Commit graph

1177 commits

Author SHA1 Message Date
David Mehren
0f7f11e4f3
Fix HTML clipboard import
jQuery's .html() method escapes contained text (e.g. '<' becomes
'&lt;'). This confuses the turndown parser, which then only performs
unescaping, but does not convert to markdown.
By using .text() instead, the unescaped content is returned and turndown
can correctly generate markdown.

Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-16 22:06:45 +01:00
Philip Molares
136d895d15 Linter: Fix all lint errors
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-02-15 12:15:14 +01:00
Yannick Bungers
b01421c470
Merge pull request #841 from hedgedoc/renovate/master-ejs-3.x 2021-02-13 20:03:45 +01:00
David Mehren
788e7d460a
Update webpack config and JS import for spin.js v4
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-12 23:47:58 +01:00
David Mehren
b468fb623b
Switch to ejs 3 compliant imports
Signed-off-by: David Mehren <git@herrmehren.de>
2021-02-09 20:27:39 +01:00
Tilman Vatteroth
9f59a73049
Fix wrong acces to slide options
If the slide options in the frontmatter are empty
or not present, then slideOptions object in the
parsed JSON is undefined. This triggers an
exception when the sanitized slide options object
is built.

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2021-02-02 13:27:37 +01:00
Erik Michelson
40d30baa03
Improved CSS in night-mode
A general invert-filter is applied to all pre elements in night mode. As diagrams are embedded inside pre tags, they're inverted as well. For sequence-diagrams and flow-charts this looks well, if we wouldn't additionally set the stroke and text color to white in night-mode. These additional white rules invert the already inverted diagram again and make it not good visible. The graphviz and abc embeddings aren't really optimized to be inverted, therefore they're now excluded from invertion and stay in day mode.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2021-01-28 12:30:47 +01:00
Tilman Vatteroth
3eb64cff55
Delete slide options that are not defined
Reveal.js doesn't set the default value of an option in the provided config object
if the key is set with "undefined" as value. This leads to a broken slide mode,
because some critical settings are missing.

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2021-01-15 21:18:23 +01:00
David Mehren
e9d4587344
Bump version to 1.7.2
Signed-off-by: David Mehren <git@herrmehren.de>
2021-01-15 20:37:30 +01:00
David Mehren
2b8aac289a
Merge pull request #727 from hedgedoc/fix/slideOptionsSanitation 2021-01-14 21:57:07 +01:00
Philip Molares
8e611e42ee added theme to the sanitization of slideOptions
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-14 16:42:53 +01:00
Philip Molares
a52982c7d2 fixed a problem that the last line of code becomes covered by status bar and can't be moved without changing the note.
Thanks to @mhdrone for reporting this and suggesting the fix

fixes #724

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-14 11:51:32 +01:00
Philip Molares
1546786c63 changed the SCRIPT_END_PLACEHOLDER regex to case insensitive
this was suggested by @TobiasHoll in https://github.com/hackmdio/codimd/issues/1648

Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-14 11:35:17 +01:00
Philip Molares
35b0d39a12 added sanitation to the slideMode in frontmatter
This should prevent the issue mentioned in https://github.com/hackmdio/codimd/issues/1648

Specifically left out are
- dependency (user can't really include anything anyway, because CSP forbids most domains)
- autoSlideMethod (nothing our users should be able to change as they won't write JS to be affected by this)
- keyboard (this let's users write arbitrary code and seems therefore to problematic)

