| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
| |
disableRequestedAuthnContext: true|false
By default only Password authmethod is accepted, this option allows any other method.
Issue and option described here:
https://github.com/bergie/passport-saml/issues/226
Signed-off-by: Emmanuel Ormancey <emmanuel.ormancey@cern.ch>
|
|
|
|
|
|
|
|
| |
HSTS maxAge has to be an integer, not a string.
Fixes https://github.com/hackmdio/codimd/issues/1159
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
|
| |
We recently added the new logging option. As it turns out, the new
option was not added correctly, which points out that our current json
linting is **not working**. It throws an error but doesn't break.
This patch fixes the typo in the example. It does not fix the CI part.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
| |
Our log library got a new major version which should be implemented.
That's exactly what this patch does. Implementing the new version of the
logging library.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
| |
Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility)
Default gitlab api version to v4
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
| |
Signed-off-by: Adam Hoka <hoka.adam@nexogen.hu>
|
|
|
|
|
|
|
|
|
| |
This commit fixes some json fromat issues in our config example that
causes errors on setup.
This change should fix it.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.
Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.
They are enabled by default to prevent breaking changes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
|
|
|
|
| |
hackmdio/hackmd#754
Signed-off-by: Felix Schäfer <felix@thegcat.net>
|
|
|
|
| |
Signed-off-by: Dustin Frisch <fooker@lab.sh>
|
|
|
|
| |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|\
| |
| | |
Implement basic CSP support
|
| |
| |
| |
| | |
Not sure why I was quoting these in the first place
|
| | |
|
| | |
|
|\ \ |
|
| | |
| | |
| | |
| | | |
Signed-off-by: Alec WM <firstcontact@owls.io>
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
This determines which ldap field is used as the username on
HackMD. By default, the "id" is used as username, too. The id
is taken from the fields `uidNumber`, `uid` or
`sAMAccountName`. To give the user more flexibility, they can
now choose the field used for the username instead.
|
| | |
|
| | |
|
| | |
|
| | |
|
|/ |
|
| |
|
|
|
|
| |
on it
|
| |
|
|\ |
|
| |\
| | |
| | | |
Support for LDAP server authentication
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Limitations as of this commit:
- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
- instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
because we aren't using oauth. The currently generated
tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
|
|/ / |
|
| | |
|
|/ |
|
|
|