summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Removing returnTo setting from referer in all other authentication sourcesRalph Krimmel2019-11-2812-28/+8
| | | | Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
* Moving the storage of referrer information to main authorization check ↵Ralph Krimmel2019-11-282-5/+5
| | | | | | instead of doing it in the authentication source Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
* Fixing linting problemsRalph Krimmel2019-11-271-4/+3
| | | | Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
* Fixing redirection after SAML loginfoobarable2019-11-271-2/+5
| | | | | | Saving referer into session in SAML auth so passport can redirect correctly after SAML login. Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
* Merge pull request #213 from davidmehren/refactor_backend_notesSheogorath2019-11-2019-581/+564
|\ | | | | First steps in refactoring the backend code
| * Inline renderPublishSlideDavid Mehren2019-10-271-8/+4
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Inline responseCodiMDDavid Mehren2019-10-271-18/+14
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Inline publish and slideDavid Mehren2019-10-271-10/+2
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Inline renderPublishDavid Mehren2019-10-271-8/+4
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Move showPublishNote and publishNoteActions to note controllerDavid Mehren2019-10-276-125/+99
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Move showNote to note controllerDavid Mehren2019-10-273-133/+19
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Move note actions into their own fileDavid Mehren2019-10-272-9/+131
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Rename actions.js to controller.js and rename functions to be more descriptiveDavid Mehren2019-10-273-34/+33
| | | | | | | | | | | | Move postNote to NoteController and rename to createFromPost Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Move slide actions to own fileDavid Mehren2019-10-274-85/+87
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Fix errors constant in note/actions.jsDavid Mehren2019-10-271-7/+7
| | | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
| * Move note actions to their own file.David Mehren2019-10-2716-390/+410
| | | | | | | | | | | | Because of circular import problems, this commit also moves the error messages from response.js to errors.js Signed-off-by: David Mehren <dmehren1@gmail.com>
* | Update sv.json (POEditor.com)Sheogorath2019-11-201-1/+2
| |
* | Update sk.json (POEditor.com)Sheogorath2019-11-201-3/+4
| |
* | Update it.json (POEditor.com)Sheogorath2019-11-201-3/+4
| |
* | Update fr.json (POEditor.com)Sheogorath2019-11-201-1/+2
| |
* | Update ca.json (POEditor.com)Sheogorath2019-11-201-103/+121
| |
* | Merge pull request #223 from codimd/snyk-fix-84ae3f6ae6fb5c18e43decdf8ab49318Sheogorath2019-11-161-1/+1
|\ \ | | | | | | [Snyk] Fix for 1 vulnerabilities
| * | fix: package.json to reduce vulnerabilitiessnyk-bot2019-11-161-1/+1
|/ / | | | | | | | | The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
* | Merge pull request #217 from cloudron-io/lutim_crashSheogorath2019-10-301-1/+1
|\ \ | | | | | | Fix crash in lutim integration
| * | Fix crash in lutim integrationGirish Ramakrishnan2019-10-291-1/+1
|/ / | | | | | | Signed-off-by: Girish Ramakrishnan <girish@cloudron.io>
* | Merge pull request #210 from davidmehren/mathjax_fixSheogorath2019-10-292-2/+10
|\ \ | | | | | | Fix compatibility with MathJax 2.7.6
| * | Fix compatibility with MathJax 2.7.6David Mehren2019-10-252-2/+10
| |/ | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* | Merge pull request #209 from davidmehren/webpack_docsSheogorath2019-10-291-1/+8
|\ \ | | | | | | Improve webpack dev documentation
| * | Improve webpack dev documentationDavid Mehren2019-10-251-1/+8
| |/ | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* | Merge pull request #212 from davidmehren/webpack_cleanupSheogorath2019-10-291-5/+1
|\ \ | | | | | | Remove unused webpack plugins from package.json
| * | Remove unused webpack plugins from package.jsonDavid Mehren2019-10-251-5/+1
| |/ | | | | | | Signed-off-by: David Mehren <dmehren1@gmail.com>
* | Merge pull request #215 from SISheogorath/upgrade/database-versionsSheogorath2019-10-292-173/+399
|\ \ | | | | | | Upgrade all ORM/database related packages
| * | Upgrade all ORM/database related packagesSheogorath2019-10-282-173/+399
|/ / | | | | | | | | | | | | | | | | This patch provides some major upgrades to all database backend library. It also fixes an issues that appears since the change from sequelize v3 to v5 where mariadb was originally handled by mysql2 and is now handled by an own mariadb library. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #208 from jfowl/doc-change-to-yarnSheogorath2019-10-282-6/+6
|\ \ | |/ |/| Replace `npm` with `yarn` commands in docs.
