Commit Graph

1214 Commits

Author SHA1 Message Date
Yukai Huang be900d8db6
Fix cdn integrity (#1284)
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-10-04 22:59:09 +08:00
Yukai Huang b2701caba7
Fix viz.js@2 api changes
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-10-04 22:33:23 +08:00
TAKIMOTO, Atsushi c7a15ecc66 Add allowAnonymousViews option
resolve #1144
set to `false` to delete `freely`, `editable` and `locked` permission when allowAnonymous is true (default is `true`)
Signed-off-by: hakoai <hakoai64@gmail.com>
2019-09-08 21:55:52 +09:00
Max Wu df2c0e23b6
Merge pull request #1272 from hackmdio/bugfix/support-empty-spoiler
Support empty spoiler container syntax
2019-09-08 01:10:16 +08:00
Yukai Huang 1e00106889
Merge branch 'develop' into feature/markdownlint 2019-09-08 00:50:54 +08:00
Yukai Huang 1a85523ac9
Support empty spoiler container syntax
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-09-08 00:44:38 +08:00
Yukai Huang 01fa05f41c
Update features.md
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-09-08 00:24:05 +08:00
Yukai Huang e73405b169
Install markdown-it-ruby
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-09-08 00:24:04 +08:00
RyotaK f26a73213a Don't accept sandbox attribute
Because sandbox is whitelist attribute, attacker will be able to create iframe that has more permission than default.

Signed-off-by: RyotaK <49341894+ry0tak@users.noreply.github.com>
2019-08-21 19:14:46 +09:00
Yukai Huang d7854cd02c
Make linter happy
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-18 21:57:32 +08:00
Yukai Huang ad5be66206
Add status bar icon to toggle linter
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-18 21:57:32 +08:00
Yukai Huang 968e042b05
Cleanup
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-18 21:57:32 +08:00
Yukai Huang 31765a9d34
Make message more verbose & tweak style
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-18 21:57:32 +08:00
Yukai Huang 2852be0980
Tweak gutter styles
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-18 21:57:32 +08:00
Yukai Huang 6ddf872dec
Initial support for markdownlint
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-18 21:57:32 +08:00
Max Wu 969189b900
feat(docs): update features.md for spoiler container syntax
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-08-08 16:22:44 +08:00
Max Wu e89f820542
Feature/support vega lite (#1251)
Feature/support vega lite
2019-08-06 23:03:37 +08:00
Max Wu 71ea581796 Merge branch 'develop' into feature/support-vega-lite
# Conflicts:
#	package.json
#	public/views/slide.ejs
2019-08-06 22:06:43 +08:00
Max Wu 79e6d3d724 fix(security): potential JSONP callback overwritten
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-08-06 21:43:28 +08:00
BoHong Li ff124ab6bf
refactor: fix line after merged develop
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:59:03 +08:00
BoHong Li 1ebf9ca374
chore: upgrade cdn dependencies
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:59:03 +08:00
BoHong Li 4a9b6ceca9
refactor: fix lint on public/js/utils.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:38 +08:00
BoHong Li d3fc6f58e3
refactor: fix lint on public/js/slide.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:37 +08:00
BoHong Li 3505dcb1c8
refactor: fix lint on public/js/index.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:37 +08:00
BoHong Li 8394ff58e9
refactor: fix lint on public/js/history.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:36 +08:00
BoHong Li 8ca8484992
refactor: fix lint on public/js/extra.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:36 +08:00
BoHong Li be527765bd
refactor: fix lint on public/js/lib/syncscroll.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:36 +08:00
BoHong Li cc93ace031
refactor: fix lint on public/js/lib/appState.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:35 +08:00
BoHong Li 88601302c4
refactor: fix lint on public/js/lib/editor/utils.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:35 +08:00
BoHong Li 94703dc8b8
refactor: fix lint on public/js/lib/editor/index.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:33 +08:00
BoHong Li 9f35add97b
refactor: fix lint on public/js/lib/editor/config.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:32 +08:00
BoHong Li ab1a3b663e
chore: upgrade spin.js to 4.0.0
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:24 +08:00
Max Wu 2613b63160 feat(docs): update features.md for plantuml and vega-lite examples
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-08-04 20:16:46 +08:00
Max Wu 49c6672b95 feat: add support of vega-lite
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-08-04 20:16:46 +08:00
Max Wu 0c4d0a05e0 feat: add plantuml to support charts textcomplete list
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-08-03 21:23:28 +08:00
Yukai Huang 6f7de25079
Make details element syncscrollable
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-03 19:20:44 +08:00
Yukai Huang 8d889a6736
Support "spoiler" container syntax
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2019-08-03 14:43:16 +08:00
Chulki Lee 5ce981859e Render plantuml only in fence
Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
2019-07-31 10:02:07 -07:00
Chulki Lee 1d7895c869 Add plantuml support
Signed-off-by: Chulki Lee <chulki.lee@gmail.com>
2019-07-31 10:02:07 -07:00
BoHong Li c628737411
Merge branch 'develop' into refactor-realtime
Signed-off-by: BoHong Li <raccoon@hackmd.io>

# Conflicts:
#	README.md
#	package.json
2019-07-30 18:20:09 +08:00
Max Wu dd267096c9 fix: use lodash escapeHTML
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-07-28 20:04:41 +08:00
Max Wu a7082633aa Upgrade mermaid to 8.2.3
to avoid XSS inside the svg tag

Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-07-28 20:04:41 +08:00
Max Wu 76c7b70246 Merge branch 'master' into develop
# Conflicts:
#	README.md
2019-07-28 19:47:08 +08:00
Max Wu 8947c89da5 Update links of Gitter, POEditor and Travis CI 2019-07-28 19:00:17 +08:00
Yukai Huang f3a3c14aca
Merge branch 'develop' into feature/slides-spotlight 2019-06-27 17:37:16 +08:00
Yukai Huang e315127d31
Merge branch 'master' into feature/slides-timer 2019-06-26 11:39:22 +08:00
Yukai Huang d5a5ebc4d0
Merge branch 'master' into feature/slides-spotlight 2019-06-26 11:39:19 +08:00
BoHong Li a6036cb70b
refactor: back to use js-standard
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-05-27 17:53:08 +08:00
BoHong Li 6c137ae6ed
fix: mattermost has been deprecated, use mattermost-redux instead it.
1. change mattermost color and gitlab color to official color
2. Add mattermost icon because Fork-awesome/font-awesome doesn’t provide mattermost icon

Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:03:31 +08:00
Max Wu fbb18b6e0a Fix stored XSS in the graphviz error message rendering [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-04-14 12:12:02 -04:00
BoHong Li b0dee3ee14
refactor: fix lint warning on public/js/lib/common/login.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:45 +08:00
BoHong Li bf727b5878
refactor: fix lint warning on public/js/lib/editor/utils.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:25 +08:00
BoHong Li 45ba0c646d
refactor: fix lint warning on public/js/syncscroll.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:25 +08:00
BoHong Li e564c40b4d
refactor: fix lint warning on public/js/cover.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:25 +08:00
BoHong Li d387cac690
refactor: fix lint warning on public/js/extra.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:25 +08:00
BoHong Li 0498dc70e8
refactor: fix lint warning on public/js/history.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:24 +08:00
BoHong Li 573501389a
refactor: fix lint warning on public/js/index.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:24 +08:00
BoHong Li a40a8bfc02
refactor: fix lint warning on public/js/pretty.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:24 +08:00
BoHong Li 33fcfd416d
refactor: fix lint warning on public/js/render.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:23 +08:00
BoHong Li 73bc7ae8e6
refactor: fix lint warning on public/js/slide.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:23 +08:00
BoHong Li 4ae1c0ab3e
refactor: replace lz-string with @hackmd/lz-string
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li 67707d097f
fix: remove string.js for sucurity issue
1. Upgrade Imgur to fix npm install
2. Upgrade less version for security
3. Change package name in package.json to fit npm package.json rule

Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:22 +08:00
BoHong Li 56d86ee25e
fix: lint error
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:21 +08:00
BoHong Li f915957a4f
refactor: replace js-url with wurl (original version of js-url)
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 19:35:12 +08:00
BoHong Li 628e679916
refactor: replace Idle.js to @hackmd/idle-js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-11 18:30:20 +08:00
PastLeo 9696e60248
add reveal.js-elapsed-time-bar
Signed-off-by: PastLeo <chgu82837@gmail.com>
2019-04-05 15:53:23 +08:00
PastLeo 5621d45bf9
add spotlight dep for slides mode
Signed-off-by: PastLeo <chgu82837@gmail.com>
2019-04-05 15:17:48 +08:00
Sheogorath 50c80c99a4
Release version 1.3.1
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-23 13:27:39 +01:00
Christoph (Sheogorath) Kern 992f02c294
Merge pull request #1158 from SISheogorath/feature/serbianLanguage
Add serbian language
2019-03-16 19:58:45 +01:00
Christoph (Sheogorath) Kern 27ba5f910d
Merge pull request #1166 from SISheogorath/fix/exportEmojis
Fix broken HTML export with emojis
2019-03-13 11:50:50 +01:00
Sheogorath 5e634aef87
Fix possible order changes for 'Powered by' in other languages
Since not all languages use the same word oder and we run into potential
issues, where the translation of powered by need to add something after
the CodiMD link, this should give us the needed flexiblity.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-10 01:43:13 +01:00
Christoph (Sheogorath) Kern 1ffc492442
Merge pull request #1076 from SISheogorath/fix/translation
Add some missing translations
2019-03-10 01:32:20 +01:00
Sheogorath 982775f6dc
Fix broken HTML export with emojis
HTML export was broken due to missing alt-attribute for emojis.

This patch adds the old alt-element style and restores the exportability
this way.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-09 15:04:07 +01:00
Sheogorath 20d1f17d2c
Add serbian language
Thanks for the work of the translator Vladan we got a serbian
translation added! Those few changes will add serbian language support
for future CodiMD releases.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-04 13:21:01 +01:00
Sheogorath 87443dec5f
Release version 1.3.0
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-03-04 12:37:00 +01:00
Max Wu 1743a97c22 Fix possible MathJax XSS issue [Security Issue]
see more at: http://docs.mathjax.org/en/latest/safe-mode.html

Signed-off-by: Max Wu <jackymaxj@gmail.com>
2019-03-03 18:32:58 +08:00
Sheogorath 1f0fb12755
Fix CI errors for unused variables
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-02-21 01:36:39 +01:00
Sheogorath c5ca7b634a
Remove broken speakerdeck embedding
The current speakerdeck implementation is broken. An alternative
implementation using oembed doesn't work due to CORS, which could be
solved by proxying the speakerdeck API, but we decided to not do this.

