Commit graph

2488 commits

Author SHA1 Message Date
Sheogorath
2a28c832fc
Merge pull request #266 from SISheogorath/feature/change-cdn-defaults
Update CDN defaults
2020-02-10 17:34:57 +01:00
Sheogorath
651db60985
Update CDN defaults
As we noticed in our poll about CDN usage, that most people
intentionally turn it off, but very little intetionally turn it on or
leave it on. [1]

There is also strong indicators that CDNs don't really provide any
benefits in loading time and due to the small deployments of CodiMD,
there is no big savings due to CDNs either. [2]

Therefore this patch changes the CDN default settings to off in order to
reduce the exposed user data.

[1]: https://community.codimd.org/t/poll-on-cdn-usage/28
[2]: https://csswizardry.com/2019/05/self-host-your-static-assets/

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-09 21:59:17 +01:00
Sheogorath
8039066f99
Update yarn.lock
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-09 14:34:28 +01:00
Sheogorath
d5ae45b268
Merge branch 'google-oauth'
See https://github.com/codimd/server/pull/265
2020-02-09 13:48:26 +01:00
ike
78682f57c4 Update app.json
Signed-off-by: ike <developer@ikewat.com>
2020-02-08 15:57:35 +08:00
ike
197223dc81 Add Google oauth variable: hostedDomain
Which is part of `passport-google-oauth2`.
It could be used as whitelist to a domain supported by google oauth.
Ref: https://github.com/jaredhanson/passport-google-oauth2/issues/3

Signed-off-by: ike <developer@ikewat.com>
2020-02-08 15:57:22 +08:00
Sheogorath
b3d4cdbceb
Update RevealJS to version 3.9.2
This update of revealJS helps us to get rid of the headjs depedency
integration using webpack. It updates reveal.js to 3.9.2 and updates the
csp hash accordingly for using the slide mode.

Background for this update is the critical security vulnerability
described by snyk in their disclosure:
https://snyk.io/vuln/SNYK-JS-REVEALJS-543841

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2020-02-01 12:53:15 +01:00
Sheogorath
c9e66c0385
Merge pull request #261 from ErikMichelson/fix/privacy-template-libravatar
Changed Gravatar to Libravatar in privacy-template
2020-01-23 09:32:19 +01:00
Erik Michelson
b4a25da931
Changed Gravatar to Libravatar in privacy-template
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-01-23 00:19:25 +01:00
Sheogorath
5fd3d21ee8
Merge pull request #259 from Amolith/master
update env docs in reference to #247
2020-01-21 01:49:10 +01:00
Sheogorath
5a8621bdee
Merge pull request #250 from ErikMichelson/fix/signin-focus
Fix #249 - Focus user field after opening login modal
2020-01-20 18:55:33 +01:00
Amolith
412540b8e5 update env docs in reference to #247
Signed-off-by: Amolith <amolith@nixnet.xyz>
2020-01-16 17:25:41 -05:00
Sheogorath
bebbf77217
Merge pull request #257 from bluehood/fix_fonts_without_cdn
Fix font loading when useCDN is false
2020-01-15 18:51:00 +01:00
Enrico Guiraud
2acd54bbdb
Fix font path when useCND is false and urlPath is used
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2020-01-15 16:32:55 +01:00
Enrico Guiraud
2d3b009e13
Fix font paths when useCDN is false and no urlPath is present
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2020-01-15 16:32:12 +01:00
Sheogorath
e222e4426d
Merge pull request #248 from b10102016/patch-1
Update example config for gitlab authorization
2020-01-13 18:53:14 +01:00
Ian Tsai
deb3b94662 Update example config for gitlab authorization
Update example config for gitlab authorization

Signed-off-by: Ian Tsai <b10102016@gmail.com>
2020-01-13 19:30:15 +08:00
Claudius Coenen
95d3e5c58b
Merge pull request #252 from ccoenen/master
heroku complains about dialect
2020-01-12 01:04:32 +01:00
Claudius
ebe67298fc heroku complains about dialect
Signed-off-by: Claudius <opensource@amenthes.de>
2020-01-11 23:51:52 +01:00
Erik Michelson
c9abe4276f
Fix #249 - Focus user field after opening login modal
Signed-off-by: Erik Michelson <erik@liltv.de>
2020-01-08 18:37:11 +01:00
Sheogorath
472ae01546
Merge pull request #235 from soerface/issue-234
Fix #234 - make manage_users work again
2019-12-28 13:35:57 +01:00
Sheogorath
1f1059d46c
Merge pull request #242 from bluehood/fix_urlpath
Fix urlPath support, let CodiMD be served from a subpath correctly
2019-12-28 13:33:25 +01:00
Sheogorath
76c1d8e2b8
Merge pull request #244 from savaroskij/master
[DOC] Run `manage_users` with `NODE_ENV=production` set.
2019-12-28 13:32:54 +01:00
Matteo Savatteri
8496baa5b9 [DOC] Run manage_users with NODE_ENV=production set.
`manage_user` script defaults to `development` environment.