See:
https://github.com/hakimel/reveal.js/blob/3.9.2/README.md#configuration
Signed-off-by: Philip Molares <philip.molares@udo.edu>
2021-01-14 11:18:09 +01:00
David Mehren
5b3d62e494
Fix typo in release notes
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 21:21:12 +01:00
David Mehren
7d2c433b1b
Bump version to 1.7.1
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 20:54:39 +01:00
David Mehren
c32b1cf42b
Don't store mermaid diagrams in innerHTML
Using jQuery's `.html()` method stores the given string as `innerHTML`, which enables injection of arbitrary DOM elements.
Using `.text()` instead mitigates this issue.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-27 10:14:27 +01:00
David Mehren
687fdf20cd
Add note about X-Forwarded-Proto to 1.7.0 release notes
This header needs to be set correctly if the reverse proxy terminates TLS, otherwise we don't send cookies.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-21 21:35:49 +01:00
David Mehren
e7409b265c
Merge release notes of 1.7.0-rc1 and rc2 into 1.7.0
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-21 21:28:53 +01:00
David Mehren
a11d45ce27
Fix broken PDF embed in features page & explain embedding problems
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-21 17:20:33 +01:00
David Mehren
81e463250d
Release 1.7.0-rc2
Signed-off-by: David Mehren <git@herrmehren.de>
2020-12-02 23:15:56 +01:00
David Mehren
461e48e25b
Changelog for 1.7.0-rc1
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-29 17:23:30 +01:00
David Mehren
e985c2e694
Merge pull request #599 from hedgedoc/fix/icons
Fix shortcut icon urls pointing to old (nonexistent) files
2020-11-27 21:06:07 +01:00
Yannick Bungers
4b28acd9e8
Merge pull request #603 from hedgedoc/feat/new-chat-link
Replace references to Matrix room with chat.hedgedoc.org
2020-11-27 21:03:45 +01:00
David Mehren
b506db11a0
Replace references to Matrix room with chat.hedgedoc.org
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-27 19:53:26 +01:00
David Mehren
b0e2577fd5
Remove reference to nonexisting DOM element
This was missed in #596 and breaks the frontend JS.

Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-27 19:24:43 +01:00
Erik Michelson
68c8f2860d
Fixed shortcut icon urls pointing to old (nonexistent) files
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-11-27 11:29:34 +01:00
Tilman Vatteroth
97312b5ed3
Remove pdf export code
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-26 21:09:23 +01:00
Tilman Vatteroth
cb265986f3
Remove irritating footer files
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-18 21:52:50 +01:00
Erik Michelson
938d39495f
Updated screenshot
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-11-17 11:13:58 +01:00
Tilman Vatteroth
d4b4ee568c
Fix image width on mobile view for front page
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-16 08:52:56 +01:00
Tilman Vatteroth
cdc5a89cd7
apply review suggestions 2020-11-15 20:12:39 +01:00
Tilman Vatteroth
a9026e0ec0
Removed icon 2020-11-15 15:39:04 +01:00
Tilman Vatteroth
978538c0de
Correct repo name
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-14 22:24:44 +01:00
Tilman Vatteroth
0c1f72d8d0
Add new screenshot
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-14 21:50:23 +01:00
Tilman Vatteroth
7ce89d0ac5
Replace placeholder with actual link
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>
2020-11-14 21:21:39 +01:00
Erik Michelson
b28839484d
Replace CodiMD with HedgeDoc
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: References in public/views

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update links in README

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update links in SECURITY.md

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update links in LICENSE

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update links in docs/configuration.md

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update links in bin/setup

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: References in docs/guides

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: References in docs/dev

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: References in docs/guides/auth

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: References in docs/setup

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update various links in code to the new GitHub org.

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: codiMDVersion.js is now hedgeDocVersion.js

Signed-off-by: David Mehren <git@herrmehren.de>
Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: References in docs/setup/yunohost

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rebrand to HedgeDoc: Add banner and logo

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Update links in docs/guides/migrate-etherpad

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Remove note in docs/guides/auth/github

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Replace links in public/docs/features

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Add todo placeholder in docs/history

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Replace github link in public/views/index/body

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Replace github link in README

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Add logo to README

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Rename to HedgeDoc: Add note about the renaming to the front page

Signed-off-by: Tilman Vatteroth <tilman.vatteroth@tu-dortmund.de>

Removed Travis from README.md and change CodiMD to HedgeDoc in some places

Signed-off-by: Yannick Bungers <git@innay.de>

Some more renaming to HedgeDoc
- Fixed capitalization of HedgeDoc
- Added renaming for etherpad migration doc

