summaryrefslogtreecommitdiff
path: root/public/js (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add rel="noopener" to target="_blank" linksSheogorath2018-10-041-1/+3
| | | | | | | | | | The noopener construct protects from some nasty clickjacking attacks. We can apply them savely to all our links since we don't rely on the previously used page. Some more details: https://mathiasbynens.github.io/rel-noopener/ Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Add possibility to choose between version v3 or v4 for the gitlab api.Cédric Couralet2018-07-311-6/+11
| | | | | | | | Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility) Default gitlab api version to v4 Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
* Fix some false titlesAlexander Wellbrock2018-07-081-2/+2
| | | Signed-off-by: Alexander Wellbrock <a.wellbrock@mailbox.org>
* Update storeSheogorath2018-06-301-59/+20
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Fix broken unicode urlsSheogorath2018-06-261-1/+1
| | | | | | | | | | It wasn't possible to create unicode based URLs in freeurl mode, because the noteid used for the websocket connection is double escaped. When we decode it and let socketio-client reencode it, we get the real shortid/noteid and can find the note in the database and open the connection. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #863 from hackmdio/feature/slidePrintChristoph (Sheogorath) Kern2018-06-261-0/+1
|\ | | | | Add Print icon to slide view
| * Add Print icon to slide viewSheogorath2018-06-241-0/+1
| | | | | | | | | | | | | | | | It redirects the user to the print view of the document. I claim that people should either be smart enough to use ctrl+P or ask someone who knows how to print a webpage. I don't want to babysit our users. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Final replacementsSheogorath2018-06-241-1/+1
| | | | | | | | | | | | | | Looks like I missed a few. This should be complete now. And make us ready for the repo rename and merging. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Rebrand HackMD to CodiMDSheogorath2018-06-241-2/+2
|/ | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Fix all newly introduced linting issuesSheogorath2018-06-231-10/+10
| | | | Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge branch 'pr-846'Sheogorath2018-06-234-21/+232
|\
| * Fix liniting and optimize some functionsSheogorath2018-06-233-47/+74
| | | | | | | | | | | | | | | | | | First fixed some linting issues. Also optimized some functions to be undoable with one ctrl+z. This should also speedup some operations Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
| * Add a toolbar to Codemirror editorEdgar Zanella Alvarenga2018-06-194-0/+184
| | | | | | | | Signed-off-by: Edgar Zanella Alvarenga <e@vaz.io>
* | turn concatenated string into a multi-line template stringJake Burden2018-06-221-19/+19
|/ | | | Signed-off-by: Jake Burden <jake@doge.haus>
* Add delete user UISheogorath2018-05-251-8/+12
| | | | | | | | | | This provides the UI for the delete user feature introduced in 4229084c6211db3d22cd9abec99b957725650b9e Placing of the user delete button is not perfect, but can be moved to an own user tab later on. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Removing google drive integrationSheogorath2018-05-166-495/+0
| | | | | | | | | | | | | | | It's sad but it's not working. For multiple releases this should be already broken which shows how often it's used. As there is also a security issue related to that, it's better to remove the feature completely. Whoever wants to rewrite it, feel free to go. This commit removes the Google Drive integration from HackMD's Frontend editor and this way removes the need to provide any API key and Client ID in the frontend. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Fix night mode button after restoreSheogorath2018-03-251-0/+1
| | | | | | | | | | | The night mode toggle doesn't get the right state after restore from local storage. This results in the need to toggle twice to disable night mode. This patch adds the needed class so the toggleNightMode function gets the right state on execution. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Persist nightmode so we can re-enable itSheogorath2018-03-231-3/+18
| | | | | | | | | Right now the night mode is possible to set by a toggle in the menu bar but needs to be re-enabled on every document switch, reload, etc.. This is super annoying so we should keep this state in local storage or a cookie. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #743 from hackmdio/fix-to-use-url-safe-base64Christoph (Sheogorath) Kern2018-03-182-0/+47
|\ | | | | Fix to use url-safe base64 in note url
| * Fix typoMax Wu2018-03-111-1/+1
| | | | | | | | Signed-off-by: Max Wu <jackymaxj@gmail.com>
| * Update to show log on migrate LZString type note url in historyMax Wu2018-03-111-1/+1
| | | | | | | | Signed-off-by: Max Wu <jackymaxj@gmail.com>
