Commit graph

1508 commits

Author SHA1 Message Date
Literallie
1634d5c567
Add on/off env var for HSTS 2017-10-13 01:42:05 +02:00
Literallie
56411ca0e1
Make HSTS behaviour configurable; Fixes #584 2017-10-13 01:42:05 +02:00
Wu Cheng-Han
bee5e2a558 Update license field in package.json 2017-10-13 01:56:13 +08:00
Sheogorath
f93a14e3e1 Fix LDAP problem about missing uidNumber
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 14:52:28 +02:00
Sheogorath
a16bde70be Provide table for permissions
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 11:05:22 +02:00
Sheogorath
53c2d0b5ca Merge pull request #581 from SISheogorath/fix/HMD_URL_ADDPORT
Fix missing boolean setting for HMD_URL_ADDPORT
2017-10-12 00:01:27 +02:00
Sheogorath
89c60d1331
Fix missing boolean setting for HMD_URL_ADDPORT
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-11 23:13:22 +02:00
Wu Cheng-Han
da5026859d Update contributing guide for signed-off and DCO 2017-10-12 02:07:03 +08:00
Wu Cheng-Han
45717da98d Fix typo 2017-10-12 02:06:08 +08:00
Wu Cheng-Han
8086cdb749 Change license from MIT to AGPLv3 2017-10-12 01:45:57 +08:00
Wu Cheng-Han
81af737ce6 Update authors list and add contributors file 2017-10-12 01:45:17 +08:00
Wu Cheng-Han
4e94f44a12 Add sign you work section in contributing and DCO 2017-10-12 01:44:55 +08:00
Sheogorath
8b65d7df1a Merge pull request #575 from PeterDaveHello/fix.travis.yml
Remove duplicated nodejs version in .travis.yml
2017-10-11 10:23:30 +02:00
Sheogorath
4dd60cee50 Merge pull request #566 from ccoenen/fix-mysql-revision-order
createdAt DESC with quotation marks did not work with MySQL fixes #565
2017-10-11 01:08:16 +02:00
Claudius Coenen
87ac05738f Merge pull request #573 from PeterDaveHello/add-version-badge
Add version badge in README.md
2017-10-10 23:45:50 +02:00
Sheogorath
11133c3cec Merge pull request #571 from SISheogorath/fix/shellcheck
Prevent argument breaking by spaces
2017-10-10 23:28:16 +02:00
Peter Dave Hello
711c38403d Remove duplicated nodejs version in .travis.yml
lts/boron is v6
2017-10-11 00:16:11 +08:00
Peter Dave Hello
121b089d96 Add version badge in README.md 2017-10-10 21:54:13 +08:00
Sheogorath
6ed44f0864
Prevent argument breaking by spaces 2017-10-10 13:36:37 +02:00
Claudius Coenen
724a6bc26f createdAt DESC with quotation marks did not work with MySQL fixes #565 2017-10-09 14:03:33 +02:00
Sheogorath
a99cac0cf0 Merge pull request #550 from SISheogorath/fix/gitlabAvatar
Fix broken profile images in GitLab

