Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Remove manual allow details tag since default already allow it | Max Wu | 2018-02-26 | 1 | -3/+1 |
| | | | | Signed-off-by: Max Wu <jackymaxj@gmail.com> | ||||
* | Extend HTML5 support by whitelisting various tags | Sheogorath | 2018-02-25 | 1 | -1/+11 |
| | | | | | | | | | | | | HTML5 provides a wide feature set of useful elements. Since Markdown usually supports HTML it should be able to use these HTML5 tags as well. As they were requested by some users and they where checked for being safe, whitelisting them isn't a problem. To make the experience the same as on GitHub when it comes to the basic look and feel of the rendered markdown, some CSS was added to make the summary and the details tag look like on GitHub. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | Allow the usage of the esc-key by codemirror | Sheogorath | 2018-02-24 | 1 | -3/+3 |
| | | | | | | | | | | | | | This change allows all input modes of codemirror to use the information from an input esc-key and make this way vim and sublime more functional. To prevent this change from breaking the return from the fullscreen mode, it catches the esc-key in this case. Hopefully this is an acceptable solution. As before the vim-mode is handled different in fulltext-mode as it is esc-key heavy. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | don't require referer to find note id in socket.io connections (fixes #623) | Stefan Bühler | 2018-02-05 | 1 | -0/+3 |
| | | | | Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de> | ||||
* | Fix task todo might not toggle | Max Wu | 2018-01-24 | 1 | -2/+2 |
| | | | which caused by not matching syntax with double dashes correctly | ||||
* | Merge pull request #691 from SISheogorath/feature/upload | Christoph (Sheogorath) Kern | 2018-01-23 | 1 | -1/+3 |
|\ | | | | | Allow more detailed configuration of upload mime types | ||||
| * | Allow more detailed configuration of upload mime types | Sheogorath | 2018-01-20 | 1 | -1/+3 |
| | | | | | | | | | | | | Fixes #637 Signed-off-by: Sheogorath <sheogorath@shivering-isles.com> | ||||
* | | Merge pull request #598 from xxyy/feature/csp | Christoph (Sheogorath) Kern | 2018-01-22 | 1 | -0/+8 |
|\ \ | |/ |/| | Implement basic CSP support | ||||
| * | Revert "Load js-url lib using legacy-loader" | Literallie | 2017-11-02 | 2 | -8/+4 |
| | | | | | | | | | | | | | | | | Didn't work in Firefox for some reason. `[Script Loader] ReferenceError: module is not defined` This reverts commit 5b83deb043296c23ff912a2472703c1f7faddb4b. | ||||
| * | Fix MathJax config not being picked up | Literallie | 2017-10-22 | 1 | -1/+1 |
| | | | | | | | | thanks standard | ||||
| * | Move CSP logic to new file, Fix boolean config examples | Literallie | 2017-10-22 | 1 | -1/+0 |
| | | | | | | | | Not sure why I was quoting these in the first place | ||||
| * | Load js-url lib using legacy-loader | Literallie | 2017-10-22 | 2 | -4/+9 |
| | | | | | | | | Doesn't use eval, plus no window object access | ||||
| * | Fix MathJax CSP issues | Literallie | 2017-10-22 | 1 | -0/+8 |
| | | |||||
* | | Fix image alt not render properly | Wu Cheng-Han | 2018-01-19 | 1 | -1/+2 |
| | | |||||
* | | Fix anchor id to keep uppercase characters | Max Wu | 2018-01-16 | 1 | -1/+5 |
| | | | | | | id shouldn’t be converted to lowercase since id attribute is case sensitive | ||||
* | | :sparkles: Implemented dark theme. | Edoardo Odorico | 2018-01-05 | 3 | -1/+18 |
| | | | | | | | | Signed-off-by: Edoardo Odorico <edoubuntu@gmail.com> | ||||
* | | Fix file permission, remove useless executable | Peter Dave Hello | 2017-12-14 | 1 | -0/+0 |
| | | |||||
* | | Merge pull request #609 from monoxane/master | Christoph (Sheogorath) Kern | 2017-12-12 | 1 | -3/+3 |
|\ \ | | | | | | | Correcting grammatical errors related to the document char count tooltip | ||||