| * Replaces `npm` with `yarn` commands in docs.Jonas Zohren2019-10-252-6/+6
|/ | | | Signed-off-by: Jonas Zohren <jonas.zohren@tu-dortmund.de>
* Update yarn.lockSheogorath2019-10-231-134/+164
|
* Merge pull request #205 from hoijui/linkifyHeaderStyleSheogorath2019-10-235-7/+16
|\ | | | | Allow to generate lower case header references through the config
| * Allow to generate lower case header references through the confighoijui2019-10-225-4/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | This makes the references consistent/compatible with GitHub, GitLab, Pandoc and many other tools. This behavior can be enabled in config.json with: ``` "linkifyHeaderStyle": "gfm" ``` Signed-off-by: hoijui <hoijui.quaero@gmail.com>
| * slight doc comment touch-up/simplification [minor]hoijui2019-10-221-3/+3
| | | | | | | | Signed-off-by: hoijui <hoijui.quaero@gmail.com>
* | Merge pull request #206 from SISheogorath/fix/CVE-2019-15499Sheogorath2019-10-221-1/+1
|\ \ | |/ |/| Don't accept sandbox attribute
| * Don't accept sandbox attributeRyotaK2019-10-221-1/+1
|/ | | | | | Because sandbox is whitelist attribute, attacker will be able to create iframe that has more permission than default. Signed-off-by: RyotaK <49341894+ry0tak@users.noreply.github.com>
* Merge pull request #200 from ErikMichelson/docs/apiSheogorath2019-10-202-0/+524
|\ | | | | Add API documentation (#172)
| * Fixed JSON syntax error in api doc exampleErik Michelson2019-10-181-1/+1
| | | | | | | | Signed-off-by: Erik Michelson <erik@liltv.de>
| * Finishing openapi docErik Michelson2019-10-171-1/+288
| | | | | | | | | | | | version 1.6.0 is noted as this document already contains the 1.6.0 endpoint /new/alias Signed-off-by: Erik Michelson <erik@liltv.de>
| * WIP: Adding openapi docErik Michelson2019-10-152-1/+195
| | | | | | | | Signed-off-by: Erik Michelson <erik@liltv.de>
| * Added API-doc as markdown fileErik Michelson2019-10-131-0/+43
|/ | | | Signed-off-by: Erik Michelson <erik@liltv.de>
* Merge pull request #199 from SISheogorath/fix/opengraphSheogorath2019-10-121-1/+2
|\ | | | | Fix broken error template due to missing opengraph
| * Fix broken error template due to missing opengraphSheogorath2019-10-111-1/+2
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This regression bug was caused by the error page using the `codimd/head` template. This resulted in error messages like this: ``` ReferenceError: /codimd/public/views/error.ejs:5 3| 4| <head> >> 5| <%- include codimd/head %> 6| <link rel="stylesheet" href="<%- serverURL %>/css/center.css"> 7| </head> 8| /codimd/public/views/codimd/head.ejs:7 5| <meta name="apple-mobile-web-app-status-bar-style" content="black"> 6| <meta name="mobile-web-app-capable" content="yes"> >> 7| <% for (var og in opengraph) { %> 8| <% if (opengraph.hasOwnProperty(og) && opengraph[og].trim() !== '') { %> 9| <meta property="og:<%- og %>" content="<%- opengraph[og] %>"> 10| <% }} if (!opengraph.hasOwnProperty('image')) { %> opengraph is not defined at eval (eval at compile (/codimd/node_modules/ejs/lib/ejs.js:618:12), <anonymous>:18:23) at eval (eval at compile (/codimd/node_modules/ejs/lib/ejs.js:618:12), <anonymous>:99:10) at returnedFn (/codimd/node_modules/ejs/lib/ejs.js:653:17) at tryHandleCache (/codimd/node_modules/ejs/lib/ejs.js:251:36) at View.exports.renderFile [as engine] (/codimd/node_modules/ejs/lib/ejs.js:482:10) at View.render (/codimd/node_modules/express/lib/view.js:135:8) at tryRender (/codimd/node_modules/express/lib/application.js:640:10) at Function.render (/codimd/node_modules/express/lib/application.js:592:3) at ServerResponse.render (/codimd/node_modules/express/lib/response.js:1012:7) at responseError (/codimd/lib/response.js:57:20) at Object.errorNotFound (/codimd/lib/response.js:30:5) at newNote (/codimd/lib/response.js:134:76) at /codimd/lib/response.js:172:16 at tryCatcher (/codimd/node_modules/bluebird/js/release/util.js:16:23) at Promise._settlePromiseFromHandler (/codimd/node_modules/bluebird/js/release/promise.js:517:31) at Promise._settlePromise (/codimd/node_modules/bluebird/js/release/promise.js:574:18) at Promise._settlePromise0 (/codimd/node_modules/bluebird/js/release/promise.js:619:10) at Promise._settlePromises (/codimd/node_modules/bluebird/js/release/promise.js:699:18) at _drainQueueStep (/codimd/node_modules/bluebird/js/release/async.js:138:12) at _drainQueue (/codimd/node_modules/bluebird/js/release/async.js:131:9) at Async._drainQueues (/codimd/node_modules/bluebird/js/release/async.js:147:5) at Immediate.Async.drainQueues (/codimd/node_modules/bluebird/js/release/async.js:17:14) ``` The fix for that is rather trivial. We simply provide an empty array of metadata when generating the error template. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #191 from ErikMichelson/feature/ogmetadataSheogorath2019-10-106-2/+55
|\ | | | | Add customizable opengraph metadata for notes (see #40)
| * Fixed bugs, added default imageErik Michelson2019-10-093-6/+12
| | | | | | | | Signed-off-by: Erik Michelson <erik@liltv.de>