Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Add config option for report URI in CSP | Sheogorath | 2018-03-14 | 3 | -2/+11 |
| | | | | | | | | This option is needed as it's currently not possible to add an report URI by the directives array. This option also allows to get CSP reports not only on docker based setup but also on our heroku instances. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Remove unused LDAP option `tokenSecret` | Felix Schäfer | 2018-03-05 | 2 | -2/+0 |
| | | | | | | hackmdio/hackmd#754 Signed-off-by: Felix Schäfer <felix@thegcat.net> | ||||
* | Introduce ldap.useridField | Dustin Frisch | 2018-03-01 | 3 | -1/+6 |
| | | | | Signed-off-by: Dustin Frisch <fooker@lab.sh> | ||||
* | Fix to show 500 message when got error in parseNoteId | Max Wu | 2018-02-17 | 1 | -1/+2 |
| | | | | Signed-off-by: Max Wu <jackymaxj@gmail.com> | ||||
* | Fix field type to prevent data truncation of authorship (#721) | Max Wu | 2018-02-09 | 3 | -2/+15 |
| | | | | * Fix field type to prevent data truncation of authorship | ||||
* | Fix typo of DB migration script | Takeaki Matsumoto | 2018-02-08 | 1 | -2/+2 |
| | | | | Signed-off-by: Takeaki Matsumoto <takeaki.matsumoto@ntt.com> | ||||
* | don't require referer to find note id in socket.io connections (fixes #623) | Stefan Bühler | 2018-02-05 | 1 | -6/+14 |
| | | | | Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de> | ||||
* | Fix uncaught exception for non-existent user | Sheogorath | 2018-01-30 | 1 | -0/+5 |
| | | | | | | | Since we added user management it's possible to get non-existent users which can cause a crash of the Backend server. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Merge pull request #704 from SISheogorath/fix/ldapProviderName | Christoph (Sheogorath) Kern | 2018-01-29 | 1 | -0/+2 |
|\ | | | | | Fix ldap provider name in template | ||||
| * | Fix ldap provider name in template | Sheogorath | 2018-01-26 | 1 | -0/+2 |
| | | | | | | | | | | | | | | | | Before this fix it's impossible to set the provider name in the sign-model since `ldap` is a boolean there and this way not able to have an attribute like `ldap.providerName`. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | | Remove camel case from `imageuploadtype` in config | Sheogorath | 2018-01-27 | 4 | -6/+14 |
|/ | | | | | | | | | | | | | This removes the only camel cased option of the config options **we** added to the config.json. In auth provider's config parts are a lot of camel cased options provided. We shouldn't touch them to keep them as similar as possible to the examples. Fixes #315 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Merge pull request #691 from SISheogorath/feature/upload | Christoph (Sheogorath) Kern | 2018-01-23 | 1 | -0/+20 |
|\ | | | | | Allow more detailed configuration of upload mime types | ||||
| * | Allow more detailed configuration of upload mime types | Sheogorath | 2018-01-20 | 1 | -0/+20 |
| | | | | | | | | | | | | Fixes #637 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | | Fix broken port config | Sheogorath | 2018-01-23 | 1 | -1/+1 |
| | | | | | | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | | Merge pull request #506 from erasys/minio | Christoph (Sheogorath) Kern | 2018-01-23 | 3 | -0/+48 |
|\ \ | | | | | | | Add support for minio | ||||
| * | | Add support for minio | Marc Deop | 2017-08-30 | 3 | -0/+48 |
| | | | |||||
* | | | Merge pull request #598 from xxyy/feature/csp | Christoph (Sheogorath) Kern | 2018-01-22 | 4 | -1/+92 |
|\ \ \ | | | | | | | | | Implement basic CSP support | ||||
| * | | | Move CSP logic to new file, Fix boolean config examples | Literallie | 2017-10-22 | 1 | -0/+80 |
| | | | | | | | | | | | | | | | | Not sure why I was quoting these in the first place | ||||
| * | | | Change CSP config format to be more intuitive | Literallie | 2017-10-22 | 2 | -9/+4 |
| | | | | |||||
| * | | | CSP: Allow more content types | Literallie | 2017-10-22 | 1 | -3/+7 |
| | | | | |||||
| * | | | CSP: Add nonce to slide view inline JS | Literallie | 2017-10-22 | 1 | -1/+2 |
| | | | | |||||
| * | | | CSP: Upgrade insecure requests if possible | Literallie | 2017-10-22 | 1 | -2/+3 |
| | | | | | | | | | | | | | | | | Config option; default is to only upgrade if usessl | ||||
| * | | | Add basic CSP support | Literallie | 2017-10-22 | 1 | -0/+10 |
| | | | | |||||
* | | | | Merge pull request #673 from fooker/master | Christoph (Sheogorath) Kern | 2018-01-20 | 3 | -1/+13 |