Signed-off-by: Yannick Bungers <git@innay.de>

Changed Repo name to hedgedoc

Signed-off-by: Yannick Bungers <git@innay.de>
2020-11-14 21:18:36 +01:00
David Mehren
ab18c4d6d4
Merge pull request #547 from codimd/upgrade-deps 2020-11-11 19:20:43 +01:00
David Mehren
62fd5c894d
Merge pull request #548 from codimd/fix/545-urls-with-credentials
Use URL constructor instead of regex to check for valid URL
2020-11-10 23:01:58 +01:00
David Mehren
1a074cd411
Update CDN links and integrity hashes for upgraded libraries
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-10 22:56:00 +01:00
David Mehren
bd11faa203
Use URL constructor instead of regex to check for valid URL
Fixes #545

Co-authored-by: Yannick Bungers <git@innay.de>
Signed-off-by: David Mehren <git@herrmehren.de>
2020-11-10 20:35:53 +01:00
David Mehren
7151745eb5
Fix PDF embed link in features.md
Signed-off-by: David Mehren <git@herrmehren.de>
2020-10-30 18:47:34 +01:00
Adam Worley
8359e70b0e
Add revisions documentation - Issue #196 (#517)
Co-authored-by: Adam Worley <Adam.Worley@ajw-group.com>
2020-10-11 20:44:18 +02:00
David Mehren
82aff80b88
Merge pull request #496 from codimd/fix/element-links 2020-09-29 11:37:25 +02:00
Erik Michelson
fcacbb2175
Change all element.io links to matrix.to links
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-09-28 13:05:22 +02:00
David Mehren
0a9f313604
Merge pull request #497 from SISheogorath/translation/malayalam
[1.x] Add Malayalam translation
2020-09-26 15:27:06 +02:00
David Mehren
3461993ee0
Merge pull request #486 from codimd/feature/cookie-policy 2020-09-25 22:39:30 +02:00
Sheogorath
31f6a3640b
Add Malayalam translation
This patch adds the Malayalam translation to CodiMD. Do by our awesome
translation supporters civic john, Sooraj Kenoth, Nithin Prabhakaran and
Jothish.

Thank you very much!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-09-09 12:51:34 +02:00
Erik Michelson
213154a742
Update matrix chat link from riot.im to app.element.io and change room alias
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-09-08 10:06:30 +02:00
Erik Michelson
824f910bfe
Add config option for cookie SameSite policy
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-27 02:04:49 +02:00
Erik Michelson
f821da6c09
Add prevent default to export button too
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-23 01:21:37 +02:00
Erik Michelson
d9adf598d8
Add dropbox CSP directive if configured and make button clickable
The lack of a 'preventDefault' on the click event handler resulted in the dropbox link being unclickable.
Furthermore because of a missing CSP rule, the dropbox script couldn't be loaded. The dropbox origin is now added to the CSP script sources if dropbox integration is configured.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-23 01:11:31 +02:00
Erik Michelson
c9442c3859
Made changed/created status translatable
The current version of CodiMD/HedgeDoc does only support translations to be filled on server-side rendering. To allow the translation of the changed/created texts, I duplicated the container that holds the text, and pre-filed these containers with the translation server-side. The client just needs to hide the unneeded container and show the right one to show the translated status text.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-13 23:55:28 +02:00
Erik Michelson
da35e73346
Restructured locale.js to be included into the editor's js bundle
Until now client-side translations were only possible in the context of the intro/history page, because the locale-detection logic relied on the language selector as a source of available languages. The editor of course has no such selector. With this commit, I copied the list of available languages from the i18n-initialization (server-side) to support language detection in the editor too.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-13 23:41:44 +02:00
Erik Michelson
ce469b1e2d
Fixed setting moment.js locale to user-defined language
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-08-13 15:23:56 +02:00
Daniel Lublin
948397a2cb Adjust features.md slightly after #232
Signed-off-by: Daniel Lublin <daniel@lublin.se>
2020-07-12 07:54:34 +02:00
David Mehren
3db8b0df43
Merge pull request #410 from oupala/feature/markdown-linting 2020-07-10 19:59:32 +02:00
oupala
2f462f90d4 style: linting markdown files
Linting markdown files according to default remark-lint configuration.

Files inside the `public` directory were not linted.