This patch provides the link to the speakerdeck presentation instead,
and this way doesn't break existing notes. This is right now the best
solution we could come up with.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-02-21 01:26:37 +01:00
Sheogorath 62477f0279
Update bootstrap from 3.3.7 to 3.4.0
Seems like finally there is a new bootstrap version for old version 3.

This patch implements this new version with CodiMD and this way fixes
some possible security issues in the frontend code.

See:
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72889
https://snyk.io/vuln/SNYK-JS-BOOTSTRAP-72890

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-11 01:56:52 +01:00
Max Wu 067cfe2d1e Fix to escape html comment tag [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-12-28 16:42:55 +08:00
Max Wu b89a35196a
Fix to sanitize disqus shortnames to remove slashes [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-12-28 16:39:13 +08:00
Sheogorath cf95465103
Update socket.io
Our socket.io version is 2.0.4 while the current socket.io version is
2.1.1.

This patch updates socket.io to version 2.1.1 and takes care of the CDN
client version.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-28 13:23:36 +01:00
Sheogorath 494a0d5f06
Add some missing translations
There are some places in our code that made it to be not translated.

This patch fixes some small translation problems and adds some static
strings in templates to translation.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-23 17:10:44 +01:00
Sheogorath 33774c11b9
Update from to-markdown to turndown
We got a security alert for a regular expression DoS attack on our used
library `to-markdown`.

After checking `to-markdown` to be maintained or not, it turned out they
renamed the library to `turndown`. So upgrading to `turndown` should fix
this vulnerbility.

References:
https://www.npmjs.com/package/to-markdown
https://github.com/domchristie/turndown/wiki/Migrating-from-to-markdown-to-Turndown
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-21 11:12:09 +01:00
Sheogorath bcebf1e8d2
Update reveal.js to version 3.7.0
There is a new reveal.js version out. As we try to keep up with
upstream, time to integreate it.

This patch updates reveal.js in for CDN-using instances as well as the
ones using the libraries.

Checked that speaker view in slide mode still works, so no CSP change
needed.

https://github.com/hakimel/reveal.js/releases/tag/3.7.0
2d241b9300/lib/csp.js (L72-L74)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 22:31:05 +01:00
Christoph (Sheogorath) Kern 271dff3808
Merge pull request #1043 from SISheogorath/fix/tocEmptyHead
Fix ToC breaking documents with empty h* elements
2018-11-19 21:33:34 +01:00
Sheogorath d6dd33620c
Fix wrong anchors
While experimenting with the ToC changes, it became obvious that anchors
for those unnamed headers don't work.

This patch fixes those links by running the autolinkify twice and make
sure linkify only adds links to non-empty ids.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 20:20:56 +01:00
Sheogorath 9951b7df7c
Fix ToC breaking documents with empty h* elements
Right now, the ToC has an undefined variable i that was an index in the
original ToC code. Since the major rewrite in
4fe0620853 it's a recursive function
without this index. The variable `i` was wrongly copied into its current
place from the old code.

This patch replaces the variable `i` with the index of the header
element. Fix the undefined variable problem.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-19 18:27:06 +01:00
Christoph (Sheogorath) Kern 4b212c8315
Merge pull request #1060 from SISheogorath/fix/indexLinks
Fixing links on index page
2018-11-18 02:46:39 +01:00
Sheogorath 71ce7921bd
Fixing links on index page
Seems like ids in Firefox are case sensitive. So linking in the current
way fails.

This patch fixes the links by using the exact matching version of the
titles on the features page.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-18 00:26:51 +01:00
Claudius Coenen 858a59529e switching to eslint for code checking
most rules degraded to WARN, so we don't go insane. This will
change over time. The aim is to conform to a common style

Signed-off-by: Claudius Coenen <opensource@amenthes.de>
2018-11-14 23:15:36 +01:00
Sheogorath d94271c81a
Add documentation for slide view mode to features page
Since it's a very useful feature, we should mention it in multiple 
locations.

So we mention it in the slide mode section of the features page.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-14 01:06:20 +01:00
Sheogorath 43021283e4
Some minor improvements to the yaml-metadata docs
Switching form XAML to YAML syntax highlighting and fixing some grammar.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-14 01:06:20 +01:00
Sheogorath 3020c11d11
Add documentation for type field
The yaml-metadata documentation should mention the type field. This is
also open for future extension.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-14 01:06:20 +01:00
Sheogorath 44ca7be294
Activate slide editing mode for example
We have this awesome editing mode for slide shows. We just don't enable 
it or tell anyone that it exists. Maybe we should do this.

This patch sets the type for the slide example.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-14 01:04:56 +01:00
Christoph (Sheogorath) Kern 1d8c83cec5
Merge pull request #1028 from SISheogorath/docs/editorModes
Add documentation about editor modes in features page
2018-11-12 21:40:30 +01:00
Christoph (Sheogorath) Kern 2a8b56e14b
Merge pull request #1046 from SISheogorath/feature/optimizeXSS
Remove the xss library from webpack
2018-11-11 19:01:44 +01:00
Sheogorath bcc914a773
Add full version string
Currently we only provide the version from `package.json`. This means
that during updates of instances, e.g. the demo instance, which runs
latest master instead of a stable release, changes are not reflected to
the webclient.

