summaryrefslogtreecommitdiff
path: root/lib (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Disallow creation of robots.txt in freeurlDaan Sprenkels2018-11-173-1/+3
| | | | | | | | | | | Add a configuration setting to "hard"-disable creation of notes as set by the configuration value. This defaults to `['robots.txt', 'favicon.ico']`, because these files are often accidentally created by bots and browsers. This commit fixes #1052. Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
* Merge pull request #1027 from asg017/masterChristoph (Sheogorath) Kern2018-11-121-0/+3
|\ | | | | Add download action to published notes
| * forgot break statementAlex Garcia2018-10-271-0/+1
| | | | | | | | Signed-off-by: Alex Garcia <alexsebastian.garcia@gmail.com>
| * Add download action to published notesAlex Garcia2018-10-271-0/+2
| | | | | | | | Signed-off-by: Alex Garcia <alexsebastian.garcia@gmail.com>
* | Merge pull request #1051 from SISheogorath/feature/fullversionChristoph (Sheogorath) Kern2018-11-121-1/+1
|\ \ | | | | | | Fix wrong reading from commit
| * | Fix wrong reading from commitSheogorath2018-11-121-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Right now we use a substr after reading the commit. That's definitely wrong and leads to wrong commit hashes since the first 5 chars are missing. This patch removes the substr usage here and this way fixes the generated links. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | | Merge pull request #961 from SISheogorath/feature/osTEMPChristoph (Sheogorath) Kern2018-11-111-1/+3
|\ \ \ | |/ / |/| | Use OS based tmp dir
| * | Use OS based tmp dirSheogorath2018-10-311-1/+3
| |/ | | | | | | | | | | | | | | | | | | We should use the official OS temp directory instead of an own one, to not run into conflicts. Also various dependencies already use the OS temp directory, which makes it pointless to use a different for our internal purposes then. This commit provides the changes needed to use the OS tmp directory by default. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Add full version stringSheogorath2018-11-115-4/+45
| | | | | | | | | | | | | | | | | | | | | | | | Currently we only provide the version from `package.json`. This means that during updates of instances, e.g. the demo instance, which runs latest master instead of a stable release, changes are not reflected to the webclient. This patch adds a fullversion string that contains the current commit and this way makes that clients are notified about changes. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Fix menu for github and dropboxCédric Couralet2018-11-071-0/+2
| | | | | | | | Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
* | removing global site layout vars from individual routers, putting them into ↵Claudius2018-11-031-50/+2
|/ | | | | | app.local Signed-off-by: Claudius <opensource@amenthes.de>
* Merge pull request #985 from SISheogorath/fix/helmetCSPChristoph (Sheogorath) Kern2018-10-111-1/+1
|\ | | | | Add `data:` URL to CSP and upgrade helmet
| * Add `data:` URL to CSP and upgrade helmetSheogorath2018-10-041-1/+1
| | | | | | | | | | | | | | | | | | Seems like the old version of helmet had a problem with `data:`. This patch upgrades to the latest version and adds the CSP rule to allow Google Fonts and the offline version of it, to properly include the fonts and no longer throw ugly error messages at us. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #990 from SISheogorath/fix/oauthProviderNameChristoph (Sheogorath) Kern2018-10-092-0/+2
|\ \ | | | | | | Make oauth2 provider name accessible
| * | Make oauth2 provider name accessibleSheogorath2018-10-042-0/+2
| |/ | | | | | | | | | | | | | | | | Right now the feature exists but is almost not usable since the only way to configure it is to know that it exists from reading the source code and add it to config.json. This patch provides all needed changes so it can be used by everyone including documentation. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Fix #1001: get only project user is member of (and return max of results)Cédric Couralet2018-10-091-1/+1
| | | | | | | | Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
* | Add OpenID to CodiMDSheogorath2018-10-056-3/+70
| | | | | | | | | | | | | | | | With OpenID every OpenID capable provider can provide authentication for users of a CodiMD instance. This means we have federated authentication. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #940 from WilliButz/fix-configurable-pathsChristoph (Sheogorath) Kern2018-10-056-31/+23
|\ \ | |/ |/| enhance configurabiltiy of paths & make execution path-independent
| * removing superfluous config parameters for template filesClaudius2018-09-264-21/+10
| | | | | | | | Signed-off-by: Claudius <opensource@amenthes.de>
| * imageRouter/filesystem: make callback path-independentWilliButz2018-09-261-1/+2
| | | | | | | | | | | | | | Images are now properly served when `config.uploadsPath` differs from its default value. Signed-off-by: WilliButz <wbutz@cyberfnord.de>
| * lib/config: use `path.resolve` instead of `path.join`WilliButz2018-09-261-14/+14
| | | | | | | | | | | | | | | | | | | | | | While paths like `tmpPath` could previously be configured, they were all interpreted relative to `appRootPath` because of `path.join`. Now the configurable paths can be canonical and therefore independent of the `appRootPath`. Signed-off-by: WilliButz <wbutz@cyberfnord.de>
| * lib/config: add environment variable to set config fileWilliButz2018-09-261-1/+2
| | | | | | | | | | | | | | | | | | | | Previously it was assumed that `config.json` would be placed in the same directory as the rest of CodiMD without any optional override. This allows to override the path to the `config.json` by setting `CMD_CONFIG_FILE` to the canonical path of the desired config file. Signed-off-by: WilliButz <wbutz@cyberfnord.de>
| * lib/models/revision.js: make independent of exec-pathWilliButz2018-09-261-1/+2
| | | | | | | | | | | | | | | | | | | | | | Previously calling `app.js` from another directory than the base directory of CodiMD would result in an error being thrown because `lib/workers/dmpWorker.js` could not be found. This change makes the function call independent of the path CodiMD is started from. Signed-off-by: WilliButz <wbutz@cyberfnord.de>
