| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As we noticed in our poll about CDN usage, that most people
intentionally turn it off, but very little intetionally turn it on or
leave it on. [1]
There is also strong indicators that CDNs don't really provide any
benefits in loading time and due to the small deployments of CodiMD,
there is no big savings due to CDNs either. [2]
Therefore this patch changes the CDN default settings to off in order to
reduce the exposed user data.
[1]: https://community.codimd.org/t/poll-on-cdn-usage/28
[2]: https://csswizardry.com/2019/05/self-host-your-static-assets/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| |
| | |
See https://github.com/codimd/server/pull/265
|
| |
| |
| |
| | |
Signed-off-by: ike <developer@ikewat.com>
|
|/
|
|
|
|
|
|
| |
Which is part of `passport-google-oauth2`.
It could be used as whitelist to a domain supported by google oauth.
Ref: https://github.com/jaredhanson/passport-google-oauth2/issues/3
Signed-off-by: ike <developer@ikewat.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
This update of revealJS helps us to get rid of the headjs depedency
integration using webpack. It updates reveal.js to 3.9.2 and updates the
csp hash accordingly for using the slide mode.
Background for this update is the critical security vulnerability
described by snyk in their disclosure:
https://snyk.io/vuln/SNYK-JS-REVEALJS-543841
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| | |
Changed Gravatar to Libravatar in privacy-template
|
|/
|
|
| |
Signed-off-by: Erik Michelson <erik@liltv.de>
|
|\
| |
| | |
update env docs in reference to #247
|
| |
| |
| |
| | |
Signed-off-by: Amolith <amolith@nixnet.xyz>
|
|\ \
| |/
|/| |
Fix #249 - Focus user field after opening login modal
|
| |
| |
| |
| | |
Signed-off-by: Erik Michelson <erik@liltv.de>
|
|\ \
| | |
| | | |
Fix font loading when useCDN is false
|
| | |
| | |
| | |
| | | |
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
|
|/ /
| |
| |
| | |
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
|
|\ \
| | |
| | | |
Update example config for gitlab authorization
|
| |/
| |
| |
| |
| |
| | |
Update example config for gitlab authorization
Signed-off-by: Ian Tsai <b10102016@gmail.com>
|
|\ \
| |/
|/| |
heroku complains about dialect
|
|/
|
|
| |
Signed-off-by: Claudius <opensource@amenthes.de>
|
|\
| |
| | |
Fix #234 - make manage_users work again
|
| |
| |
| |
| |
| |
| |
| | |
Use another return code for "User already exist"
This allows external scripts to differentiate between failure reasons.
Signed-off-by: Soeren Wegener <wegener92@gmail.com>
|
|\ \
| | |
| | | |
Fix urlPath support, let CodiMD be served from a subpath correctly
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Webpack now uses relative paths for resources linked from by static
snippets. A templated <base> tag has been introduced in headers
so app.js can set the base URL at runtime.
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
|
|\ \ \
| |/ /
|/| | |
[DOC] Run `manage_users` with `NODE_ENV=production` set.
|
|/ /
| |
| |
| |
| |
| | |
`manage_user` script defaults to `development` environment.
Signed-off-by: Matteo Savatteri <matteosavatteri@lcm.mi.infn.it>
|
|\ \
| | |
| | | |
[DOC] Use `npm start`, not `yarn start` to start
|
|/ /
| |
| |
| |
| |
| |
| | |
`yarn start --production` ignores the `--production` flag,
`npm start --production` does not.
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
|
|\ \
| |/
|/| |
[DOC] Misc improvements to manual setup instructions
|
|/
|
|
| |
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
|
|\
| |
| | |
Linkify header style
|
| |
| |
| |
| | |
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
| |
| |
| |
| | |
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
| |
| |
| |
| |
| | |
Co-Authored-By: Yukai Huang <yukaihuangtw@gmail.com>
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
|\ \
| | |
| | | |
Upgrade webpack & plugins
|
| | |
| | |
| | |
| | | |
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|\ \ \
| |/ /
|/| | |
Fixing redirection after SAML login
|
| |\ \
| | | |
| | | |
| | | | |
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
| | |\ \
| | | | |
| | | | |
| | | | | |
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
| |\ \ \ \
| | |/ / /
| |/| / /
| | |/ / |
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
| | | | |
|
| |/ /
| | |
| | |
| | | |
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
| | |
| | |
| | |
| | |
| | |
| | | |
instead of doing it in the authentication source
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
| | |
| | |
| | |
| | | |
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
|/ /
| |
| |
| |
| |
| | |
Saving referer into session in SAML auth so passport can redirect correctly after SAML login.
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
|\ \
| | |
| | | |
First steps in refactoring the backend code
|