This patch adds a fullversion string that contains the current commit
and this way makes that clients are notified about changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-11 12:44:19 +01:00
Sheogorath c59b94a37b
Remove the xss library from webpack
We can load the xss functions directly from the library instead of
loading them through the expose loader of webpack, this should simplify
the setup and maybe even improve speed a bit.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-11-10 20:27:07 +01:00
Cédric Couralet 67f8a64f2b Fix menu for github and dropbox
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
2018-11-07 12:30:17 +00:00
Cédric Couralet d24fb48f16 Fix menu when gitlab is enabled
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
2018-11-07 11:32:20 +00:00
Christoph (Sheogorath) Kern e17522add9
Merge pull request #1034 from SISheogorath/fix/emojiPlugin
Again: Replace emoji-plugin regex
2018-11-06 19:11:56 +01:00
Claudius 44ffc564da removing global site layout vars from individual routers, putting them into app.local
Signed-off-by: Claudius <opensource@amenthes.de>
2018-11-03 00:52:48 +01:00
Sheogorath d188b3526a
Again: Replace emoji-plugin regex
The Regex introduced in the last commit[1], was already working quite
good. But still resulted in false positives for all URL that contained a
second `:`.

To fix this once and for all, we craft a simple, but long regex based on
all emoji names and use this to match them.

We could probably optimize it, but that should also be something the
regex engine itself can and should do.

[1]: 7e45533c75 (in this source tree)

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-31 15:33:45 +01:00
Sheogorath 7e45533c75
Fix emoji regex
The old regex, adapted from the other plugins, was a bit too open for
matching. This leads to matching something like: `This is a sentence:
[And something with a: in it.]()` which doesn't become a link anymore.
Because the match is: ` [And something with a`.

This patch provides a fix for the regex to only match non-space string
within the `:`'s.

References:
- Introducing commit:
2063eb8bdf
- Inspirational source of the original RegEx:
2063eb8bdf/public/js/extra.js (L1095)

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-29 20:37:47 +01:00
Sheogorath 0915b33000
Add documentation about editor modes in features page
Codemirror provides various modes via keymapping. These are already
available by a menu in the interface. But they aren't mentioned
anywhere.

This patch provides some documentation about the editor modes and their
implications. Since they are a feature, the documentation is done on the
features page.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-28 10:01:47 +01:00
Christoph (Sheogorath) Kern 152dfc2323
Merge pull request #997 from SISheogorath/docs/slidePrint
slide example: Add link to slide printing instructions
2018-10-22 23:03:11 +02:00
Christoph (Sheogorath) Kern e115423d12
Merge pull request #1006 from SISheogorath/fix/missingEmojis
Fix not rendered autocomplete emojis
2018-10-22 23:02:33 +02:00
Sheogorath 7d5abadcf7
Remove Gitter from codebase
We no longer use Gitter for development talk and similar. So we might
want to remove it?

This patch removes Gitter from README, help page and features page. And
replaces it in the help modal with POEditor, our translation platform.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-17 02:28:19 +02:00
MartB 6bce9ac5bf Fix #1016: webpack include defect for scripts and header files.
Signed-off-by: MartB <mart.b@outlook.de>
2018-10-16 11:40:21 +02:00
Christoph (Sheogorath) Kern 1abf7c54ae
Merge pull request #1004 from SISheogorath/feature/integrateHljs
Add autocomplete for highlight.js languages into codemirror
2018-10-11 17:30:03 +02:00
Sheogorath 1d452a6ed4
Remove dead package octicon
Octicon no longer provides its CSS classes and this way is useless in
CodiMD. Replacing all used classes in the UI and remove it from build
system.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-10 23:42:41 +02:00
Sheogorath 2063eb8bdf
Fix not rendered autocomplete emojis
Currently we have some emojis that are autocompleted but won't show up
in the resulting document.

This patch adds all emojis that are pushed to Codemirror and applies
them to the markdown rendering process, so they become usable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-10 21:24:33 +02:00
Sheogorath 1a9df22680
Add autocomplete for highlight.js languages into codemirror
Right now we support code highlighting for rust, but it doesn't appear
in autocomplete of codemirror, because codemirror is not aware of it.

This patch lets highlightjs simply tell codemirror, what it supports and
adds this to the autocomplete list.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-10 11:13:52 +02:00
Christoph (Sheogorath) Kern 535ee36a26
Merge pull request #993 from SISheogorath/feature/useForkAwesome
Replace font-awesome with fork-awesome
2018-10-09 21:58:15 +02:00
Cédric Couralet 702f52f07c Fix #986 : Visibility is now transmitted with gitlab V4 api
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
2018-10-09 06:46:25 +00:00
Sheogorath 2ddc80fc20
slide example: Add link to slide printing instructions
The printing instructions seem to not be really clear. Linking the
reveal.js offical docs should help.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-07 15:21:29 +02:00
Sheogorath 9f9c4089be
Add OpenID to CodiMD
With OpenID every OpenID capable provider can provide authentication for
users of a CodiMD instance. This means we have federated
authentication.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-05 22:43:32 +02:00
Sheogorath 5212bbf9c4
Replace font-awesome with fork-awesome
This patch replaces font-awesome with its fork called fork-awesome.
Besides the fact that the newer versions of font-awesome can't be
shipped with distros like debian due to license issues, fork-awesome
also provides more FOSS related icons and builds on top of version 4.7.x
of font-awesome, which we used until this patch.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-05 21:52:08 +02:00
Sheogorath 75a23fe2c9
Add rel="noopener" to target="_blank" links
The noopener construct protects from some nasty clickjacking attacks. We
can apply them savely to all our links since we don't rely on the
previously used page.