Fixes #549
2017-10-08 22:20:35 +02:00
Claudius Coenen
132d4657d7 Merge pull request #564 from geekyd/pop_button
Adds button style to "new note"
2017-10-08 15:41:28 +02:00
Sheogorath
a4caac6276 Merge pull request #563 from geekyd/master
Updates default max_line_len in uglifyjs
2017-10-08 01:23:22 +02:00
geekyd
c6a1b65a91 Adds color to new note button 2017-10-07 23:23:03 +05:30
geekyd
4f53afe92e Increases max_line_len in uglifyjs 2017-10-07 07:21:02 +05:30
Sheogorath
74a7216a30 Merge pull request #553 from weisslj/fix-s3-bucket-documentation
Correct documentation of S3 bucket
2017-10-07 01:20:43 +02:00
Wu Cheng-Han
d96385eafd Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] 2017-10-05 10:17:26 +08:00
Wu Cheng-Han
b0b417cefc Fix unescape > symbol inside the style tags to make the CSS works 2017-10-05 09:59:57 +08:00
Wu Cheng-Han
8979f215ab Fix blockquote not parse correctly in slide mode 2017-10-05 09:59:07 +08:00
Max Wu
b469592db8 Update .travis.yml 2017-09-27 22:26:03 +08:00
Wu Cheng-Han
7f52a4b38a Update yarn.lock file 2017-09-27 22:07:55 +08:00
Max Wu
6f2d1d4320 Merge pull request #538 from madebyherzblut/fix-yarn-lock
Update yarn.lock
2017-09-27 21:46:13 +08:00
Max Wu
fb14e121cd Merge pull request #527 from sygi/patch-1
Typo in Polish translation
2017-09-27 21:41:06 +08:00
Max Wu
8168615e10 Merge pull request #541 from Stonesjtu/patch-1
Fix naming typo.
2017-09-27 21:40:26 +08:00
Wu Cheng-Han
2bdccd3996 Fix home and end keys behavior for windows 2017-09-27 21:27:33 +08:00
Wu Cheng-Han
fe384d80bf Fix the < and > symbols are doubly escaped which affected by executing preventXSS twice 2017-09-27 18:22:49 +08:00
Wu Cheng-Han
f2743ff8f8 Fix slide mode contains unclosed tags might cause XSS [Security Issue] 2017-09-27 18:21:28 +08:00
Wu Cheng-Han
9b00afb863 Fix unclosed tags might cause XSS [Security Issue] 2017-09-27 18:20:04 +08:00
Johannes Weißl
89a2389586 Correct documentation of S3 bucket
Documentation added in aaf034b on Nov 17th 2016 says the S3 bucket can
be specified with `s3.bucket`, but commit c8bcc4c (#285) on Dec 18th
2016 used `s3bucket`. Instead of fixing the code (#552) to match the
documentation this commit changes just the documentation so that
existing configurations are not broken. Also, the `s3` object is passed
as is to `AWS.S3()`, which does not know the option `bucket` (but
silently ignores it in my test).

http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#constructor-property

Following the old documentation leads to this exception:

    2017-09-23T09:42:38.079Z - error:  MissingRequiredParameter: Missing required key 'Bucket' in params
        at ParamValidator.fail (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:50:37)
        at ParamValidator.validateStructure (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:61:14)
        at ParamValidator.validateMember (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:88:21)
        at ParamValidator.validate (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:34:10)
        at Request.VALIDATE_PARAMETERS (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/event_listeners.js:125:42)
        at Request.callListeners (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
        at callNextListener (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:95:12)
        at /srv/hackmd/hackmd/node_modules/aws-sdk/lib/event_listeners.js:85:9
        at finish (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:315:7)
        at /srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:333:9
        at Credentials.get (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/credentials.js:126:7)
        at getAsyncCredentials (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:327:24)
        at Config.getCredentials (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:347:9)
        at Request.VALIDATE_CREDENTIALS (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/event_listeners.js:80:26)
        at Request.callListeners (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:101:18)
        at Request.emit (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
2017-09-23 18:28:57 +02:00
Sheogorath
500207545f
Fix broken profile images 2017-09-22 12:40:43 +02:00
James
cd5e45163f Merge pull request #1 from SISheogorath/patch-2
Update en.json
2017-09-11 19:07:36 -04:00
Sheogorath
9da6c88985 Update en.json 2017-09-11 02:21:31 +02:00
James
3fa82048c1 Update en.json 2017-09-07 12:19:02 -04:00
James
5ea2b1dbe6 Update en.json 2017-09-07 12:08:41 -04:00
Kaiyu Shi
4ae8086301 Give google the correct name. 2017-09-04 16:04:20 +08:00
Marc Deop
2c780f53df
Add support for minio 2017-08-30 18:58:34 +02:00
Christian Schuhmann
355c805db8 Update yarn.lock 2017-08-29 16:53:15 +02:00
Jakub Sygnowski
3ca1255064 (nit) typo 2017-08-10 14:50:45 +02:00
Raccoon
d1d6d5810b Merge pull request #499 from bd808/no-ssh
Use git URLs in package.json
2017-07-03 10:58:23 +08:00
Bryan Davis
723c9d79b6 Use git URLs in package.json
Using the "github:..." form to declare a dependency in package.json
makes npm attempt to install the package using an ssh clone rather than
an https clone. Some deployment environments may not allow ssh access
to external servers which will prevent the clones from succeeding. Using
the "git+https://..." form will clone the same repo from GitHub without
requiring ssh connectivity.
2017-07-01 15:41:56 -06:00