Signed-off-by: oupala <oupala@users.noreply.github.com>
2020-07-10 18:57:59 +02:00
David Mehren
88b292fbe0
Merge pull request #437 from codimd/enhancement/lang-attr-published 2020-07-10 12:01:33 +02:00
Erik Michelson
ee4210a511 Added dynamic lang-attr to pretty.ejs
CodiMD currently only uses the 'lang' attribute in YAML-metadata of a note for setting certain js-elements of the markdown-renderer. This commit adds the chosen lang into the published version of a note.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-07-03 00:06:03 +02:00
Erik Michelson
7346a67d85 Fixed yaml-metadata docs
In the yaml-metadata docs, the example for the 'lang' attribute had an invalid key 'langs'.

Signed-off-by: Erik Michelson <github@erik.michelson.eu>
2020-07-02 21:40:30 +02:00
David Mehren
e77e7b165a
Set all cookies with sameSite: strict
Modern browsers do not support (or will stop supporting) sameSite: none (or no sameSite attribute) without the Secure flag. As we don't want everyone to be able to make requests with our cookies anyway, this commit sets sameSite to strict. See https://developer.mozilla.org/de/docs/Web/HTTP/Headers/Set-Cookie/SameSite

Signed-off-by: David Mehren <dmehren1@gmail.com>
2020-06-08 15:27:31 +02:00
Nick Hahn
043f2c3193 Fix checksums of mermaid
Signed-off-by: Nick Hahn <nick.hahn@posteo.de>
2020-05-28 14:06:33 +02:00
Nick Hahn
ae7772a3f3 Update to mermaid 8.5.1
Signed-off-by: Nick Hahn <nick.hahn@posteo.de>
2020-05-27 14:06:03 +02:00
Sheogorath
54bde6b11f
Add translations for permissions
Adding translations for permissions for a possible 1.6.1 release doesn't
hurt but might helps some usecases of running CodiMD and we'll need the
translations in the new frontend anyway.

This patch adds the translations as well as the english local file.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-05-26 16:22:41 +02:00
Sheogorath
d30e022c7f
Merge pull request #344 from SuperSandro2000/fix-links-1.x
Fix redirected, outdated links and convert all to https
2020-05-17 15:01:41 +02:00
Sandro Jäckel
91b2e4c9ef
Update outdated links
Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
2020-04-26 21:57:43 +02:00
Sandro Jäckel
24f388a7c4
Update all links with https
Signed-off-by: Sandro Jäckel <sandro.jaeckel@gmail.com>
2020-04-26 21:57:42 +02:00
Marvin Gaube
70b8b78f96 Make "transform-style: preserve-3d;" screen-only.
Signed-off-by: Marvin Gaube <dev@marvingaube.de>
2020-03-23 20:57:06 +01:00
Sheogorath
8ce7b28563
Release version 1.6.0
Thanks for all contributions, this community is awesome.
2020-02-18 00:17:48 +01:00
Sheogorath
ea2ab05ffc
Merge pull request #267 from SISheogorath/fix/revisionLinks
Fix revision redirect to index page
2020-02-10 21:55:09 +01:00
Antoine Aflalo
adf37550be Update mermaid in CDN
Signed-off-by: Antoine Aflalo <antoine@warrantymaster.com>
2020-02-10 17:12:31 +00:00
Sheogorath
45cc1325fb
Fix revision redirect to index page
The revision view had a bug that clicking on a list entry would redirect
the user back to the index page instead of providing the revision diff.

This was cased by the baseurl which is now used as reference for hrefs.
Therefore when clicking on the `href="#"` this was actually pointing at
`<baseurl>#` which is usually the index page.

This patch simply removes the href from the list items and therefore the
link functionality. This fixes the whole problem by removing 9
characters from our source code.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-10 17:45:43 +01:00
Erik Michelson
b4a25da931
Changed Gravatar to Libravatar in privacy-template
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-01-23 00:19:25 +01:00
Sheogorath
5a8621bdee
Merge pull request #250 from ErikMichelson/fix/signin-focus
Fix #249 - Focus user field after opening login modal
2020-01-20 18:55:33 +01:00
Enrico Guiraud
2acd54bbdb
Fix font path when useCND is false and urlPath is used
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2020-01-15 16:32:55 +01:00
Erik Michelson
c9abe4276f
Fix #249 - Focus user field after opening login modal
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-01-08 18:37:11 +01:00
Enrico Guiraud
23c7b5b0a6
Fix urlPath support, let CodiMD be served from a subpath correctly
Webpack now uses relative paths for resources linked from by static
snippets. A templated <base> tag has been introduced in headers
so app.js can set the base URL at runtime.

Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 12:03:16 +01:00
hoijui
ad1a2fb19c make standard conform [fix]
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
2019-10-30 17:46:54 +01:00
hoijui
3233a448c6 make headerIds const [fix]
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
2019-10-30 17:46:45 +01:00
hoijui
3be40b23d1 fix gfm header link generation with respect to deduplicatedHeaderId
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
2019-10-30 17:46:24 +01:00
hoijui
47009805b3 linkifyHeaderStyle needs no string-ification; is already str.
Co-Authored-By: Yukai Huang <yukaihuangtw@gmail.com>
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
2019-10-30 17:46:04 +01:00
Sheogorath
7a27579589
Merge pull request #205 from hoijui/linkifyHeaderStyle
Allow to generate lower case header references through the config
2019-10-23 21:18:57 +02:00
RyotaK
8494f6a085
Don't accept sandbox attribute
Because sandbox is whitelist attribute, attacker will be able to create iframe that has more permission than default.

Signed-off-by: RyotaK <49341894+ry0tak@users.noreply.github.com>
2019-10-22 12:04:12 +02:00
hoijui
e654ca8a31 Allow to generate lower case header references through the config
This makes the references consistent/compatible with GitHub,
GitLab, Pandoc and many other tools.

This behavior can be enabled in config.json with:

```
"linkifyHeaderStyle": "gfm"
```

Signed-off-by: hoijui <hoijui.quaero@gmail.com>
2019-10-22 09:05:37 +02:00
hoijui
20adab2f32 slight doc comment touch-up/simplification [minor]
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
2019-10-22 09:02:40 +02:00
Sheogorath
cd34a8c702
Merge pull request #191 from ErikMichelson/feature/ogmetadata
Add customizable opengraph metadata for notes (see #40)
2019-10-10 14:55:34 +02:00
Erik Michelson
f26f48793f
Fixed bugs, added default image
Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-09 23:01:43 +02:00
Martin Turoci
c1f629161b Slovak locale
Signed-off-by: Martin Turoci <martinturoci@gmail.com>
2019-10-05 22:32:47 +02:00
Erik Michelson
8f61d840de
Added documentation for opengraph metadata
Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-04 19:58:02 +02:00
Erik Michelson
2881f8211a
Added customizable og-metadata to notes
Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-04 19:49:45 +02:00
Erik Michelson
116bd7230c
Added og-metadata to index page
- image and URL properties are only included if
 the server url is set, because opengraph
 protocol does not support relative links

Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-04 11:04:58 +02:00
PetrTodorov
f0a8ff5eb3 Added Czech translation
Signed-off-by: PetrTodorov <info@petrtodorov.cz>
2019-10-03 23:02:03 +02:00
Sheogorath
c765f34d03
Merge pull request #143 from Fonata/improve-docs
Slightly improve documentation
2019-09-02 19:24:04 +03:00
Matthias Lindinger
fe2c8634d3 Add link to imprint
Signed-off-by: Matthias Lindinger <m.lindinger@live.de>
2019-08-26 14:57:44 +02:00
Christian Bläul
4b392f4b12 Improved docs for YAML metadata
Signed-off-by: Christian Bläul <christian@blaeul.de>
2019-08-17 00:03:41 +02:00
Sheogorath
9c1665ae5b
Release version 1.5.0 2019-08-15 23:30:37 +02:00
Sheogorath
fce0e18ad0
Add arabian translation
Thanks to our great translators that made it to translate the major
parts of CodiMD into Arabic!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-08-15 23:20:52 +02:00
Sheogorath
da4665c759
Respect DNT header
Do Not Track (DNT) is an old web standard in order to notify pages that
the user doesn't want to be tracked. Even while a lot of pages either
ignore this header or even worse, use it for tracking purposes, the
orignal intention of this header is good and should be adopted.

