Enrico Guiraud
23c7b5b0a6
Fix urlPath support, let CodiMD be served from a subpath correctly
...
Webpack now uses relative paths for resources linked from by static
snippets. A templated <base> tag has been introduced in headers
so app.js can set the base URL at runtime.
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 12:03:16 +01:00
Erik Michelson
f26f48793f
Fixed bugs, added default image
...
Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-09 23:01:43 +02:00
Erik Michelson
2881f8211a
Added customizable og-metadata to notes
...
Signed-off-by: Erik Michelson <erik@liltv.de>
2019-10-04 19:49:45 +02:00
Sheogorath
da4665c759
Respect DNT header
...
Do Not Track (DNT) is an old web standard in order to notify pages that
the user doesn't want to be tracked. Even while a lot of pages either
ignore this header or even worse, use it for tracking purposes, the
orignal intention of this header is good and should be adopted.
This patch implements a respect of the DNT header by no longer including
the optional Google Analytics and disqus integrations when sending a DNT
header. This should reduce outside resource usage and help to stay more
private.
This should later-on extended towards other document content (i.e.
iframe based content).
The reason to not change the CDN handling is that CDNs will be
deprecated with next release and removed in long term.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-06-08 23:43:50 +02:00
Sheogorath
9101be92ab
Update jQuery to version 3.4.1
2019-05-06 10:42:41 +02:00
Max Wu
1743a97c22
Fix possible MathJax XSS issue [Security Issue]
...
see more at: http://docs.mathjax.org/en/latest/safe-mode.html
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-03-03 18:32:58 +08:00
Sheogorath
62477f0279
Update bootstrap from 3.3.7 to 3.4.0
...
Seems like finally there is a new bootstrap version for old version 3.
This patch implements this new version with CodiMD and this way fixes
some possible security issues in the frontend code.
See:
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72890
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-11 01:56:52 +01:00
Claudius
44ffc564da
removing global site layout vars from individual routers, putting them into app.local
...
Signed-off-by: Claudius <opensource@amenthes.de>
2018-11-03 00:52:48 +01:00
Sheogorath
1d452a6ed4
Remove dead package octicon
...
Octicon no longer provides its CSS classes and this way is useless in
CodiMD. Replacing all used classes in the UI and remove it from build
system.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-10 23:42:41 +02:00
Sheogorath
5212bbf9c4
Replace font-awesome with fork-awesome
...
This patch replaces font-awesome with its fork called fork-awesome.
Besides the fact that the newer versions of font-awesome can't be
shipped with distros like debian due to license issues, fork-awesome
also provides more FOSS related icons and builds on top of version 4.7.x
of font-awesome, which we used until this patch.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-05 21:52:08 +02:00
Sheogorath
1812b1aaca
Update highlight.js
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 16:52:34 +02:00
Sheogorath
b6e1144627
Update to octicon 4.4.0
...
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 16:52:33 +02:00
Sheogorath
ed5353d13a
Move polyfill to CDN section
...
We don't support it on CDN false instances, but it doesn't hurt to keep
it in for CDN-enabled instances
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-18 01:26:11 +02:00
Christoph (Sheogorath) Kern
7de6e3211f
Merge pull request #598 from xxyy/feature/csp
...
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Peter Dave Hello
f896432250
Upgrade mermaid to v7.1.0, fix #600
2017-10-30 00:18:53 +08:00
Literallie
4238b9b3ef
Fix MathJax CSP issues
2017-10-22 00:03:45 +02:00
Max Wu
450159a462
Merge pull request #427 from PeterDaveHello/fix-indent
...
