| Commit message (Collapse) | Author | Files | Lines |
|---|
|
Backport of #345 to 1.x
Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
|
|
This commit backport 856fc01fb9b30489b254f2ef9d29de80aa189118
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Which is part of `passport-google-oauth2`.
It could be used as whitelist to a domain supported by google oauth.
Ref: https://github.com/jaredhanson/passport-google-oauth2/issues/3
Signed-off-by: ike <developer@ikewat.com>
|
|
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
|
instead of doing it in the authentication source
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
|
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
|
Saving referer into session in SAML auth so passport can redirect correctly after SAML login.
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
|
|
Signed-off-by: Girish Ramakrishnan <girish@cloudron.io>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Move postNote to NoteController and rename to createFromPost
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
Because of circular import problems, this commit also moves the error messages from response.js to errors.js
Signed-off-by: David Mehren <dmehren1@gmail.com>
|
|
This makes the references consistent/compatible with GitHub,
GitLab, Pandoc and many other tools.
This behavior can be enabled in config.json with:
```
"linkifyHeaderStyle": "gfm"
```
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
|
|
Known bugs/features:
- pushing towards an existing note results in an error 500
Signed-off-by: Erik Michelson <erik@liltv.de>
|
|
Signed-off-by: Erik Michelson <erik@liltv.de>
|
|
We have various places with overly simple if statements that could be
handled by our logging library. Also a lot of those logs are not marked
as debug logs but as info logs, which can cause confusion during
debugging.
This patch removed unneeded if clauses around debug logging statements,
reworks debug log messages towards ECMA templates and add some new
logging statements which might be helpful in order to debug things like
image uploads.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Since we are about to release it's time to finally fix our linting. This
patch basically runs eslint --fix and does some further manual fixes.
Also it sets up eslint to fail on every warning on order to make
warnings visable in the CI process.
There should no functional change be introduced.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
With very low CPU frequency or bad IO situation, as well as not-loaded
JS CodiMD happens to present unneeded "I'm busy"-messages to users.
This patch allows to configure the lag. The default is taken from the
libray but set in our own default configs.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Signed-off-by: Claudius <opensource@amenthes.de>
|
|
Signed-off-by: Dylan Dervaux <dylanderv05@gmail.com>
|
|
disableRequestedAuthnContext: true|false
By default only Password authmethod is accepted, this option allows any other method.
Issue and option described here:
https://github.com/bergie/passport-saml/issues/226
Signed-off-by: Emmanuel Ormancey <emmanuel.ormancey@cern.ch>
|
|
Signed-off-by: Thor77 <thor77@thor77.org>
|
|
Since Google+ is shutting down soon, we need to get the profile data
from another URL. Since the library already supports it, all we need to
do is adding a single line of code.
Details:
https://github.com/hackmdio/codimd/issues/1160
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Signed-off-by: Mathias Merscher <Mathias.Merscher@dg-i.net>
|
|
Due to the deprecation of the old `url`-API provided by NodeJS we
replaced `url.resolve` with `url.URL.resolve`, which doesn't exist.
This patch fixes the local filesystem upload of CodiMD by using the new
API correctly. Creating an URL object and using its href.
Some more background:
https://nodejs.org/api/url.html#url_url_href
https://nodejs.org/api/url.html#url_url_resolve_from_to
Fixes https://github.com/hackmdio/codimd/issues/1102
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
This commit also refactors the code a bit, and adds a '-' separator
between a filename and its duplicate index.
This commit fixes #1079.
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
|
|
Signed-off-by: CloudYu <cloudyu322@gmail.com>
|
|
most rules degraded to WARN, so we don't go insane. This will
change over time. The aim is to conform to a common style
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
|
|
This fixes part of #1056: an error while obtaining the profile
would have `502`-crashed the server.
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
|
|
Currently we only provide the version from `package.json`. This means
that during updates of instances, e.g. the demo instance, which runs
latest master instead of a stable release, changes are not reflected to
the webclient.
This patch adds a fullversion string that contains the current commit
and this way makes that clients are notified about changes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
With OpenID every OpenID capable provider can provide authentication for
users of a CodiMD instance. This means we have federated
authentication.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Signed-off-by: Claudius <opensource@amenthes.de>
|
|
Images are now properly served when `config.uploadsPath`
differs from its default value.
Signed-off-by: WilliButz <wbutz@cyberfnord.de>
|
|
As it turns out, expressjs doesn't detect the right mimetype and it
seems like I didn't bother to test this enough. So lets fix it for the
next release.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
A little minor change, by moving the CodiMD version header in its own
middleware. Should simplify to determine the version number of the
Backend in future.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
The image upload regex breaks with the new path for uploads.
This commit fixes it.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Since static path is providing with a high expiration data, we provide
configs via API. This shouldn't add any noticeable load while making it
uncached and this way working again.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
In https://github.com/hackmdio/hackmd/issues/834 is described how
starting HackMD crashes when using the wrong working dir.
This is caused by a relative path in our upload routine. This change
should fix it and prevent future crashes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
Signed-off-by: Adam Hoka <hoka.adam@nexogen.hu>
|
|
Signed-off-by: Adam Hoka <hoka.adam@nexogen.hu>
|
|
This function is the first step to get out data following GDPR about the
transportability of data.
Details: https://gdpr-info.eu/art-20-gdpr/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
|
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.
We can add a GUI that shows it later on.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