Some more details: https://mathiasbynens.github.io/rel-noopener/

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-04 01:49:36 +02:00
Christoph (Sheogorath) Kern edcd8a23ff
Merge pull request #932 from davidmehren/webpack-4
Upgrade to Webpack 4
2018-10-03 16:52:32 +02:00
Sheogorath 7b10f0bed2
Update release notes for 1.2.1
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-03 16:24:36 +02:00
Christoph (Sheogorath) Kern 14ac20df1c
Merge pull request #977 from SISheogorath/fix/newExample
Replace youtube example video on features page
2018-10-03 00:19:04 +02:00
Sheogorath e0e037b5e1
Replace youtube example video on features page
Since the youtube video on our feature page seems to have vanished, this
patch replaces it with an video of the blender foundation

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-02 12:55:08 +02:00
Sheogorath a1fe5f37f6
Some minor footer improvements
Removing copyrigt sign since we are not copyrighting things.

Changing hackmd.io to codimd.org since HackMD is more and more dividing
from CodiMD and may brings up wrong expectations.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-01 12:18:12 +02:00
Sheogorath 2c32cf0abf
Add POEditor to 'follow us' statement
We broke the follow us before by removing Facebook and Twitter. Adding
POEditor should fix it and help to attract new translators.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-09-26 15:42:43 +02:00
Sheogorath e65e85fa6d
Add indonesian language to CodiMD
Big thanks @filosofikode for the translation work!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-09-23 17:23:16 +02:00
David Mehren 29a3813ada
Upgrade to Webpack 4 - first try
Signed-off-by: David Mehren <dmehren1@gmail.com>
2018-09-06 17:26:09 +02:00
Max Wu 40340c89f7
Update to replace Twitter and Facebook to Riot
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-07-31 22:17:06 +08:00
Cédric Couralet 66d374b128 Add possibility to choose between version v3 or v4 for the gitlab api.
Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility)

Default gitlab api version to v4

Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
2018-07-31 08:36:56 +00:00
Alexander Wellbrock 97c2330264
Fix some false titles
Signed-off-by: Alexander Wellbrock <a.wellbrock@mailbox.org>
2018-07-08 20:41:46 +02:00
Christoph (Sheogorath) Kern af26992b55
Merge pull request #886 from SISheogorath/fix/ToCHeader
Refactor generation of ToC
2018-07-04 21:13:14 +02:00
Sheogorath df05bff82a
ToC: Some HTML improvements and style fixes
The ToC generated broken HTML with unclosed `<li>` tags. This got fixed
as well as some minor optimisation and adding list elements for the
subentries so the elements appear in the ToC while scrolling.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-04 21:09:06 +02:00
Sheogorath cf934a4e51
Ignore h6 headers
h6 headers are used for tags in CodiMD. So we should ignore them for the
ToC generation.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-04 11:21:15 +02:00
Sheogorath 4fe0620853
Refactor generation of ToC
This replaces the existing iterative implementation of the ToC
generation with an recursive one.

This also solves the problem of skipped headers which causes wrong
leveling of them.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-04 02:36:47 +02:00
Sheogorath 734e7b01a5
Remove some unneeded defined inline-stylings
These have no really useful point here. Let's just remove them.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-03 21:34:57 +02:00
Sheogorath 1de8160008
Fix some night mode colors
We have some issues with night mode and the font color. This should fix
this in the permission table and the delete node modal. As well as some
picture styling.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-07-03 21:25:45 +02:00
Sheogorath 2fc4e911fb
Release notes for 1.2.0
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 19:19:34 +02:00
Sheogorath dea62cf310
Update store
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 16:52:34 +02:00
Sheogorath 1812b1aaca
Update highlight.js
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 16:52:34 +02:00
Sheogorath b6e1144627
Update to octicon 4.4.0
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-30 16:52:33 +02:00
Sheogorath 1c92524c08
Fix broken unicode urls
It wasn't possible to create unicode based URLs in freeurl mode, because
the noteid used for the websocket connection is double escaped. When we
decode it and let socketio-client reencode it, we get the real
shortid/noteid and can find the note in the database and open the
connection.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-26 22:25:36 +02:00
Christoph (Sheogorath) Kern c7745f6b27
Merge pull request #863 from hackmdio/feature/slidePrint
Add Print icon to slide view
2018-06-26 21:41:18 +02:00
Sheogorath 04d16e4d6e
Add Print icon to slide view
It redirects the user to the print view of the document. I claim that
people should either be smart enough to use ctrl+P or ask someone who
knows how to print a webpage. I don't want to babysit our users.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 23:50:38 +02:00
Sheogorath 2184491f4a
Final replacements
Looks like I missed a few. This should be complete now. And make us
ready for the repo rename and merging.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 14:13:46 +02:00
Sheogorath 23c33c0c04
Rename HackMD view to CodiMD
Even when it looks a bit weird in first place to rename all internals
step by step, it makes sense to do so, because we run into confusion
afterwards.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:40:18 +02:00
Sheogorath 4b060c7dba
Rebrand HackMD to CodiMD
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:24:12 +02:00
Sheogorath 0ed4b50098
Move config out of statics path
Since static path is providing with a high expiration data, we provide
configs via API. This shouldn't add any noticeable load while making it
uncached and this way working again.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 00:07:32 +02:00
Sheogorath 8fe26988d1
Fix all newly introduced linting issues
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-23 21:27:21 +02:00
Sheogorath 49db5bc653
Merge branch 'pr-846' 2018-06-23 21:19:44 +02:00
Sheogorath f65d96c57b
Fix liniting and optimize some functions
First fixed some linting issues. Also optimized some functions to be
undoable with one ctrl+z.

