summaryrefslogtreecommitdiff
path: root/public/views (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Escape custom Open Graph tagsDavid Mehren2021-05-091-1/+1
| | | | | | | | | | | | | | | | | | | HedgeDoc allows to specify custom Open Graph tags using the `opengraph` key in the YAML metadata of a note. These are rendered into the HTML delivered to clients using `ejs` and its `<%-` tag. This outputs the variable unescaped into the template and therefore allows to inject arbitrary strings, including `<script>` tags. This commit changes the template to use ejs's `<%=` tag instead, which automatically escapes the variables content, thereby mitigating the XSS vector. See also https://github.com/hedgedoc/hedgedoc/security/advisories/GHSA-gjg7-4j2h-94fq Co-authored-by: Christoph (Sheogorath) Kern <sheogorath@shivering-isles.com> Signed-off-by: David Mehren <git@herrmehren.de>
* Extract list of supported languages in separate fileErik Michelson2021-04-261-38/+1
| | | | Signed-off-by: Erik Michelson <github@erik.michelson.eu>
* Add support for freshly imported languagesDavid Mehren2021-04-261-0/+7
| | | | | | New languages: bg, fa, gl, he, hu, oc, pt-br Signed-off-by: David Mehren <git@herrmehren.de>
* Templates: Remove lang and add translation parameterPhilip Molares2021-03-165-9/+9
| | | | | | | | | | | Since the interface is not always in english, we mostly removed the lang attribute from all html tags. Since the error messages in error.ejs are not translated, but always in english, there the global lang="en" should be kept. Also in the slide and editor template the div, which contains the user generated text, has the attribute translate="no" now, to avoid unwanted translations. Since on the publish view (pretty.ejs) only the user generated content is shown, we set the lang to the language defined in yaml (or 'en') as a default, but that was also moved to the corresponding markdown div instead of html. Fixes #881 See also #437 Signed-off-by: Philip Molares <philip.molares@udo.edu>
* Switch to ejs 3 compliant importsDavid Mehren2021-02-0911-45/+45
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Merge pull request #599 from hedgedoc/fix/iconsDavid Mehren2020-11-275-11/+11
|\ | | | | Fix shortcut icon urls pointing to old (nonexistent) files
| * Fixed shortcut icon urls pointing to old (nonexistent) filesErik Michelson2020-11-275-11/+11
| | | | | | | | Signed-off-by: Erik Michelson <github@erik.michelson.eu>
* | Replace references to Matrix room with chat.hedgedoc.orgDavid Mehren2020-11-271-1/+1
| | | | | | | | Signed-off-by: David Mehren <git@herrmehren.de>
* | Remove pdf export codeTilman Vatteroth2020-11-261-8/+0
|/ | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Remove irritating footer filesTilman Vatteroth2020-11-186-15/+13
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* apply review suggestionsTilman Vatteroth2020-11-155-4/+3
|
* Correct repo nameTilman Vatteroth2020-11-142-2/+2
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Replace placeholder with actual linkTilman Vatteroth2020-11-141-1/+1
| | | | Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
* Replace CodiMD with HedgeDocErik Michelson2020-11-1413-35/+52
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Signed-off-by: Erik Michelson <github@erik.michelson.eu> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: References in public/views Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update links in README Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update links in SECURITY.md Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update links in LICENSE Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update links in docs/configuration.md Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update links in bin/setup Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: References in docs/guides Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: References in docs/dev Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: References in docs/guides/auth Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: References in docs/setup Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update various links in code to the new GitHub org. Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: codiMDVersion.js is now hedgeDocVersion.js Signed-off-by: David Mehren <git@herrmehren.de> Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: References in docs/setup/yunohost Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rebrand to HedgeDoc: Add banner and logo Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Update links in docs/guides/migrate-etherpad Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Remove note in docs/guides/auth/github Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Replace links in public/docs/features Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Add todo placeholder in docs/history Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Replace github link in public/views/index/body Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Replace github link in README Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Add logo to README Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Rename to HedgeDoc: Add note about the renaming to the front page Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de> Removed Travis from README.md and change CodiMD to HedgeDoc in some places Signed-off-by: Yannick Bungers <git@innay.de> Some more renaming to HedgeDoc - Fixed capitalization of HedgeDoc - Added renaming for etherpad migration doc Signed-off-by: Yannick Bungers <git@innay.de> Changed Repo name to hedgedoc Signed-off-by: Yannick Bungers <git@innay.de>
* Update CDN links and integrity hashes for upgraded librariesDavid Mehren2020-11-103-17/+16
| | | | Signed-off-by: David Mehren <git@herrmehren.de>
* Merge pull request #496 from codimd/fix/element-linksDavid Mehren2020-09-292-2/+2
|\
| * Change all element.io links to matrix.to linksErik Michelson2020-09-282-2/+2
| | | | | | | | Signed-off-by: Erik Michelson <github@erik.michelson.eu>
| * Update matrix chat link from riot.im to app.element.io and change room aliasErik Michelson2020-09-082-2/+2
| | | | | | | | Signed-off-by: Erik Michelson <github@erik.michelson.eu>
* | Add Malayalam translationSheogorath2020-09-091-0/+1
|/ | | | | | | | | | This patch adds the Malayalam translation to CodiMD. Do by our awesome translation supporters civic john, Sooraj Kenoth, Nithin Prabhakaran and Jothish. Thank you very much! Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Made changed/created status translatableErik Michelson2020-08-131-2/+3
| | | | | | The current version of CodiMD/HedgeDoc does only support translations to be filled on server-side rendering. To allow the translation of the changed/created texts, I duplicated the container that holds the text, and pre-filed these containers with the translation server-side. The client just needs to hide the unneeded container and show the right one to show the translated status text. Signed-off-by: Erik Michelson <github@erik.michelson.eu>
* Added dynamic lang-attr to pretty.ejsErik Michelson2020-07-031-1/+1
| | | | | | CodiMD currently only uses the 'lang' attribute in YAML-metadata of a note for setting certain js-elements of the markdown-renderer. This commit adds the chosen lang into the published version of a note. Signed-off-by: Erik Michelson <github@erik.michelson.eu>
* Fix checksums of mermaidNick Hahn2020-05-283-3/+3
| | | | Signed-off-by: Nick Hahn <nick.hahn@posteo.de>
* Update to mermaid 8.5.1Nick Hahn2020-05-273-3/+3
| | | | Signed-off-by: Nick Hahn <nick.hahn@posteo.de>
* Add translations for permissionsSheogorath2020-05-261-6/+6
| | | | | | | | | | Adding translations for permissions for a possible 1.6.1 release doesn't hurt but might helps some usecases of running CodiMD and we'll need the translations in the new frontend anyway. This patch adds the translations as well as the english local file. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Update mermaid in CDNAntoine Aflalo2020-02-103-3/+3
| | | | Signed-off-by: Antoine Aflalo <antoine@warrantymaster.com>
* Fix urlPath support, let CodiMD be served from a subpath correctlyEnrico Guiraud2019-12-206-3/+7
| | | | | | | | Webpack now uses relative paths for resources linked from by static snippets. A templated <base> tag has been introduced in headers so app.js can set the base URL at runtime. Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
* Merge pull request #191 from ErikMichelson/feature/ogmetadataSheogorath2019-10-103-0/+23
|\ | | | | Add customizable opengraph metadata for notes (see #40)
| * Fixed bugs, added default imageErik Michelson2019-10-093-6/+12
| | | | | | | | Signed-off-by: Erik Michelson <erik@liltv.de>
| * Added customizable og-metadata to notesErik Michelson2019-10-042-0/+8
| | | | | | | | Signed-off-by: Erik Michelson <erik@liltv.de>
| * Added og-metadata to index pageErik Michelson2019-10-041-0/+9
| | | | | | | | | | | | | | | | - image and URL properties are only included if the server url is set, because opengraph protocol does not support relative links Signed-off-by: Erik Michelson <erik@liltv.de>
* | Slovak localeMartin Turoci2019-10-051-0/+1
| | | | | | | | Signed-off-by: Martin Turoci <martinturoci@gmail.com>
* | Added Czech translationPetrTodorov2019-10-031-0/+1
|/ | | | Signed-off-by: PetrTodorov <info@petrtodorov.cz>
* Add link to imprintMatthias Lindinger2019-08-261-1/+1
| | | | Signed-off-by: Matthias Lindinger <m.lindinger@live.de>
* Add arabian translationSheogorath2019-08-151-0/+1