This patch implements a respect of the DNT header by no longer including
the optional Google Analytics and disqus integrations when sending a DNT
header. This should reduce outside resource usage and help to stay more
private.

This should later-on extended towards other document content (i.e.
iframe based content).

The reason to not change the CDN handling is that CDNs will be
deprecated with next release and removed in long term.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-08 23:43:50 +02:00
Sheogorath
6462968e84
Merge pull request #97 from SISheogorath/fix/linting
Fix eslint warnings
2019-06-04 16:09:46 +02:00
Sheogorath
ae32a12930
Merge pull request #93 from ttasovac/master
fixed styling of slides preview
2019-06-04 16:09:26 +02:00
Sheogorath
51d69d993c
Release version 1.4.0
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-31 01:08:45 +02:00
Sheogorath
4da68597f7
Fix eslint warnings
Since we are about to release it's time to finally fix our linting. This
patch basically runs eslint --fix and does some further manual fixes.
Also it sets up eslint to fail on every warning on order to make
warnings visable in the CI process.

There should no functional change be introduced.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-31 00:30:29 +02:00
Sheogorath
6f4841dcd2
Fix hidden MathJax output
In order to have a better experience when linking to headlines based on
their ID, a patch[1] introduced a new CSS construct to add some space in
front of HTML tags with an id field. Therefore they would no longer be
hidden by a visible navbar.

This cause a regression bug by moving the rendered mathjax out of its
visible area. This patch fixes the problem by restricting the previous
change to headlines only.

[1]: commit c9af13cf34

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-30 13:26:24 +02:00
Toma Tasovac
9e7b081bd9 fixed styling of slides preview
Signed-off-by: Toma Tasovac <ttasovac@humanistika.org>
2019-05-30 10:53:08 +02:00
Sheogorath
e02defd402
Add Discourse link to footer
As we are about to announce the community forum, we should provide a
link to it in the footer. This patch adds Discouse between Riot, GitHub
and Mastodon as platform to follow our progress.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-30 00:02:37 +02:00
Sheogorath
388f034750
Merge pull request #81 from SISheogorath/fix/codemirrorBottomCSS
Fix CodeMirror toolbar hiding content
2019-05-26 22:19:57 +02:00
Sheogorath
c89c43b0bc
Add vietnamese language
There was some awesome work by Hồng in the recent days who translated
CodiMD completely into Vietnamese language! This patch provides this
awesome contributions.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-26 05:34:52 +02:00
Sheogorath
5e500de628
Fix CodeMirror toolbar hiding content
As it may happens that the codemirror content flows underneath the
status bar, this patch should help to avoid it. It adds the size of the
status bar as margin-bottom so the codemirror window itself is forced
above the statusbar.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-26 03:48:58 +02:00
Sheogorath
c9af13cf34
Fix hidden header on link
When people link a section or use the ToC to scroll to it upwards, it
happens that those become hidden behind the navbar.

This patch adds a little hack from StackOverflow[1] in order to fix this
problem. By adding a pseudo element in front of any field that contains
an id, it's possible to add the needed space.

There was no negative impact found except of marking around the header
areas in the rendered view requires a bit preciser work. This needs some
more detailed testing.

[1]: https://stackoverflow.com/a/24298427

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-05-24 15:00:41 +02:00
Amolith
871d8ea183
remove single quote preceding mastodon link
Signed-off-by: Amolith <amolith@nixnet.xyz>
2019-05-20 15:16:49 -04:00
Amolith
0eb1d4d612
add mastodon link to index - complete #70
Signed-off-by: Amolith <amolith@nixnet.xyz>
2019-05-19 21:52:21 -04:00
Amolith
4a02ca5d11
fix issue 72
Signed-off-by: Amolith <amolith@nixnet.xyz>
2019-05-19 20:50:53 -04:00
Pedro Ferreira
26dacde959 Fix toolbar day mode
Also moved the code to SCSS

Signed-off-by: Pedro Ferreira <pedro@dete.st>
2019-05-12 20:15:46 +02:00
Pedro Ferreira
1801febfe6 Make upload button respect night mode
Also set a title in the input field, so that the file name doesn't show
up.