* | Fix little bug in length limitSheogorath2018-09-281-1/+1
| | | | | | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #971 from SISheogorath/fix/gitlabWarningChristoph (Sheogorath) Kern2018-09-271-1/+2
|\ \ | | | | | | Set default to `v4`
| * | Set default to `v4`Sheogorath2018-09-271-1/+2
| |/ | | | | | | | | | | | | Seems like we didn't fix the problem with the last patch. This should finally fix it. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* / Fix document length limit on postSheogorath2018-09-261-1/+9
|/ | | | | | | | | We recently introduced a new way to create notes using a post requeest to the `/new` endpoint. This is not limited in size, other than pasting a note in the editor. This patch should enforce this limit also on this way. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Omit unneeded warning if no gitlab is configuredSheogorath2018-09-251-1/+1
| | | | | | | This patch should fix the unneeded warning of the wrong API version, when gitlab isn't configured at all. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Fix server crash on PDF creationSheogorath2018-09-241-0/+4
| | | | | | | | | `markdown-pdf` seems to fail to provide the PDFs on tmpfs. This leads crashing codimd which expects the file to be there. This patch should add some proper error handling when expectation and reality don't fit together. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Extend migration error handlingSheogorath2018-09-058-9/+9
| | | | | | | | | | The current error handling seems to conflict with some sequelize versions. So we add a second version of it in our excemptions. I'm not happy about it, but when it helps to prevent further migration breaking, it's worth it. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #906 from SISheogorath/fix/letterAvatarMailChristoph (Sheogorath) Kern2018-09-051-0/+4
|\ | | | | Fix possible weird objects as email
| * Fix possible weird objects as emailSheogorath2018-07-271-0/+4
| | | | | | | | | | | | | | It seems like some providers return strange types for emails which cause problems. We default to something that is definitely a string. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | BUGFIX: wrong version check for gitlab apiAlexander Hesse2018-08-231-2/+2
| | | | | | | | Signed-off-by: Alexander Hesse <alexander.hesse@sandstorm-media.de>
* | Merge pull request #908 from micedre/gitlabV4Christoph (Sheogorath) Kern2018-07-312-2/+8
|\ \ | | | | | | Add possibility to choose between version v3 or v4 for the gitlab api.
| * | Add possibility to choose between version v3 or v4 for the gitlab api.Cédric Couralet2018-07-312-2/+8
| | | | | | | | | | | | | | | | | | | | | | | | Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility) Default gitlab api version to v4 Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
* | | Merge pull request #894 from hcaloto/fixMigrationIssuesChristoph (Sheogorath) Kern2018-07-318-2/+56
|\ \ \ | |/ / |/| | Add missing catch blocks for migration from 1.1.1 to 1.2.0
| * | Add missing catch blocks for migration from 1.1.1 to 1.2.0Hugo Caloto2018-07-318-2/+56
| | | | | | | | | | | | Signed-off-by: Hugo Caloto <hcaloto@gmail.com>
* | | Merge pull request #907 from SISheogorath/fix/historyLZStringChristoph (Sheogorath) Kern2018-07-282-2/+19
|\ \ \ | | | | | | | | Some minor improvements for LZString handling
| * | | Further improvement of error handling for LZStringSheogorath2018-07-272-2/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | This does some more in depth check on the error message and minimizes the log noise that is caused by LZString. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
| * | | Minimize number of errors in LZString parsing errors for historySheogorath2018-07-271-0/+9
| | |/ | |/| | | | | | | | | | | | | | | | | | | Right now we still see a lot of LZString parsing errors in the logs. They probably come from the user history. We should minimize the number by add the basic length check there as well. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* / | Support 'host' & 'path' config optionsMiranda Kastemaa2018-07-272-0/+3
|/ / | | | | | | Signed-off-by: Miranda Kastemaa <miranda@foldplop.com>
* / Upload images to the filesystem by default, rather than to imgurMaxence Ahlouche2018-07-091-1/+1
|/ | | | Signed-off-by: Maxence Ahlouche <maxence.ahlouche@gmail.com>
* Add script src hash for speaker note to CSP directivesMax Wu2018-07-051-1/+1
| | | | Signed-off-by: Max Wu <jackymaxj@gmail.com>
* Fixing content types in status routerSheogorath2018-07-031-2/+4
| | | | | | | | As it turns out, expressjs doesn't detect the right mimetype and it seems like I didn't bother to test this enough. So lets fix it for the next release. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update passport-ldapSheogorath2018-06-301-1/+1
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Final replacementsSheogorath2018-06-242-2/+2
| | | | | | | Looks like I missed a few. This should be complete now. And make us ready for the repo rename and merging. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Do final internal renameingSheogorath2018-06-243-6/+14
| | | | | | | | A little minor change, by moving the CodiMD version header in its own middleware. Should simplify to determine the version number of the Backend in future. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Rename HackMD view to CodiMDSheogorath2018-06-243-3/+3
| | | | | | | | Even when it looks a bit weird in first place to rename all internals step by step, it makes sense to do so, because we run into confusion afterwards. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Rename environment variables and add legacy support.Sheogorath2018-06-243-86/+216
| | | | | | | | As we are no longer HackMD the short tag `HMD` doesn't match anymore. We move it to the matching prefix `CMD` and inform our users about the change. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Rebrand HackMD to CodiMDSheogorath2018-06-241-1/+1
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>