| * Update to migrate note url in the history of browser storage and cookieMax Wu2018-03-032-0/+47
| | | | | | | | Signed-off-by: Max Wu <jackymaxj@gmail.com>
* | Update to allow rp tag for rubyMax Wu2018-02-261-0/+2
| | | | | | | | Signed-off-by: Max Wu <jackymaxj@gmail.com>
* | Remove manual allow details tag since default already allow itMax Wu2018-02-261-3/+1
|/ | | | Signed-off-by: Max Wu <jackymaxj@gmail.com>
* Extend HTML5 support by whitelisting various tagsSheogorath2018-02-251-1/+11
| | | | | | | | | | | | HTML5 provides a wide feature set of useful elements. Since Markdown usually supports HTML it should be able to use these HTML5 tags as well. As they were requested by some users and they where checked for being safe, whitelisting them isn't a problem. To make the experience the same as on GitHub when it comes to the basic look and feel of the rendered markdown, some CSS was added to make the summary and the details tag look like on GitHub. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Allow the usage of the esc-key by codemirrorSheogorath2018-02-241-3/+3
| | | | | | | | | | | | | This change allows all input modes of codemirror to use the information from an input esc-key and make this way vim and sublime more functional. To prevent this change from breaking the return from the fullscreen mode, it catches the esc-key in this case. Hopefully this is an acceptable solution. As before the vim-mode is handled different in fulltext-mode as it is esc-key heavy. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* don't require referer to find note id in socket.io connections (fixes #623)Stefan Bühler2018-02-051-0/+3
| | | | Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de>
* Fix task todo might not toggleMax Wu2018-01-241-2/+2
| | | which caused by not matching syntax with double dashes correctly
* Merge pull request #691 from SISheogorath/feature/uploadChristoph (Sheogorath) Kern2018-01-231-1/+3
|\ | | | | Allow more detailed configuration of upload mime types
| * Allow more detailed configuration of upload mime typesSheogorath2018-01-201-1/+3
| | | | | | | | | | | | Fixes #637 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #598 from xxyy/feature/cspChristoph (Sheogorath) Kern2018-01-221-0/+8
|\ \ | |/ |/| Implement basic CSP support
| * Revert "Load js-url lib using legacy-loader"Literallie2017-11-022-8/+4
| | | | | | | | | | | | | | | | Didn't work in Firefox for some reason. `[Script Loader] ReferenceError: module is not defined` This reverts commit 5b83deb043296c23ff912a2472703c1f7faddb4b.
| * Fix MathJax config not being picked upLiterallie2017-10-221-1/+1
| | | | | | | | thanks standard
| * Move CSP logic to new file, Fix boolean config examplesLiterallie2017-10-221-1/+0
| | | | | | | | Not sure why I was quoting these in the first place
| * Load js-url lib using legacy-loaderLiterallie2017-10-222-4/+9
| | | | | | | | Doesn't use eval, plus no window object access
| * Fix MathJax CSP issuesLiterallie2017-10-221-0/+8
| |
* | Fix image alt not render properlyWu Cheng-Han2018-01-191-1/+2
| |
* | Fix anchor id to keep uppercase charactersMax Wu2018-01-161-1/+5
| | | | | | id shouldn’t be converted to lowercase since id attribute is case sensitive
* | :sparkles: Implemented dark theme.Edoardo Odorico2018-01-053-1/+18
| | | | | | | | Signed-off-by: Edoardo Odorico <edoubuntu@gmail.com>
* | Fix file permission, remove useless executablePeter Dave Hello2017-12-141-0/+0
| |
* | Merge pull request #609 from monoxane/masterChristoph (Sheogorath) Kern2017-12-121-3/+3
|\ \ | | | | | | Correcting grammatical errors related to the document char count tooltip
| * | Corrected some grammatical issuesOliver Herrmann2017-10-301-3/+3
| | | | | | | | | Obviously caught up in a bad translation and didn't particularly make sense for native english speakers.
* | | Prevent XSS vul by srcdoc in iframeSheogorath2017-11-241-1/+1
| | |
* | | Fix mermaid error handlingSheogorath2017-10-301-2/+7
| | |
* | | Use mermaidAPI in mermaid scopeSheogorath2017-10-301-12/+4
|/ / | | | | | | | | | | | | | | Introduced by https://github.com/knsv/mermaid/commit/a5b71455271aef1180eefa1054d751dea1885e3f#diff-67ae90c5144c55348a3cbdb078240454L532 Fixes #600 Parse only throws error: https://github.com/knsv/mermaid/commit/167368d508f1e5b1606b2b45f892cdd60d479448#diff-67ae90c5144c55348a3cbdb078240454
* | Merge pull request #591 from Rwing/masterSheogorath2017-10-231-0/+3
|\ \ | |/ |/| support Simplified Chinese and rename original zh to Traditional Chinese
| * support Simplified Chinese and rename original zh to Traditional ChineseRwing2017-10-231-0/+3
| |
* | Fix markdown-it gist plugin code closing tagYukai Huang2017-10-211-1/+1
|/ | | | fix #596
* Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue]Wu Cheng-Han2017-10-051-4/+9
|
* Fix unescape > symbol inside the style tags to make the CSS worksWu Cheng-Han2017-10-051-0/+4
|