Christoph (Sheogorath) Kern
7de6e3211f
Merge pull request #598 from xxyy/feature/csp
...
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Christoph (Sheogorath) Kern
268c81a323
Merge pull request #673 from fooker/master
...
Allow posting new note with content
2018-01-20 19:45:41 +01:00
Dario Ernst
6ae4b8bf13
Add option to enable freely
permission in closed instance
...
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.
Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-20 15:14:56 +01:00
Dustin Frisch
f47601857e
Allow posting new note with content
...
Signed-off-by: Dustin Frisch <fooker@lab.sh>
2018-01-18 10:41:58 +01:00
Peter Dave Hello
76873d3f7e
Fix file permission, remove useless executable
2017-12-14 05:05:18 +08:00
Norihito Nakae
4a4ae9d332
Initial support for SAML authentication
2017-11-28 18:52:24 +09:00
Sheogorath
8808399c48
Fix mattermost breaking notes
2017-10-31 13:48:35 +01:00
Christoph Witzany
5cda55086a
Add mattermost authentication
2017-10-31 10:34:51 +01:00
geekyd
f7d2ef970a
Adds 403 response if PDF export is disabled
2017-10-25 19:21:34 +05:30
geekyd
d63e6780eb
Adds PDF export via config
2017-10-25 19:19:37 +05:30
Literallie
080436aebb
CSP: Add nonce to slide view inline JS
2017-10-22 00:03:45 +02:00
Wu Cheng-Han
ca95901204
Fix slide might not provide slideOptions meta
2017-06-05 01:12:40 +08:00
butlerx
c531d96f66
check if reveal theme exists
2017-06-01 10:12:40 +01:00
butlerx
e5834c077f
add the ability to set slide theme in slide options
2017-05-31 23:28:43 +01:00
BoHong Li
ecb0533605
refactor(config.js): Extract config file
...
* Separate different config source to each files
* Freeze config object
2017-05-08 19:29:07 +08:00
BoHong Li
aca01f064d
refactor: Remove require
extension filename
2017-05-08 19:29:06 +08:00
BoHong Li
5870d988b5
Use strict mode in all backend files
...
add ‘use strict’ in all backend file
2017-03-14 13:02:43 +08:00
BoHong Li
4889e9732d
Use JavaScript Standard Style
...
Introduce JavaScript Standard Style as project style rule,
and fixed all fail on backend code.
2017-03-08 18:45:51 +08:00
Wu Cheng-Han
1473437295
Refactor checkViewPermission to fix limited & protected permission check bug and fix code style
2017-01-16 23:47:53 +08:00
Wu Cheng-Han
3c0667813c
Fix missing config in hackmd response
2017-01-16 12:41:34 +08:00
Sheogorath
747629e549
Add allowemailregister
option
2017-01-12 13:54:45 +01:00
Max Wu
a8068d38d5
Merge pull request #313 from elct9620/feature/disable_anonymous_view
...
WIP: Add options to limit anonymous view note
2017-01-10 20:23:47 +08:00
蒼時弦也
89b8ddeaba
Add limited and protected permission
2017-01-10 10:02:37 +08:00
蒼時弦也
c21fb8e2a0
Recovery tariling spaces
2017-01-10 09:35:21 +08:00
蒼時弦也
f8e5b54767
Remove temporary change
2017-01-10 09:32:44 +08:00
Max Wu
b13635aac9
Merge pull request #279 from alecdwm/ldap-auth
...
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
蒼時弦也
1fbecbb03d
Fix anonymouse view permission check
2017-01-05 23:37:10 +08:00
蒼時弦也
aaf1ff4b2f
Add limit for constrain anonymous view note
2017-01-05 22:36:40 +08:00
Wu Cheng-Han
c1b5e74cf9
Fix and refactor extracting content using metaMarked directly might lead in invalid object
2017-01-04 23:57:16 +08:00
Wu Cheng-Han
10a8448c6a
Fix yaml metadata description not able to show
2017-01-02 11:13:41 +08:00
Wu Cheng-Han
f6d8e3ab00
Remove LZString compression for data storage
2017-01-02 10:59:53 +08:00
Florian Rhiem
fdea226159
Fixed typo: anonmyous
2016-12-21 14:36:54 +01:00
Wu Cheng-Han
5bb3de2675
Add support of allow free url config option with correspond modifications
2016-12-16 15:38:05 +08:00
Wu Cheng-Han
5c7eb48319
Add support of allow anonymous config option with correspond modifications
2016-12-15 14:11:23 +08:00
alecdwm
02e9927714
Initial support for LDAP server authentication
...