This should also speedup some operations

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-23 21:18:15 +02:00
Jake Burden b98d10c79a turn concatenated string into a multi-line template string
Signed-off-by: Jake Burden <jake@doge.haus>
2018-06-22 18:08:47 -04:00
Edgar Zanella Alvarenga a8b664fdb5 Add a toolbar to Codemirror editor
Signed-off-by: Edgar Zanella Alvarenga <e@vaz.io>
2018-06-19 16:03:56 +02:00
Sheogorath ed5353d13a
Move polyfill to CDN section
We don't support it on CDN false instances, but it doesn't hurt to keep
it in for CDN-enabled instances

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-18 01:26:11 +02:00
Christoph (Sheogorath) Kern 56d78a7d6c
Merge pull request #830 from SISheogorath/feature/GDPR
GDPR compliant part 1
2018-06-17 23:33:57 +02:00
Sheogorath 56182532cb
Add korean translation
This translation was contributed via POEditor by the user Basix.

Thanks a lot for your work!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-07 14:29:01 +02:00
Christoph (Sheogorath) Kern 551840ad57
Merge pull request #784 from pferreir/add-oauth2-support
Add "generic" OAuth2 support
2018-06-04 15:54:47 +02:00
Christoph (Sheogorath) Kern 2ed2a08f66
Merge pull request #782 from SISheogorath/feature/showFullTitle
Add title attribute in table of contents
2018-06-01 13:49:09 +02:00
liuderchi 334707e932
fix(slide): adjust checkbox size
- to override rules in css/github-extract.css with `!important` already

Signed-off-by: liuderchi <liuderchi@gmail.com>
2018-05-31 23:44:03 +08:00
Sheogorath fce735e833
Add privacy policy example
As we use various services and integration we should provide an example
privacy policy.

It has to be adjust when using it to match your setup.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-31 11:32:11 +02:00
Sheogorath 75f28ca7f3
Add export data UI
This adds the UI for the export feature introduced in
bcbb8c67c9

It allows to download all notes from the main page in the default user
submenu.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-26 03:20:44 +02:00
Sheogorath 70df29790a
Add token based security feature
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.

We can add a GUI that shows it later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 18:26:06 +02:00
Sheogorath 9fd09a8dfb
Add delete user UI
This provides the UI for the delete user feature introduced in
4229084c62

Placing of the user delete button is not perfect, but can be moved to an
own user tab later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 17:11:11 +02:00
Sheogorath 41a36e2e18
Add privacy and ToS links
To be GDPR compliant we need to provide privacy statement. These should
be linked on the index page. So as soon as a document exist under
`public/docs/privacy.md` the link will show up.

Since we already add legal links, we also add Terms of Use, which will
show up as soon as `public/docs/terms-of-use.md` exists.

This should allow everyone to provide the legal documents they need for
GDPR and other privacy and business laws.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-24 18:10:36 +02:00
Sheogorath fada8a8103
Add release notes for 1.1.1-ce
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-22 23:17:20 +02:00
Sheogorath ad69c5017b
Removing google drive integration
It's sad but it's not working. For multiple releases this should be
already broken which shows how often it's used.

As there is also a security issue related to that, it's better to
remove the feature completely. Whoever wants to rewrite it, feel free to
go.

This commit removes the Google Drive integration from HackMD's Frontend
editor and this way removes the need to provide any API key and Client
ID in the frontend.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-16 01:34:55 +02:00
Christoph (Sheogorath) Kern 6d44ded269
Revert "Workaround Google API problems" 2018-05-16 01:31:50 +02:00
Sheogorath 2cc3058a44
Remove Google Upload from UI
This temporarily removes the Upload from the UI as it's broken right
now.

Needs a refactoring and can be added in again later on by undoing this
commit.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-01 23:22:53 +02:00
Sheogorath 14a0f8594f
Merge branch 'feature/releaseNotes1.1.0' 2018-04-06 16:24:08 +02:00
Sheogorath f4631b038a
Merge branch 'docs/features-1.1.0-ce' 2018-04-06 16:22:26 +02:00
Sheogorath 23b5e9e54a
Minor fixes in relase notes
Fix some spelling and style issues as well as adding the
latest changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-06 16:19:24 +02:00
Sheogorath 95f46520e3
Add matrix.org / Riot link
As an active part of the community prefers Matrix.org over Gitter, we
should link Matrix.org as a place to meet us.

