Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2018-03-15 | Convert HMD_MINIO_PORT into Number type. | vazontang | 1 | -1/+1 | |
fix hackmdio/hackmd#763 Signed-off-by: Tang TsungYi <vazontang@gmail.com> | |||||
2018-03-14 | Add config option for report URI in CSP | Sheogorath | 3 | -2/+11 | |
This option is needed as it's currently not possible to add an report URI by the directives array. This option also allows to get CSP reports not only on docker based setup but also on our heroku instances. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-03-11 | Fix to log instead of throwing error on parse note id | Max Wu | 1 | -2/+4 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-03-10 | Fix parseNoteId order to fix some edge case | Max Wu | 1 | -7/+7 | |
that LZString note url could be parsed by base64url note url and thus return wrong note id Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-03-10 | Improve history migration performance | Max Wu | 1 | -11/+5 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-03-09 | Multiple emails from LDAP are already an Array | Felix Schäfer | 1 | -1/+1 | |
Signed-off-by: Felix Schäfer <felix@thegcat.net> | |||||
2018-03-06 | Add missing migration for permissions | Sheogorath | 1 | -0/+11 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-03-05 | Remove unused LDAP option `tokenSecret` | Felix Schäfer | 2 | -2/+0 | |
hackmdio/hackmd#754 Signed-off-by: Felix Schäfer <felix@thegcat.net> | |||||
2018-03-01 | Introduce ldap.useridField | Dustin Frisch | 3 | -1/+6 | |
Signed-off-by: Dustin Frisch <fooker@lab.sh> | |||||
2018-02-27 | Update to use buffer in encode/decode note id | Max Wu | 1 | -2/+4 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-26 | Add migration for LZString compressed note id in history | Max Wu | 1 | -1/+21 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-26 | Remove and replace all note id compression in LZString with base64url | Max Wu | 3 | -8/+33 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-17 | Fix to show 500 message when got error in parseNoteId | Max Wu | 1 | -1/+2 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-09 | Fix field type to prevent data truncation of authorship (#721) | Max Wu | 3 | -2/+15 | |
* Fix field type to prevent data truncation of authorship | |||||
2018-02-08 | Fix typo of DB migration script | Takeaki Matsumoto | 1 | -2/+2 | |
Signed-off-by: Takeaki Matsumoto <takeaki.matsumoto@ntt.com> | |||||
2018-02-05 | don't require referer to find note id in socket.io connections (fixes #623) | Stefan Bühler | 1 | -6/+14 | |
Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de> | |||||
2018-01-30 | Fix uncaught exception for non-existent user | Sheogorath | 1 | -0/+5 | |
Since we added user management it's possible to get non-existent users which can cause a crash of the Backend server. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-27 | Remove camel case from `imageuploadtype` in config | Sheogorath | 4 | -6/+14 | |
This removes the only camel cased option of the config options **we** added to the config.json. In auth provider's config parts are a lot of camel cased options provided. We shouldn't touch them to keep them as similar as possible to the examples. Fixes #315 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-26 | Fix ldap provider name in template | Sheogorath | 1 | -0/+2 | |
Before this fix it's impossible to set the provider name in the sign-model since `ldap` is a boolean there and this way not able to have an attribute like `ldap.providerName`. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-23 | Fix broken port config | Sheogorath | 1 | -1/+1 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-20 | Allow more detailed configuration of upload mime types | Sheogorath | 1 | -0/+20 | |
Fixes #637 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-20 | Add option to enable `freely` permission in closed instance | Dario Ernst | 5 | -2/+6 | |
Before, closed disallowed guest edits completely, by removing the `freely` permission. This makes it possible to explicitely bring back guest-editing, but not guest-note-creation, to closed instances. Signed-off-by: Dario Ernst <dario@kanojo.de> | |||||
2018-01-19 | Load version from package.json | Sheogorath | 1 | -1/+3 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-19 | Fix not passing app key correctly in dropbox config | Wu Cheng-Han | 3 | -3/+6 | |
2018-01-18 | Release 1.0.0-ce | Sheogorath | 1 | -1/+1 | |
2018-01-18 | Ignore empty values for revision. | Sheogorath | 1 | -2/+2 | |
Fixes #420 | |||||
2018-01-18 | Allow posting new note with content | Dustin Frisch | 3 | -1/+13 | |
Signed-off-by: Dustin Frisch <fooker@lab.sh> | |||||
2018-01-16 | Fix minor typos | Max Wu | 1 | -3/+3 | |
of wrong parameters passing order and wrong user object indexing in for each function | |||||
2017-12-22 | Update index.js | Christoph (Sheogorath) Kern | 1 | -1/+1 | |
2017-12-22 | Simplify loop | Christoph (Sheogorath) Kern | 1 | -8/+3 | |
2017-12-14 | Fix file permission, remove useless executable | Peter Dave Hello | 1 | -0/+0 | |
2017-12-09 | parse HMD_LDAP_SEARCHATTRIBUTES env var as a comma-separated array | alecdwm | 2 | -5/+12 | |
Signed-off-by: Alec WM <firstcontact@owls.io> | |||||
2017-12-09 | Add setting `ldap.usernameField` | Lukas Kalbertodt | 3 | -1/+9 | |
This determines which ldap field is used as the username on HackMD. By default, the "id" is used as username, too. The id is taken from the fields `uidNumber`, `uid` or `sAMAccountName`. To give the user more flexibility, they can now choose the field used for the username instead. | |||||
2017-12-05 | fixed sslcapath bug | LaysDragon | 2 | -2/+10 | |
2017-12-04 | added guide for SAML settings | Norihito Nakae | 3 | -3/+0 | |
2017-11-29 | added environment variables for SAML | Norihito Nakae | 1 | -1/+12 | |
2017-11-29 | fixed the SAML callback URL to unconfigurable. | Norihito Nakae | 2 | -2/+1 | |
2017-11-28 | Initial support for SAML authentication | Norihito Nakae | 7 | -0/+129 | |
2017-10-31 | Fix mattermost breaking notes | Sheogorath | 1 | -0/+1 | |
2017-10-31 | Add mattermost authentication | Christoph Witzany | 8 | -0/+75 | |
2017-10-25 | Adds 403 response if PDF export is disabled | geekyd | 1 | -1/+6 | |
2017-10-25 | Adds PDF export via config | geekyd | 4 | -4/+10 | |
2017-10-22 | Move CSP logic to new file, Fix boolean config examples | Literallie | 1 | -0/+80 | |
Not sure why I was quoting these in the first place | |||||
2017-10-22 | Change CSP config format to be more intuitive | Literallie | 2 | -9/+4 | |
2017-10-22 | CSP: Allow more content types | Literallie | 1 | -3/+7 | |
2017-10-22 | CSP: Add nonce to slide view inline JS | Literallie | 1 | -1/+2 | |
2017-10-22 | CSP: Upgrade insecure requests if possible | Literallie | 1 | -2/+3 | |
Config option; default is to only upgrade if usessl | |||||
2017-10-22 | Add basic CSP support | Literallie | 1 | -0/+10 | |
2017-10-16 | Fix #521 by converting content fields to LONGTEXT in MySQL, to prevent ↵ | Claudius Coenen | 3 | -4/+20 | |
truncation of data. | |||||
2017-10-13 | Add env vars for extra HSTS options | Literallie | 1 | -0/+3 | |