Signed-off-by: Matteo Savatteri <matteosavatteri@lcm.mi.infn.it>
2019-12-24 18:02:55 +01:00
Enrico Guiraud
23c7b5b0a6
Fix urlPath support, let CodiMD be served from a subpath correctly
Webpack now uses relative paths for resources linked from by static
snippets. A templated <base> tag has been introduced in headers
so app.js can set the base URL at runtime.

Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 12:03:16 +01:00
Sheogorath
313eb74ed6
Merge pull request #239 from bluehood/npm_not_yarn
[DOC] Use `npm start`, not `yarn start` to start
2019-12-20 11:15:49 +01:00
Enrico Guiraud
ed2a792886
[DOC] Use npm start, not yarn start to start
`yarn start --production` ignores the `--production` flag,
`npm start --production` does not.

Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 11:08:40 +01:00
Sheogorath
6733e8ead2
Merge pull request #243 from bluehood/docs
[DOC] Misc improvements to manual setup instructions
2019-12-20 11:04:40 +01:00
Enrico Guiraud
5c552b81a0
[DOC] Misc improvements to manual setup instructions
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
2019-12-20 00:26:48 +01:00
Soeren Wegener
bb1c150698
Check for falsy existing_user variable. Fixes #234
Use another return code for "User already exist"
This allows external scripts to differentiate between failure reasons.

Signed-off-by: Soeren Wegener <wegener92@gmail.com>
2019-12-09 17:46:25 +01:00
Sheogorath
33150b79c7
Merge pull request #218 from hoijui/linkifyHeaderStyle
Linkify header style
2019-12-03 14:40:00 +01:00
Sheogorath
2ddec15af8
Merge pull request #224 from davidmehren/webpack_updates
Upgrade webpack & plugins
2019-12-03 14:35:56 +01:00
Sheogorath
9bd09805d4
Merge pull request #227 from foobarable/fix/saml
Fixing redirection after SAML login
2019-12-03 14:35:19 +01:00
Ralph Krimmel
bd689dd096 Making the linter happy by removing superfluous ;
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-29 15:59:11 +01:00
Ralph Krimmel
4e1d4868e7 Making the linter happy by removing superfluous ;
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-29 15:54:58 +01:00
Ralph Krimmel
31a3a17369 Merge branch 'fix/saml' of https://github.com/foobarable/server into fix/saml
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-28 14:16:30 +01:00
Ralph Krimmel
9534cdafbf Making the linter happy by removing superfluous ;
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-28 14:00:34 +01:00
Ralph Krimmel
32113e874d Making the linter happy by removing superfluous ; 2019-11-28 12:26:50 +01:00
Ralph Krimmel
3fb3ca54e9 Removing returnTo setting from referer in all other authentication sources
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-28 12:25:59 +01:00
Ralph Krimmel
e0a8872742 Moving the storage of referrer information to main authorization check instead of doing it in the authentication source
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-28 10:59:59 +01:00
Ralph Krimmel
3e8cf5778f Fixing linting problems
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-27 15:17:00 +01:00
foobarable
1881775379 Fixing redirection after SAML login
Saving referer into session in SAML auth so passport can redirect correctly after SAML login.

Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
2019-11-27 15:08:30 +01:00
David Mehren
3e218e2983
Upgrade webpack & plugins
Signed-off-by: David Mehren <dmehren1@gmail.com>
2019-11-23 18:11:17 +01:00
Sheogorath
689f5a0a95
Merge pull request #213 from davidmehren/refactor_backend_notes
First steps in refactoring the backend code
2019-11-20 20:07:35 +01:00
Sheogorath
f894d3c2fa Update sv.json (POEditor.com) 2019-11-20 20:07:02 +01:00
Sheogorath
7a7e2e1d7a Update sk.json (POEditor.com) 2019-11-20 20:07:00 +01:00
Sheogorath
62791f80e0 Update it.json (POEditor.com) 2019-11-20 20:06:58 +01:00
Sheogorath
62ea120f92 Update fr.json (POEditor.com) 2019-11-20 20:06:56 +01:00
Sheogorath
18f3499ddb Update ca.json (POEditor.com) 2019-11-20 20:06:54 +01:00
Sheogorath
b4a0770a89
Merge pull request #223 from codimd/snyk-fix-84ae3f6ae6fb5c18e43decdf8ab49318
[Snyk] Fix for 1 vulnerabilities
2019-11-16 12:18:09 +01:00