As the matrix and gitter channels are interconnected. We don't loose any
message if a person decides to go for one or another.

We use an more universal way of translation to make it easier to provide
a link to various platforms.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-05 11:58:54 +02:00
Christoph (Sheogorath) Kern 5a5b3e9ddd
Merge pull request #790 from SISheogorath/fix/nightModeCSS
Fix modal and panel colors in night mode
2018-04-05 01:24:34 +02:00
Sheogorath b90b215a84
Fix code blocks color in night mode
This provides more eye-friendly code boxes when night mode is active.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-05 00:58:41 +02:00
Sheogorath f2f0369259
Provide feature changes in 1.1.0-ce
Adding some documentation for night mode and upload times. Extend the
contact section for community support.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 20:42:55 +02:00
Sheogorath 645f38c228
Update release notes
Providing release notes for version 1.1.0-ce

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 20:38:37 +02:00
Sheogorath d939de17df
Fix CSP for disqus and Google Analytics
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.

Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.

They are enabled by default to prevent breaking changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 16:33:52 +02:00
Sheogorath 291b33880c
Fix modal and panel colors in night mode
Night mode provides a generally, dark interface. This fix provides the
needed CSS to also turn modal and panels into night mode design as well.
This mainly effects the help modal.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-29 23:23:30 +02:00
Pedro Ferreira 40b3855702 Add support for generic OAuth2 providers
Signed-off-by: Pedro Ferreira <pedro.ferreira@cern.ch>
2018-03-26 15:55:39 +02:00
Sheogorath 7681076eb3
Add title attribute in table of contents
Right now the full title of an element is may not shown as the space of
the ToC is limited. With this path it'll be shower on hover and this way
provide more useful information.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-26 11:20:18 +02:00
Sheogorath 8b69013ebd
Fix night mode button after restore
The night mode toggle doesn't get the right state after restore from
local storage. This results in the need to toggle twice to disable night
mode.

This patch adds the needed class so the toggleNightMode function gets
the right state on execution.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 20:12:02 +02:00
Christoph (Sheogorath) Kern 57c47a65dd
Merge pull request #758 from SISheogorath/cleanup/config
Change config to camel case with backwards compatibility
2018-03-25 19:15:17 +02:00
Sheogorath 2411dffa2c
Change config to camel case with backwards compatibility
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 19:08:14 +02:00
Sheogorath 32c578db08
Persist nightmode so we can re-enable it
Right now the night mode is possible to set by a toggle in the menu bar
but needs to be re-enabled on every document switch, reload, etc.. This
is super annoying so we should keep this state in local storage or
a cookie.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-23 19:46:38 +01:00
Christoph (Sheogorath) Kern fa4a8418af
Merge pull request #772 from SISheogorath/fix/chromeFileError
Some fixes for inline-Attachments in Codemirror
2018-03-21 14:15:04 +01:00
Christoph (Sheogorath) Kern f6df2deb84
Merge pull request #743 from hackmdio/fix-to-use-url-safe-base64
Fix to use url-safe base64 in note url
2018-03-18 15:13:06 +01:00
Sheogorath 6219962892
Reorganize usage of `getAsFile()`
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-18 03:11:28 +01:00
Sheogorath 41bf7cc52f
Fix typo in vedor extension
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-18 03:10:37 +01:00
Max Wu 8bfe51940f Fix typo
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-03-11 03:00:36 +08:00
Max Wu dfd833dbe2 Update to show log on migrate LZString type note url in history
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-03-11 02:55:54 +08:00
Max Wu d08c9522c0 Update to migrate note url in the history of browser storage and cookie
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-03-03 16:26:19 +08:00
Max Wu ea118c2ec8 Update styles of details, summary and figure
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 21:05:13 +08:00
Max Wu 95e9f96aa0 Update to allow rp tag for ruby
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 20:55:10 +08:00
Max Wu 711a11ce23 Remove manual allow details tag since default already allow it
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 20:54:57 +08:00
Sheogorath 5d347d583d
Extend HTML5 support by whitelisting various tags
HTML5 provides a wide feature set of useful elements. Since Markdown
usually supports HTML it should be able to use these HTML5 tags as well.
As they were requested by some users and they where checked for being
safe, whitelisting them isn't a problem. To make the experience the same
as on GitHub when it comes to the basic look and feel of the rendered
markdown, some CSS was added to make the summary and the details tag
look like on GitHub.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-02-25 14:54:21 +01:00
Sheogorath 9c77e9d7f0
Allow the usage of the esc-key by codemirror
This change allows all input modes of codemirror to use the information
from an input esc-key and make this way vim and sublime more
functional. To prevent this change from breaking the return from the
fullscreen mode, it catches the esc-key in this case. Hopefully this is
an acceptable solution.

