summaryrefslogtreecommitdiff
path: root/lib (follow)
Commit message (Expand)AuthorAgeFilesLines
* Sanitize username and photo URLDavid Mehren2021-05-091-2/+3
* Automatically enable protocolUseSSL when useSSL is setDavid Mehren2021-05-061-4/+11
* Fix upgradeInsecureRequests CSP directiveDavid Mehren2021-05-041-2/+2
* Remove unneeded polyfillErik Michelson2021-04-261-9/+0
* Merge pull request from GHSA-p528-555r-pf87David Mehren2021-04-251-3/+3
|\
| * Fix Relative Path Traversal Attack on note creationSheogorath2021-04-251-3/+3
* | Add custom prometheus metricsDavid Mehren2021-04-251-0/+49
* | ImageRouterImgur: Replace imgur library with note-fetch requestPhilip Molares2021-04-221-6/+24
* | Remove yahoo domain from default CSP rulesErik Michelson2021-03-291-1/+1
* | Merge pull request #1079 from hedgedoc/fix/mimeTypesYannick Bungers2021-03-292-4/+17
|\ \
| * | ImageUpload: Fix errors with .jpeg and .svgPhilip Molares2021-03-291-2/+17
| * | Config: Remove image/jpgPhilip Molares2021-03-281-2/+0
| |/
* | Add better logging messagesErik Michelson2021-03-291-2/+2
* | Check for existing notes on POST and dont override themErik Michelson2021-03-292-1/+17
|/
* Replace request library with node-fetchErik Michelson2021-03-121-47/+58
* Run database migrations automatically on startupDavid Mehren2021-02-271-0/+31
* Merge pull request #889 from hedgedoc/renovate/master-uuid-8.xDavid Mehren2021-02-251-2/+2
|\
| * Use new uuid exportDavid Mehren2021-02-161-2/+2
* | Add HTTP 404 error on non-existent note downloadsErik Michelson2021-02-172-3/+6
|/
* Linter: Fix all lint errorsPhilip Molares2021-02-1533-425/+464
* Switch to minio v7 APIDavid Mehren2021-02-121-1/+1
* Fix SAML auth error loggingDavid Mehren2021-02-111-1/+1
* Fix note creation in FreeURL mode not using templateErik Michelson2021-02-021-3/+4
* Don't add new config option in hackmd compatibility layerNicolas Dietrich2021-01-231-1/+0
* Keep JS and env varibale name in sync (requireFreeURLAuthentication)Nicolas Dietrich2021-01-231-1/+1
* Add config option which requires authentication in FreeURL modeNicolas Dietrich2021-01-224-1/+4
* Minor refactoring of freeURL condition checkNicolas Dietrich2021-01-221-4/+6
* Always save uploads to a tmpdir first and cleanup afterwardsDavid Mehren2020-12-272-9/+24
* Improve MIME-type checks of uploaded filesDavid Mehren2020-12-271-4/+22
* Rework error messages for image uploadsSheogorath2020-12-271-4/+4
* Fix unauthenticated file uploadsSheogorath2020-12-271-0/+3
* Fix arbitary file upload for uploadimage API endpointSheogorath2020-12-271-2/+8
* Merge pull request #609 from hedgedoc/fix/oauth2-authDavid Mehren2020-12-021-12/+19
|\
| * Fix crash when OAuth2 config parameters are missingDavid Mehren2020-11-301-12/+19
* | Add missing catchTilman Vatteroth2020-12-021-1/+2
* | Catch more errorsTilman Vatteroth2020-12-029-10/+31
* | [Migrations] Replace similar codeTilman Vatteroth2020-11-301-2/+1
* | [Migrations] Add variant of error message to catch blockTilman Vatteroth2020-11-301-1/+4
|/
* Merge pull request #597 from hedgedoc/fix/install-docsDavid Mehren2020-11-291-3/+3
|\
| * Replace mentions of `config.js` with `config.json`David Mehren2020-11-271-3/+3
* | Merge pull request #596 from hedgedoc/remove-pdf-export-codeDavid Mehren2020-11-277-54/+2
|\ \
| * | Remove pdf export codeTilman Vatteroth2020-11-267-54/+2
| |/
* / Add oauth2 authorizationJoachim Mathes2020-11-252-2/+26
|/
* apply review suggestionsTilman Vatteroth2020-11-151-1/+1
* Correct repo nameTilman Vatteroth2020-11-141-1/+1
* Replace CodiMD with HedgeDocErik Michelson2020-11-146-6/+6
* Merge pull request #509 from pierreozoux/quick-fixDavid Mehren2020-11-131-1/+1
|\
| * Makes the mime also work with upper case extensionpierreozoux2020-11-121-1/+1
* | Save note title to database when creating a noteDavid Mehren2020-11-111-1/+2
* | Generic OAuth2: Set state: trueDexter Chua2020-10-221-1/+2