Limitations as of this commit:
- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
- instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
because we aren't using oauth. The currently generated
tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
Wu Cheng-Han
a73d9ce39e
Update to support optional email register and signin
2016-12-02 01:58:14 +08:00
Wu Cheng-Han
71a356552f
Update to auto generate meta description based on content in publish note and slide
2016-11-26 23:04:29 +08:00
Wu Cheng-Han
9d4ede4cff
Fix possible XSS in yaml-metadata and turn using ejs escape syntax than external lib [Security Issue]
2016-11-26 22:55:31 +08:00
Wu Cheng-Han
f86a9e0c4b
Fix slide might trigger script when processing markdown which cause XSS [Security Issue]
2016-11-26 22:46:08 +08:00
Wu Cheng-Han
1d2a9826af
Update to improve history api error and bad request handling
2016-10-10 20:52:31 +08:00
Wu Cheng-Han
55ac4dcccb
Update to allow CORS as API on revision actions
2016-10-10 20:33:48 +08:00
Wu Cheng-Han
3175616573
Update to support showing owner on the infobar
2016-10-10 20:32:20 +08:00
Wu Cheng-Han
0470a266fd
Update to prevent caching and crawling status
2016-09-18 16:23:56 +08:00
Wu Cheng-Han
87f4d05e8e
Update to use proper way to render view and fix upload image error should response with code
2016-08-19 11:31:23 +08:00
Wu Cheng-Han
4d7c3d2120
Add info api for note
2016-08-19 11:24:36 +08:00
Wu Cheng-Han
a013c9d3bc
Update slide mode to show extra info and support url actions and support disqus via yaml-metadata
2016-08-15 11:25:27 +08:00
Wu Cheng-Han
9bf7b92707
Fix meta might be null issue
2016-08-15 10:59:40 +08:00
Wu Cheng-Han
3bcb36b46c
Improve index layout and UX with UI adjustments and better wording
2016-08-15 10:56:14 +08:00
Wu Cheng-Han
be81ee22ec
Update slide mode, now respect all meta settings and update default styles
2016-08-14 15:02:05 +08:00
Wu Cheng-Han
b367e110b6
Update to support slideOptions in the YAML metadata
2016-08-01 00:08:22 +08:00
Wu Cheng-Han
0f4f270193
Fix yaml metadata title should pass to generateWebTitle
2016-07-30 11:01:07 +08:00
Wu Cheng-Han
95c8f25fb5
Update response to force note, publish note, publish slide redirect to their expected url
2016-07-02 16:11:30 +08:00
Wu Cheng-Han
d39f1fc700
Update to make slide mode support all extra syntax and change it's rendering engine
2016-07-02 16:09:26 +08:00
Cheng-Han, Wu
558304ff62
Update to support new metadata: title, description, tags and google-analytics (GA) and refactor render publish slide response function
2016-06-21 21:42:03 +08:00
Cheng-Han, Wu
ad6982e77e
Remove robot meta on note edit page and html template, add prevent crawling header to enhance note privacy
2016-06-21 21:37:56 +08:00
Cheng-Han, Wu
a125f80535
Fix pdf tmp path is missing a folder slash before timestamp
2016-06-17 16:33:58 +08:00
Cheng-Han, Wu
8e351e7e33
Add revision api
2016-06-17 16:11:14 +08:00
Cheng-Han, Wu
16990e35a2
Update slide template using ejs instead of mustache to reduce similar package dependency
2016-05-29 17:54:24 +08:00
Cheng-Han, Wu
6405bb5056
Add support of google signin
2016-05-21 22:48:00 +08:00
Cheng-Han, Wu
eb5873a94d
Update to move gitlab api path to sub path and fix its find user method for PR #121
2016-05-16 18:16:45 +08:00
Cheng-Han, Wu
93c6205aa6
Fix merge conflicts
2016-05-15 11:17:02 +08:00
Cheng-Han, Wu
8a01b7242c
Merge branch 'gitlab_snippets' of https://github.com/jccrofty30/hackmd into jccrofty30-gitlab_snippets
...
# Conflicts:
# lib/response.js
2016-05-15 11:02:15 +08:00
Cheng-Han, Wu
73835763c6
Merge PR #118
2016-05-15 10:58:41 +08:00
Cheng-Han, Wu
a70ebf7762
Update to move dropbox app key setting to common.js and will auto load client-side related scripts
2016-05-15 10:54:24 +08:00
Jason Croft
a3876dfc92
Start extending to support GitLab authentication.
...
Add necessary dependency.