|\ \ \ \ | | | | | | | | | | | Allow posting new note with content | ||||
| * | | | | Allow posting new note with content | Dustin Frisch | 2018-01-18 | 3 | -1/+13 |
| | | | | | | | | | | | | | | | | | | | | Signed-off-by: Dustin Frisch <fooker@lab.sh> | ||||
* | | | | | Add option to enable `freely` permission in closed instance | Dario Ernst | 2018-01-20 | 5 | -2/+6 |
| |_|_|/ |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | Before, closed disallowed guest edits completely, by removing the `freely` permission. This makes it possible to explicitely bring back guest-editing, but not guest-note-creation, to closed instances. Signed-off-by: Dario Ernst <dario@kanojo.de> | ||||
* | | | | Merge pull request #686 from SISheogorath/feature/configVersion | Christoph (Sheogorath) Kern | 2018-01-19 | 1 | -1/+3 |
|\ \ \ \ | | | | | | | | | | | Load version from package.json | ||||
| * | | | | Load version from package.json | Sheogorath | 2018-01-19 | 1 | -1/+3 |
| | | | | | | | | | | | | | | | | | | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | | | | | Fix not passing app key correctly in dropbox config | Wu Cheng-Han | 2018-01-19 | 3 | -3/+6 |
|/ / / / | |||||
* | | | | Release 1.0.0-ce | Sheogorath | 2018-01-18 | 1 | -1/+1 |
| | | | | |||||
* | | | | Ignore empty values for revision. | Sheogorath | 2018-01-18 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | Fixes #420 | ||||
* | | | | Merge pull request #636 from laysdra7265/fix/sslcapath | Christoph (Sheogorath) Kern | 2018-01-18 | 2 | -2/+5 |
|\ \ \ \ | | | | | | | | | | | Fix sslcapath bug | ||||
| * | | | | Update index.js | Christoph (Sheogorath) Kern | 2017-12-22 | 1 | -1/+1 |
| | | | | | |||||
| * | | | | Simplify loop | Christoph (Sheogorath) Kern | 2017-12-22 | 1 | -8/+3 |
| | | | | | |||||
| * | | | | fixed sslcapath bug | LaysDragon | 2017-12-05 | 2 | -2/+10 |
| | | | | | |||||
* | | | | | Merge pull request #567 from ccoenen/fix-mysql-text-length | Christoph (Sheogorath) Kern | 2018-01-18 | 3 | -4/+20 |
|\ \ \ \ \ | | | | | | | | | | | | | converting all content fields to MEDIUMTEXT (affects MySQL only) | ||||
| * | | | | | Fix #521 by converting content fields to LONGTEXT in MySQL, to prevent ↵ | Claudius Coenen | 2017-10-16 | 3 | -4/+20 |
| | |_|/ / | |/| | | | | | | | | | | | | | truncation of data. | ||||
* | | | | | Fix minor typos | Max Wu | 2018-01-16 | 1 | -3/+3 |
| |_|/ / |/| | | | | | | | of wrong parameters passing order and wrong user object indexing in for each function | ||||
* | | | | Fix file permission, remove useless executable | Peter Dave Hello | 2017-12-14 | 1 | -0/+0 |
| | | | | |||||
* | | | | Merge branch 'master' into ldap-username-field | Christoph (Sheogorath) Kern | 2017-12-12 | 2 | -5/+12 |
|\ \ \ \ | |||||
| * | | | | parse HMD_LDAP_SEARCHATTRIBUTES env var as a comma-separated array | alecdwm | 2017-12-09 | 2 | -5/+12 |
| | | | | | | | | | | | | | | | | | | | | Signed-off-by: Alec WM <firstcontact@owls.io> | ||||
* | | | | | Add setting `ldap.usernameField` | Lukas Kalbertodt | 2017-12-09 | 3 | -1/+9 |
|/ / / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This determines which ldap field is used as the username on HackMD. By default, the "id" is used as username, too. The id is taken from the fields `uidNumber`, `uid` or `sAMAccountName`. To give the user more flexibility, they can now choose the field used for the username instead. | ||||
* | | | | added guide for SAML settings | Norihito Nakae | 2017-12-04 | 3 | -3/+0 |
| | | | | |||||
* | | | | added environment variables for SAML | Norihito Nakae | 2017-11-29 | 1 | -1/+12 |
| | | | | |||||
* | | | | fixed the SAML callback URL to unconfigurable. | Norihito Nakae | 2017-11-29 | 2 | -2/+1 |
| | | | | |||||
* | | | | Initial support for SAML authentication | Norihito Nakae | 2017-11-28 | 7 | -0/+129 |
| |/ / |/| | | |||||
* | | | Fix mattermost breaking notes | Sheogorath | 2017-10-31 | 1 | -0/+1 |
| | | | |||||
* | | | Add mattermost authentication | Christoph Witzany | 2017-10-31 | 8 | -0/+75 |
| | | | |||||
* | | | Merge pull request #562 from SISheogorath/fix/LDAP | Sheogorath | 2017-10-27 | 1 | -2/+3 |
|\ \ \ | | | | | | | | | Fix LDAP problem about missing uidNumber | ||||
| * | | | Fix LDAP problem about missing uidNumber | Sheogorath | 2017-10-12 | 1 | -2/+3 |
| | |/ | |/| | | | | | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> |