hedgedoc/public
Sheogorath 70df29790a
Add token based security feature
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.

We can add a GUI that shows it later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 18:26:06 +02:00
..
css Fix code blocks color in night mode 2018-04-05 00:58:41 +02:00
docs Merge branch 'feature/releaseNotes1.1.0' 2018-04-06 16:24:08 +02:00
fonts Remove uesless executable permission for static files 2016-11-14 21:13:02 +08:00
js Add delete user UI 2018-05-25 17:11:11 +02:00
uploads upload image to public/uploads 2016-11-14 16:45:57 +08:00
vendor Reorganize usage of getAsFile() 2018-03-18 03:11:28 +01:00
views Add token based security feature 2018-05-25 18:26:06 +02:00
apple-touch-icon.png optimize png images using zopflipng 2016-10-10 00:53:54 +08:00
default.md Removed unused note and set empty on default note, updated features note 2016-01-17 09:57:25 -06:00
favicon.png optimize png images using zopflipng 2016-10-10 00:53:54 +08:00
hackmd-icon-1024.png optimize png images using zopflipng 2016-10-10 00:53:54 +08:00
screenshot.png Add screenshot on index page 2017-01-21 12:52:26 +08:00