Commit message (Collapse) | Author | Files | Lines | ||
---|---|---|---|---|---|
2018-03-11 | Fix to log instead of throwing error on parse note id | Max Wu | 1 | -2/+4 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-03-10 | Fix parseNoteId order to fix some edge case | Max Wu | 1 | -7/+7 | |
that LZString note url could be parsed by base64url note url and thus return wrong note id Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-03-10 | Improve history migration performance | Max Wu | 1 | -11/+5 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-27 | Update to use buffer in encode/decode note id | Max Wu | 1 | -2/+4 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-26 | Add migration for LZString compressed note id in history | Max Wu | 1 | -1/+21 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-26 | Remove and replace all note id compression in LZString with base64url | Max Wu | 3 | -8/+33 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-17 | Fix to show 500 message when got error in parseNoteId | Max Wu | 1 | -1/+2 | |
Signed-off-by: Max Wu <jackymaxj@gmail.com> | |||||
2018-02-09 | Fix field type to prevent data truncation of authorship (#721) | Max Wu | 3 | -2/+15 | |
* Fix field type to prevent data truncation of authorship | |||||
2018-02-08 | Fix typo of DB migration script | Takeaki Matsumoto | 1 | -2/+2 | |
Signed-off-by: Takeaki Matsumoto <takeaki.matsumoto@ntt.com> | |||||
2018-02-05 | don't require referer to find note id in socket.io connections (fixes #623) | Stefan Bühler | 1 | -6/+14 | |
Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de> | |||||
2018-01-30 | Fix uncaught exception for non-existent user | Sheogorath | 1 | -0/+5 | |
Since we added user management it's possible to get non-existent users which can cause a crash of the Backend server. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-27 | Remove camel case from `imageuploadtype` in config | Sheogorath | 4 | -6/+14 | |
This removes the only camel cased option of the config options **we** added to the config.json. In auth provider's config parts are a lot of camel cased options provided. We shouldn't touch them to keep them as similar as possible to the examples. Fixes #315 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-26 | Fix ldap provider name in template | Sheogorath | 1 | -0/+2 | |
Before this fix it's impossible to set the provider name in the sign-model since `ldap` is a boolean there and this way not able to have an attribute like `ldap.providerName`. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-23 | Fix broken port config | Sheogorath | 1 | -1/+1 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-20 | Allow more detailed configuration of upload mime types | Sheogorath | 1 | -0/+20 | |
Fixes #637 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-20 | Add option to enable `freely` permission in closed instance | Dario Ernst | 5 | -2/+6 | |
Before, closed disallowed guest edits completely, by removing the `freely` permission. This makes it possible to explicitely bring back guest-editing, but not guest-note-creation, to closed instances. Signed-off-by: Dario Ernst <dario@kanojo.de> | |||||
2018-01-19 | Load version from package.json | Sheogorath | 1 | -1/+3 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2018-01-19 | Fix not passing app key correctly in dropbox config | Wu Cheng-Han | 3 | -3/+6 | |
2018-01-18 | Release 1.0.0-ce | Sheogorath | 1 | -1/+1 | |
2018-01-18 | Ignore empty values for revision. | Sheogorath | 1 | -2/+2 | |
Fixes #420 | |||||
2018-01-18 | Allow posting new note with content | Dustin Frisch | 3 | -1/+13 | |
Signed-off-by: Dustin Frisch <fooker@lab.sh> | |||||
2018-01-16 | Fix minor typos | Max Wu | 1 | -3/+3 | |
of wrong parameters passing order and wrong user object indexing in for each function | |||||
2017-12-22 | Update index.js | Christoph (Sheogorath) Kern | 1 | -1/+1 | |
2017-12-22 | Simplify loop | Christoph (Sheogorath) Kern | 1 | -8/+3 | |
2017-12-14 | Fix file permission, remove useless executable | Peter Dave Hello | 1 | -0/+0 | |
2017-12-09 | parse HMD_LDAP_SEARCHATTRIBUTES env var as a comma-separated array | alecdwm | 2 | -5/+12 | |
Signed-off-by: Alec WM <firstcontact@owls.io> | |||||
2017-12-09 | Add setting `ldap.usernameField` | Lukas Kalbertodt | 3 | -1/+9 | |
This determines which ldap field is used as the username on HackMD. By default, the "id" is used as username, too. The id is taken from the fields `uidNumber`, `uid` or `sAMAccountName`. To give the user more flexibility, they can now choose the field used for the username instead. | |||||
2017-12-05 | fixed sslcapath bug | LaysDragon | 2 | -2/+10 | |
2017-12-04 | added guide for SAML settings | Norihito Nakae | 3 | -3/+0 | |
2017-11-29 | added environment variables for SAML | Norihito Nakae | 1 | -1/+12 | |
2017-11-29 | fixed the SAML callback URL to unconfigurable. | Norihito Nakae | 2 | -2/+1 | |
2017-11-28 | Initial support for SAML authentication | Norihito Nakae | 7 | -0/+129 | |
2017-10-31 | Fix mattermost breaking notes | Sheogorath | 1 | -0/+1 | |
2017-10-31 | Add mattermost authentication | Christoph Witzany | 8 | -0/+75 | |
2017-10-25 | Adds 403 response if PDF export is disabled | geekyd | 1 | -1/+6 | |
2017-10-25 | Adds PDF export via config | geekyd | 4 | -4/+10 | |
2017-10-22 | Move CSP logic to new file, Fix boolean config examples | Literallie | 1 | -0/+80 | |
Not sure why I was quoting these in the first place | |||||
2017-10-22 | Change CSP config format to be more intuitive | Literallie | 2 | -9/+4 | |
2017-10-22 | CSP: Allow more content types | Literallie | 1 | -3/+7 | |
2017-10-22 | CSP: Add nonce to slide view inline JS | Literallie | 1 | -1/+2 | |
2017-10-22 | CSP: Upgrade insecure requests if possible | Literallie | 1 | -2/+3 | |
Config option; default is to only upgrade if usessl | |||||
2017-10-22 | Add basic CSP support | Literallie | 1 | -0/+10 | |
2017-10-16 | Fix #521 by converting content fields to LONGTEXT in MySQL, to prevent ↵ | Claudius Coenen | 3 | -4/+20 | |
truncation of data. | |||||
2017-10-13 | Add env vars for extra HSTS options | Literallie | 1 | -0/+3 | |
2017-10-13 | Add on/off env var for HSTS | Literallie | 1 | -0/+3 | |
2017-10-13 | Make HSTS behaviour configurable; Fixes #584 | Literallie | 1 | -0/+6 | |
2017-10-12 | Fix LDAP problem about missing uidNumber | Sheogorath | 1 | -2/+3 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2017-10-11 | Fix missing boolean setting for HMD_URL_ADDPORT | Sheogorath | 1 | -1/+1 | |
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | |||||
2017-10-09 | createdAt DESC with quotation marks did not work with MySQL fixes #565 | Claudius Coenen | 1 | -4/+4 | |
2017-09-22 | Fix broken profile images | Sheogorath | 1 | -2/+6 | |