summaryrefslogtreecommitdiff
path: root/lib (unfollow)
Commit message (Expand)AuthorFilesLines
2021-05-09Sanitize username and photo URLDavid Mehren1-2/+3
2021-05-06Automatically enable protocolUseSSL when useSSL is setDavid Mehren1-4/+11
2021-05-04Fix upgradeInsecureRequests CSP directiveDavid Mehren1-2/+2
2021-04-26Remove unneeded polyfillErik Michelson1-9/+0
2021-04-25Fix Relative Path Traversal Attack on note creationSheogorath1-3/+3
2021-04-25Add custom prometheus metricsDavid Mehren1-0/+49
2021-04-22ImageRouterImgur: Replace imgur library with note-fetch requestPhilip Molares1-6/+24
2021-03-29Remove yahoo domain from default CSP rulesErik Michelson1-1/+1
2021-03-29Add better logging messagesErik Michelson1-2/+2
2021-03-29Check for existing notes on POST and dont override themErik Michelson2-1/+17
2021-03-29ImageUpload: Fix errors with .jpeg and .svgPhilip Molares1-2/+17
2021-03-28Config: Remove image/jpgPhilip Molares1-2/+0
2021-03-12Replace request library with node-fetchErik Michelson1-47/+58
2021-02-27Run database migrations automatically on startupDavid Mehren1-0/+31
2021-02-17Add HTTP 404 error on non-existent note downloadsErik Michelson2-3/+6
2021-02-16Use new uuid exportDavid Mehren1-2/+2
2021-02-15Linter: Fix all lint errorsPhilip Molares33-425/+464
2021-02-12Switch to minio v7 APIDavid Mehren1-1/+1
2021-02-11Fix SAML auth error loggingDavid Mehren1-1/+1
2021-02-02Fix note creation in FreeURL mode not using templateErik Michelson1-3/+4
2021-01-23Don't add new config option in hackmd compatibility layerNicolas Dietrich1-1/+0
2021-01-23Keep JS and env varibale name in sync (requireFreeURLAuthentication)Nicolas Dietrich1-1/+1
2021-01-22Add config option which requires authentication in FreeURL modeNicolas Dietrich4-1/+4
2021-01-22Minor refactoring of freeURL condition checkNicolas Dietrich1-4/+6
2020-12-27Always save uploads to a tmpdir first and cleanup afterwardsDavid Mehren2-9/+24
2020-12-27Improve MIME-type checks of uploaded filesDavid Mehren1-4/+22
2020-12-27Rework error messages for image uploadsSheogorath1-4/+4
2020-12-27Fix unauthenticated file uploadsSheogorath1-0/+3
2020-12-27Fix arbitary file upload for uploadimage API endpointSheogorath1-2/+8
2020-12-02Add missing catchTilman Vatteroth1-1/+2
2020-12-02Catch more errorsTilman Vatteroth9-10/+31
2020-11-30[Migrations] Replace similar codeTilman Vatteroth1-2/+1
2020-11-30[Migrations] Add variant of error message to catch blockTilman Vatteroth1-1/+4
2020-11-30Fix crash when OAuth2 config parameters are missingDavid Mehren1-12/+19
2020-11-27Replace mentions of `config.js` with `config.json`David Mehren1-3/+3
2020-11-26Remove pdf export codeTilman Vatteroth7-54/+2
2020-11-25Add oauth2 authorizationJoachim Mathes2-2/+26
2020-11-15apply review suggestionsTilman Vatteroth1-1/+1
2020-11-14Correct repo nameTilman Vatteroth1-1/+1
2020-11-14Replace CodiMD with HedgeDocErik Michelson6-6/+6
2020-11-12Makes the mime also work with upper case extensionpierreozoux1-1/+1
2020-11-11Save note title to database when creating a noteDavid Mehren1-1/+2
2020-10-22Generic OAuth2: Set state: trueDexter Chua1-1/+2
2020-09-08Update documentation and messages to new default valueErik Michelson1-1/+1
2020-08-27Changed default policy from 'strict' to 'lax' due to the reasons mentioned in...Erik Michelson2-2/+2
2020-08-27Add config option for cookie SameSite policyErik Michelson4-1/+9
2020-08-23Add missing unsafe-inline CSP directiveErik Michelson1-1/+1
2020-08-23Add dropbox CSP directive if configured and make button clickableErik Michelson1-0/+5
2020-07-11saml: make logger print actual error messageSimeon Keske1-2/+2
2020-07-11add error handling to saml-certsSimeon Keske1-2/+15