Signed-off-by: Pedro Ferreira <pedro@dete.st>
2019-05-12 20:15:46 +02:00
Sheogorath
9101be92ab
Update jQuery to version 3.4.1 2019-05-06 10:42:41 +02:00
Sheogorath
c0e75b8606
Replace js-url with wurl
js-url is outdated and wurl is it's successor. This will fix some
vulnerabilities in the dependencies and also optimize the build process
by removing the external library toward internal tooling.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-16 19:28:23 +02:00
Max Wu
fb399ebe73
Fix stored XSS in the graphviz error message rendering [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>

Co-Authored-By: Sheogorath <sheogorath@shivering-isles.com>
2019-04-16 14:05:26 +02:00
Sheogorath
454b39ac10
Add community forum to help section
We have a community forum and want to use it for users support and to
bring developers and end-users together. In order to achieve this, it
would be helpful to inform users about its existence.

This patch adds the community forum as resource to the help section and
aligns it along the Matrix channel and GitHub issue tracker.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-12 12:29:56 +02:00
Henrik "HerHde" Hüttemann
f13a91c698 Clean up headings
Signed-off-by: Henrik "HerHde" Hüttemann <mail@herh.de>
2019-04-04 00:54:47 +02:00
Sheogorath
004b2e51f1
Add new screenshot
The old screenshot is quite dated since it's from the earlier days of
HackMD.

But we developed a lot in the recent years. Changed the name, added a
toolbar, moved buttons, and so on.

This patch should represent those changes in the front page.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-04-01 23:19:02 +02:00
Henrik Hüttemann
5951dd1805 Add missing space to footer
Signed-off-by: Henrik "HerHde" Hüttemann <mail@herh.de>
2019-04-01 09:47:06 +02:00
Claudius
54edec8900 striving for consistency across various docs
Signed-off-by: Claudius <opensource@amenthes.de>
2019-04-01 01:03:36 +02:00
Christoph (Sheogorath) Kern
3a0ff5edd3
Merge pull request #9 from SISheogorath/feature/moveUpload
Move upload button into toolbar
2019-03-31 15:14:31 +02:00
Christoph (Sheogorath) Kern
52055ec7b7
Merge pull request #8 from SISheogorath/fix/languages
Fix capital letters in language selection
2019-03-31 03:30:15 +02:00
Sheogorath
4ffeab6129
Release version 1.3.2
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-29 12:33:20 +01:00
Sheogorath
9941d5613b
Fix button background color
When introducing night mode the rule for the background of the view 
switches seems to be generated from the view button.

This patch should change the introduced rule to fix for all default 
buttons.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-29 12:30:21 +01:00
Sheogorath
7cde6958f3
Update links to new repositories
After a long discussion, it turned out that CodiMD as community project
and HackMD as a company, have fundamental different views on the project
governance.

Due to this, it came to point where the decision for a fork was made.
After the fork and move towards an own organisation, this patch updates
all links inside the project to the new repositories.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-27 19:31:34 +01:00
Sheogorath
1544b45af5
Move upload button into toolbar
Currently we have the odd situation to have two toolbars. One inside the
header and one in the editor.

Since we only show the image upload button when the editor is visible we
should move the upload button into the editor toolbar.

This patch does this by adding the image upload button besides the image
tag button.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-25 22:33:27 +01:00
Sheogorath
d167f7b092
Fix capital letters in language selection
Vladan[1] gave a hint about some minor problems with the capitalization
of language names.

This patch should fix most of them. and removes some "language" prefix
and suffixes which are not needed to make clear what people are
selecting here.

[1]: https://github.com/cvladan

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-24 23:13:48 +01:00
Sheogorath
50c80c99a4
Release version 1.3.1
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-23 13:27:39 +01:00
Christoph (Sheogorath) Kern
992f02c294
Merge pull request #1158 from SISheogorath/feature/serbianLanguage
Add serbian language
2019-03-16 19:58:45 +01:00
Christoph (Sheogorath) Kern
27ba5f910d
Merge pull request #1166 from SISheogorath/fix/exportEmojis
Fix broken HTML export with emojis
2019-03-13 11:50:50 +01:00
Sheogorath
5e634aef87
Fix possible order changes for 'Powered by' in other languages
Since not all languages use the same word oder and we run into potential
issues, where the translation of powered by need to add something after
the CodiMD link, this should give us the needed flexiblity.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-10 01:43:13 +01:00
Christoph (Sheogorath) Kern
1ffc492442
Merge pull request #1076 from SISheogorath/fix/translation
Add some missing translations
2019-03-10 01:32:20 +01:00
Sheogorath
982775f6dc
Fix broken HTML export with emojis
HTML export was broken due to missing alt-attribute for emojis.