Fix indent in views, shouldn't mix tabs with spaces
2017-04-18 10:41:58 +08:00
Peter Dave Hello
5f3fe5c62c
Fix indent in views, shouldn't mix tabs with spaces
2017-04-18 05:24:04 +08:00
Peter Dave Hello
08c0a0392c
Use abcjs on cdnjs, cc @jackycute
2017-04-18 05:19:19 +08:00
Wu Cheng-Han
10a7a9b37e
Update to use CDN css for emojify.js when applicable
2017-03-21 00:27:58 +08:00
Wu Cheng-Han
6c87262bd9
Fix to use minified CDN file source in mermaid
2017-02-02 23:40:55 +08:00
Wu Cheng-Han
d5008b7aeb
Update viz.js and mermaid CDN links
2017-02-02 23:37:20 +08:00
Wu Cheng-Han
a669c201be
Fix template partial path
2017-01-21 14:04:54 +08:00
Wu Cheng-Han
09a7bcbdef
Refactor templates and rearrange its path
2017-01-21 13:08:29 +08:00
Wu Cheng-Han
276d500406
Upgrade dependencies
2016-12-19 16:20:27 +08:00
Wu Cheng-Han
ad90643c94
Optimize pretty page resource packing and load orders
2016-11-26 23:22:47 +08:00
Wu Cheng-Han
9d4ede4cff
Fix possible XSS in yaml-metadata and turn using ejs escape syntax than external lib [Security Issue]
2016-11-26 22:55:31 +08:00
Wu Cheng-Han
1ba46c95fb
Update to separate polypill for IE to a template
2016-11-26 22:38:18 +08:00
Yukai Huang
0b45312834
Add font css to templates
2016-11-03 14:51:28 +08:00
Yukai Huang
58fedb01fa
Require pretty stylesheets
2016-11-02 11:55:08 +08:00
Wu Cheng-Han
b6ce7a6ab1
Update mathjax cdn path and source path
2016-10-25 01:57:51 +08:00
Wu Cheng-Han
e6dfc749f6
Fix config.js use cdn option not parse properly and add missing cdn resources
2016-10-23 22:42:47 +08:00
Peter Dave Hello
58b2cff4ec
Use CDNJS by default with https and SRI support
2016-10-23 13:31:25 +08:00
Wu Cheng-Han
d70d0318e5
Fix to use bower version emojify.js
2016-10-19 22:12:12 +08:00
Wu Cheng-Han
d44e830366
Update emoji parser using markdown-it-emoji instead of emojify to solve issue #217
2016-10-18 16:50:58 +08:00
Yukai Huang
4c1109b70b
Move gist-embed to CDN
2016-10-14 09:56:19 +08:00
Yukai Huang
142b4c6771
Move highlight.js to CDN
2016-10-14 09:21:41 +08:00
Yukai Huang
747502e694
Fix HTML exporting
2016-10-13 16:35:43 +08:00
Yukai Huang
bcb12b9ae7
Remove jquery-scrollspy dependency
...
scrollspy is bootstrap built-in plugin
2016-10-13 15:30:26 +08:00
Yukai Huang
440ad3506c
Fix lastchangeui and moment timestamps
2016-10-13 15:13:03 +08:00
Yukai Huang
83be3465cc
Fix scrollspy
2016-10-13 13:59:34 +08:00
Yukai Huang
773c0ce39e
Optimize common assets with CDN
...
* jquery
* lodash
* socket.io
* boostrap
2016-10-13 11:42:17 +08:00
Yukai Huang
b90c26fe90
Config CDN for viz.js
2016-10-13 08:56:02 +08:00
Yukai Huang
d5d9607c17
Fix stylesheet ordering
2016-10-12 18:14:39 +08:00
Yukai Huang
2cafe15e85
Enable production assets hash
2016-10-12 17:15:59 +08:00
Yukai Huang
6e651c8108
Merge branch 'master' into webpack-frontend
2016-10-11 18:40:23 +08:00
Yukai Huang
56c5378939
Optimize viz.js async rendering through webpack chunk
2016-10-11 17:15:06 +08:00
Yukai Huang
06437ccaa9
Manage more packages with npm and webpack
2016-10-11 14:52:45 +08:00
Yukai Huang
9c8752d452
Split common vendor javascript into chunks
2016-10-11 12:30:30 +08:00
Wu Cheng-Han
fb5d7e4359
Update npm and bower dependencies with related patch
2016-10-10 21:14:28 +08:00