Add baseURL parameter for self-hosted GitLab
Add necessary require.
Add block for GitLab auth.
Fix typo
Update font-awesome dependency for GitLab icon.
Use a color closer to GitLab orange.
More direct TODO
2016-05-11 21:02:53 -04:00
Jason Croft
17daf32239
Remove skeleton functions
2016-05-11 17:04:55 -04:00
Jason Croft
521f96fb11
Skeletons for GitLab actions.
2016-05-09 17:07:23 -04:00
Jason Croft
079822dfec
Start extending to support GitLab authentication.
...
Add necessary dependency.
Add baseURL parameter for self-hosted GitLab
Add necessary require.
Add block for GitLab auth.
Fix typo
Update font-awesome dependency for GitLab icon.
Use a color closer to GitLab orange.
More direct TODO
2016-05-09 16:27:35 -04:00
Jannik Lorenz
404e44649f
Fix error page (missing googleDrive config)
2016-04-23 14:15:24 +02:00
Jannik Lorenz
d7648e9cea
Hide Dropbox and Google Drive in Import/ Export when disabled
2016-04-23 12:58:24 +02:00
Cheng-Han, Wu
49b51e478f
Refactor server with Sequelize ORM, refactor server configs, now will show note status (created or updated) and support docs (note alias)
2016-04-20 18:03:55 +08:00
Cheng-Han, Wu
b6ca50072e
Updated to add headers to prevent search engine crawl some unnecessary paths
2016-03-15 10:54:21 +08:00
Cheng-Han, Wu
845ef9bad6
Support export to and import from Google Drive
2016-03-04 23:17:35 +08:00
Cheng-Han, Wu
c183002c14
Fixed note title might get wrong
2016-03-04 23:12:03 +08:00
Cheng-Han, Wu
b2b1be3dda
Support set url path and use relative url, move raphael to bower and fixed minor issue in history
2016-02-16 20:08:44 -08:00
Cheng-Han, Wu
3f2f063e9b
Fixed export gist title might null and fake referer that redirect to gist html_url
2016-02-16 19:54:29 -08:00
Cheng-Han, Wu
4c4a0e0f3f
Fixed prevent XSS might break lots of tags and only need after rendered
2016-02-11 03:45:13 -06:00
Cheng-Han, Wu
6700f033ab
Prevent XSS in markdown rendering
2016-02-11 02:36:52 -06:00
Cheng-Han, Wu
1fb42bd276
Updated to allow CORS in download as API
2016-02-01 00:41:28 -06:00
Cheng-Han, Wu
ff2fc76491
Supported export to gist
2016-01-31 15:42:26 -06:00
Cheng-Han, Wu
16dcd27b78
Fixed potential bug in realtime startConnection and bugs in note findOrNewNote, response showNote
2016-01-20 23:20:50 -06:00
Wu Cheng-Han
49c7dded45
Added private permission and clean up codes, solved potential race condition in realtime.js
2016-01-17 09:51:27 -06:00
Wu Cheng-Han
2ecec3b59a
Support show last change user with profile and support YAML config inside the note with robots, lang, dir, breaks options
2016-01-12 08:01:42 -06:00
Wu Cheng-Han
f5010af4f1
Added 404 and 403 status on routes
2015-12-30 00:33:36 -05:00
Wu Cheng-Han
031c96c72d
Updated slide mode
2015-12-18 09:40:52 -06:00
Wu Cheng-Han
b070de8fa9
Updated and merge reveal.js to use bower
2015-11-29 01:04:20 -06:00
xnum
f51b7370f0
Add Slide Mode
...
using reveal.js
and some part of reveal-md
2015-11-23 20:38:26 +08:00
Wu Cheng-Han
75ae505a15
Updated response.js, the render url now using config getserverurl()
2015-11-17 01:19:01 +08:00
Ikumi Shimizu
7fc7325f87
fixed a bug in response.js:useCdn
2015-09-23 10:25:42 +09:00
Wu Cheng-Han
b6c758f2fc
Added server option "useCdn", use template statement to route resources' source
2015-09-22 12:06:13 +08:00
Wu Cheng-Han
04eef71b11
Change note action "share" to "publish" to avoid misleading
2015-07-06 13:51:55 +08:00
Wu Cheng-Han
10c9811fc5
Jump to 0.3.1
2015-07-02 00:10:20 +08:00
Wu Cheng-Han
4e64583a0b
Marked as 0.2.8
2015-05-15 12:58:13 +08:00
Wu Cheng-Han
4b0ca55eb7
First commit, version 0.2.7
2015-05-04 15:53:29 +08:00