This patch adds the old alt-element style and restores the exportability
this way.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-09 15:04:07 +01:00
Sheogorath
20d1f17d2c
Add serbian language
Thanks for the work of the translator Vladan we got a serbian
translation added! Those few changes will add serbian language support
for future CodiMD releases.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-04 13:21:01 +01:00
Sheogorath
87443dec5f
Release version 1.3.0
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-04 12:37:00 +01:00
Max Wu
1743a97c22 Fix possible MathJax XSS issue [Security Issue]
see more at: http://docs.mathjax.org/en/latest/safe-mode.html

Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-03-03 18:32:58 +08:00
Sheogorath
1f0fb12755
Fix CI errors for unused variables
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-02-21 01:36:39 +01:00
Sheogorath
c5ca7b634a
Remove broken speakerdeck embedding
The current speakerdeck implementation is broken. An alternative
implementation using oembed doesn't work due to CORS, which could be
solved by proxying the speakerdeck API, but we decided to not do this.

This patch provides the link to the speakerdeck presentation instead,
and this way doesn't break existing notes. This is right now the best
solution we could come up with.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-02-21 01:26:37 +01:00
Sheogorath
62477f0279
Update bootstrap from 3.3.7 to 3.4.0
Seems like finally there is a new bootstrap version for old version 3.

This patch implements this new version with CodiMD and this way fixes
some possible security issues in the frontend code.

See:
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72890

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-11 01:56:52 +01:00
Max Wu
067cfe2d1e Fix to escape html comment tag [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-12-28 16:42:55 +08:00
Max Wu
b89a35196a
Fix to sanitize disqus shortnames to remove slashes [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-12-28 16:39:13 +08:00
Sheogorath
cf95465103
Update socket.io
Our socket.io version is 2.0.4 while the current socket.io version is
2.1.1.

This patch updates socket.io to version 2.1.1 and takes care of the CDN
client version.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-28 13:23:36 +01:00
Sheogorath
494a0d5f06
Add some missing translations
There are some places in our code that made it to be not translated.

This patch fixes some small translation problems and adds some static
strings in templates to translation.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-23 17:10:44 +01:00
Sheogorath
33774c11b9
Update from to-markdown to turndown
We got a security alert for a regular expression DoS attack on our used
library `to-markdown`.

After checking `to-markdown` to be maintained or not, it turned out they
renamed the library to `turndown`. So upgrading to `turndown` should fix
this vulnerbility.

References:
https://www.npmjs.com/package/to-markdown
https://github.com/domchristie/turndown/wiki/Migrating-from-to-markdown-to-Turndown
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:12:09 +01:00
Sheogorath
bcebf1e8d2
Update reveal.js to version 3.7.0
There is a new reveal.js version out. As we try to keep up with
upstream, time to integreate it.

This patch updates reveal.js in for CDN-using instances as well as the
ones using the libraries.

Checked that speaker view in slide mode still works, so no CSP change
needed.

https://github.com/hakimel/reveal.js/releases/tag/3.7.0
2d241b9300/lib/csp.js (L72-L74)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 22:31:05 +01:00
Christoph (Sheogorath) Kern
271dff3808
Merge pull request #1043 from SISheogorath/fix/tocEmptyHead
Fix ToC breaking documents with empty h* elements
2018-11-19 21:33:34 +01:00
Sheogorath
d6dd33620c
Fix wrong anchors
While experimenting with the ToC changes, it became obvious that anchors
for those unnamed headers don't work.

This patch fixes those links by running the autolinkify twice and make
sure linkify only adds links to non-empty ids.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 20:20:56 +01:00