hedgedoc/lib
Sheogorath ef86bf5cba
Use API key instead of clientSecret
As recently discovered we send the clientSecret to the webclient which
is potentionally dangerous. This patch should fix the problem and
replace the clientSecret with the originally intended and correct way to
implement it using the API key.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-13 09:38:59 +02:00
..
config Use API key instead of clientSecret 2018-04-13 09:38:59 +02:00
migrations Add missing migration for permissions 2018-03-06 16:31:41 +01:00
models Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
ot Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
web Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
workers refactor: Remove require extension filename 2017-05-08 19:29:06 +08:00
csp.js Fix CSP for disqus and Google Analytics 2018-03-30 16:33:52 +02:00
history.js Improve history migration performance 2018-03-10 16:51:00 +08:00
letter-avatars.js Use strict mode in all backend files 2017-03-14 13:02:43 +08:00
logger.js refactor(logger): Refactor logger.js 2017-05-08 19:24:37 +08:00
realtime.js Change config to camel case with backwards compatibility 2018-03-25 19:08:14 +02:00
response.js Fix CSP for disqus and Google Analytics 2018-03-30 16:33:52 +02:00
utils.js switch to __dirname 2017-06-02 11:34:35 +01:00