| | | | | | | Thanks to our great translators that made it to translate the major parts of CodiMD into Arabic! Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Respect DNT headerSheogorath2019-06-083-3/+3
| | | | | | | | | | | | | | | | | | | | Do Not Track (DNT) is an old web standard in order to notify pages that the user doesn't want to be tracked. Even while a lot of pages either ignore this header or even worse, use it for tracking purposes, the orignal intention of this header is good and should be adopted. This patch implements a respect of the DNT header by no longer including the optional Google Analytics and disqus integrations when sending a DNT header. This should reduce outside resource usage and help to stay more private. This should later-on extended towards other document content (i.e. iframe based content). The reason to not change the CDN handling is that CDNs will be deprecated with next release and removed in long term. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Add Discourse link to footerSheogorath2019-05-301-1/+1
| | | | | | | | As we are about to announce the community forum, we should provide a link to it in the footer. This patch adds Discouse between Riot, GitHub and Mastodon as platform to follow our progress. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Add vietnamese languageSheogorath2019-05-261-0/+1
| | | | | | | | There was some awesome work by Hồng in the recent days who translated CodiMD completely into Vietnamese language! This patch provides this awesome contributions. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* remove single quote preceding mastodon linkAmolith2019-05-201-1/+1
| | | | Signed-off-by: Amolith <amolith@nixnet.xyz>
* add mastodon link to index - complete #70Amolith2019-05-191-1/+1
| | | | Signed-off-by: Amolith <amolith@nixnet.xyz>
* fix issue 72Amolith2019-05-191-1/+1
| | | | Signed-off-by: Amolith <amolith@nixnet.xyz>
* Update jQuery to version 3.4.1Sheogorath2019-05-065-5/+5
|
* Replace js-url with wurlSheogorath2019-04-161-1/+0
| | | | | | | | js-url is outdated and wurl is it's successor. This will fix some vulnerabilities in the dependencies and also optimize the build process by removing the external library toward internal tooling. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Add community forum to help sectionSheogorath2019-04-121-2/+4
| | | | | | | | | | | We have a community forum and want to use it for users support and to bring developers and end-users together. In order to achieve this, it would be helpful to inform users about its existence. This patch adds the community forum as resource to the help section and aligns it along the Matrix channel and GitHub issue tracker. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Add missing space to footerHenrik Hüttemann2019-04-011-1/+1
| | | | Signed-off-by: Henrik "HerHde" Hüttemann <mail@herh.de>
* Merge pull request #9 from SISheogorath/feature/moveUploadChristoph (Sheogorath) Kern2019-03-311-6/+0
|\ | | | | Move upload button into toolbar
| * Move upload button into toolbarSheogorath2019-03-251-6/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | Currently we have the odd situation to have two toolbars. One inside the header and one in the editor. Since we only show the image upload button when the editor is visible we should move the upload button into the editor toolbar. This patch does this by adding the image upload button besides the image tag button. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* | Merge pull request #8 from SISheogorath/fix/languagesChristoph (Sheogorath) Kern2019-03-311-6/+6
|\ \ | | | | | | Fix capital letters in language selection
| * | Fix capital letters in language selectionSheogorath2019-03-241-6/+6
| |/ | | | | | | | | | | | | | | | | | | | | | | | | Vladan[1] gave a hint about some minor problems with the capitalization of language names. This patch should fix most of them. and removes some "language" prefix and suffixes which are not needed to make clear what people are selecting here. [1]: https://github.com/cvladan Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* / Update links to new repositoriesSheogorath2019-03-272-2/+2
|/ | | | | | | | | | | | After a long discussion, it turned out that CodiMD as community project and HackMD as a company, have fundamental different views on the project governance. Due to this, it came to point where the decision for a fork was made. After the fork and move towards an own organisation, this patch updates all links inside the project to the new repositories. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
* Merge pull request #1158 from SISheogorath/feature/serbianLanguageChristoph (Sheogorath) Kern2019-03-161-0/+1
|\ | | | | Add serbian language