.com'))
+ assert(csp.computeDirectives().scriptSrc.includes('\'unsafe-inline\''))
+ })
+
it('Set ReportURI', function () {
let testconfig = defaultConfig
testconfig.csp.reportURI = 'https://example.com/reportURI'