| * | | Corrected some grammatical issues | Oliver Herrmann | 2017-10-30 | 1 | -3/+3 |
| | | | | | | | | | Obviously caught up in a bad translation and didn't particularly make sense for native english speakers. | ||||
* | | | Prevent XSS vul by srcdoc in iframe | Sheogorath | 2017-11-24 | 1 | -1/+1 |
| | | | |||||
* | | | Fix mermaid error handling | Sheogorath | 2017-10-30 | 1 | -2/+7 |
| | | | |||||
* | | | Use mermaidAPI in mermaid scope | Sheogorath | 2017-10-30 | 1 | -12/+4 |
|/ / | | | | | | | | | | | | | | | Introduced by https://github.com/knsv/mermaid/commit/a5b71455271aef1180eefa1054d751dea1885e3f#diff-67ae90c5144c55348a3cbdb078240454L532 Fixes #600 Parse only throws error: https://github.com/knsv/mermaid/commit/167368d508f1e5b1606b2b45f892cdd60d479448#diff-67ae90c5144c55348a3cbdb078240454 | ||||
* | | Merge pull request #591 from Rwing/master | Sheogorath | 2017-10-23 | 1 | -0/+3 |
|\ \ | |/ |/| | support Simplified Chinese and rename original zh to Traditional Chinese | ||||
| * | support Simplified Chinese and rename original zh to Traditional Chinese | Rwing | 2017-10-23 | 1 | -0/+3 |
| | | |||||
* | | Fix markdown-it gist plugin code closing tag | Yukai Huang | 2017-10-21 | 1 | -1/+1 |
|/ | | | | fix #596 | ||||
* | Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] | Wu Cheng-Han | 2017-10-05 | 1 | -4/+9 |
| | |||||
* | Fix unescape > symbol inside the style tags to make the CSS works | Wu Cheng-Han | 2017-10-05 | 1 | -0/+4 |
| | |||||
* | Fix blockquote not parse correctly in slide mode | Wu Cheng-Han | 2017-10-05 | 2 | -3/+1 |
| | |||||
* | Fix home and end keys behavior for windows | Wu Cheng-Han | 2017-09-27 | 1 | -0/+2 |
| | |||||
* | Fix the < and > symbols are doubly escaped which affected by executing ↵ | Wu Cheng-Han | 2017-09-27 | 1 | -0/+2 |
| | | | | preventXSS twice | ||||
* | Fix slide mode contains unclosed tags might cause XSS [Security Issue] | Wu Cheng-Han | 2017-09-27 | 1 | -1/+2 |
| | |||||
* | Fix unclosed tags might cause XSS [Security Issue] | Wu Cheng-Han | 2017-09-27 | 1 | -1/+1 |
| | |||||
* | Fix slide mode might hide scrollbar on some linux | Max Wu | 2017-06-14 | 1 | -2/+2 |
| | |||||
* | Fix speaker note separator regex should only take effect on the line start | Wu Cheng-Han | 2017-06-05 | 1 | -1/+1 |
| | |||||
* | Merge branch 'master' into BackendRefactor | Max Wu | 2017-05-14 | 6 | -220/+256 |
|\ | |||||
| * | Manage syncscroll / currentMode in appState | Yukai Huang | 2017-05-07 | 4 | -48/+58 |
| | | |||||
| * | Move syncsroll under lib | Yukai Huang | 2017-05-07 | 2 | -3/+3 |
| | | |||||
| * | Remove CodeMirror-other-cursors dom creation | Yukai Huang | 2017-05-07 | 1 | -3/+0 |
| | | | | | | | | Since it’s done via hackmdio/CodeMirror#1 | ||||
| * | Change more global var to global | Yukai Huang | 2017-05-07 | 1 | -87/+87 |
| | | |||||
| * | Extract modeType | Yukai Huang | 2017-05-07 | 3 | -13/+15 |
| | | |||||
| * | Change some global variables to local | Yukai Huang | 2017-05-07 | 1 | -31/+31 |
| | | |||||
| * | Fix indentation | Yukai Huang | 2017-05-07 | 1 | -6/+6 |
| | | |||||
| * | Expose internal editor config variable | Yukai Huang | 2017-05-07 | 2 | -4/+4 |
| | | |||||
| * | Load statusbar template by string-loader | Yukai Huang | 2017-05-07 | 2 | -34/+61 |
| | | |||||
* | | style: Fixed variable already declared | BoHong Li | 2017-05-08 | 1 | -2/+2 |
|/ | |||||
* | Update to support code block syntax highlighting of gherkin | Wu Cheng-Han | 2017-05-05 | 2 | -2/+3 |
| | |||||
* | Fix link regex should filter protocol with case insensitive flag [Security ↵ | Wu Cheng-Han | 2017-04-11 | 1 | -1/+1 |
| | | | | Issue] | ||||
* | Fix indentations | Yukai Huang | 2017-03-28 | 1 | -52/+48 |
| | |||||
* | Drop global variable ui exposing | Yukai Huang | 2017-03-28 | 2 | -5/+6 |
| | |||||
* | Update to es6 module import style | Yukai Huang | 2017-03-28 | 1 | -7/+6 |
| |