As before the vim-mode is handled different in fulltext-mode as it is
esc-key heavy.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-02-24 21:14:47 +01:00
Stefan Bühler c4f8fb78ee don't require referer to find note id in socket.io connections (fixes #623)
Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de>
2018-02-05 14:26:42 +01:00
Sheogorath a01b4a843c
Update socket.io to version 2.0.4
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-30 19:44:32 +01:00
Christoph (Sheogorath) Kern adc781f7e3
Merge pull request #704 from SISheogorath/fix/ldapProviderName
Fix ldap provider name in template
2018-01-29 15:59:27 +01:00
Wu Cheng-Han 3c473e60a6 Upgrade reveal.js to 3.6.0 and useCDN option for CSS include 2018-01-29 13:09:52 +08:00
Sheogorath e44751b3f1
Fix ldap provider name in template
Before this fix it's impossible to set the provider name in the
sign-model since `ldap` is a boolean there and this way not able
to have an attribute like `ldap.providerName`.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-26 10:46:22 +01:00
Christoph (Sheogorath) Kern e52d7db96c
Merge pull request #694 from SISheogorath/refactor/socialmedia
Reorganize social media links and footer
2018-01-25 17:40:11 +01:00
Sheogorath 16892cd827
Reorganize social media links and footer
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-24 14:09:36 +01:00
Max Wu a9c88ce248
Fix task todo might not toggle
which caused by not matching syntax with double dashes correctly
2018-01-24 00:10:52 +08:00
Christoph (Sheogorath) Kern 584f1c5249
Merge pull request #691 from SISheogorath/feature/upload
Allow more detailed configuration of upload mime types
2018-01-23 12:10:33 +01:00
Christoph (Sheogorath) Kern 7de6e3211f
Merge pull request #598 from xxyy/feature/csp
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Christoph (Sheogorath) Kern 5d9a2c3569
Merge pull request #688 from hackmdio/add-ce-text-on-index
Add CE text on index title
2018-01-20 18:56:39 +01:00
Christoph (Sheogorath) Kern b7e227e9d5
Merge pull request #690 from Nebukadneza/add_allow_anonymous_edits
Add option to enable `freely` permission in closed instance
2018-01-20 18:56:09 +01:00
Sheogorath dc10ec60fb
Remove/update contact details
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 17:40:00 +01:00
Sheogorath a7935a595a
Allow more detailed configuration of upload mime types
Fixes #637

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 15:16:53 +01:00
Dario Ernst 6ae4b8bf13 Add option to enable `freely` permission in closed instance
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-20 15:14:56 +01:00
Max Wu 05cc3a73a2
Update body.ejs
Add CE text on index title
2018-01-20 10:12:38 +08:00
Sheogorath 40d1d75704
Release 1.0.1-ce 2018-01-19 14:40:15 +01:00
Christoph (Sheogorath) Kern d492070d3a
Merge pull request #685 from hackmdio/fixImageAlt
Fix image alt not render properly

Fixes #638
2018-01-19 14:26:06 +01:00
Sheogorath a0fdfccb22
It's 2018! 🎉 2018-01-19 14:08:16 +01:00
Wu Cheng-Han 3703b12584 Fix image alt not render properly 2018-01-19 00:53:49 +08:00
Sheogorath 11a5dd0eb4
Release 1.0.0-ce 2018-01-18 13:03:18 +01:00
Max Wu 919b7467d4
Fix anchor id to keep uppercase characters
id shouldn’t be converted to lowercase since id attribute is case sensitive
2018-01-16 15:59:43 +08:00
Edoardo Odorico 6fc2c39eda Implemented dark theme.
Signed-off-by: Edoardo Odorico <edoubuntu@gmail.com>
2018-01-05 00:15:13 +01:00
Peter Dave Hello 76873d3f7e Fix file permission, remove useless executable 2017-12-14 05:05:18 +08:00
Christoph (Sheogorath) Kern b840c3fa57
Merge pull request #609 from monoxane/master
Correcting grammatical errors related to the document char count tooltip
2017-12-12 10:39:49 +01:00
Christoph (Sheogorath) Kern 0957f5963b
Merge pull request #633 from nakaeeee/saml-auth
Support SAML authentication
2017-12-04 18:57:57 +01:00
Thomas De Backer c60030b205 close open tags 2017-12-01 20:56:39 +01:00
Thomas De Backer 4eef4875ed Add untranslated sentences to locale 2017-11-30 19:02:40 +01:00
Norihito Nakae 4a4ae9d332 Initial support for SAML authentication 2017-11-28 18:52:24 +09:00
Sheogorath 93b91163cd
Prevent XSS vul by srcdoc in iframe 2017-11-24 10:10:50 +01:00
Literallie 3a752fde51
Revert "Load js-url lib using legacy-loader"
Didn't work in Firefox for some reason.

`[Script Loader] ReferenceError: module is not defined`

This reverts commit 5b83deb043.
2017-11-02 17:57:44 +01:00
Sheogorath 16b3e015ab
Merge pull request #606 from DoubleMalt/feature/MattermostAuth
Add Mattermost authentication strategy
2017-10-31 12:11:41 +01:00
Christoph Witzany 5cda55086a Add mattermost authentication 2017-10-31 10:34:51 +01:00
Sheogorath ef49b72442
Fix allowpdfexport handling on error page 2017-10-31 01:57:32 +01:00
Sheogorath e807f1b783
Fix mermaid error handling 2017-10-30 12:26:28 +01:00
Sheogorath 09d2ba41cf
Use mermaidAPI in mermaid scope
Introduced by a5b7145527 (diff-67ae90c5144c55348a3cbdb078240454L532)

Fixes #600

Parse only throws error: 167368d508 (diff-67ae90c5144c55348a3cbdb078240454)
2017-10-30 07:11:14 +01:00
Oliver Herrmann 7d0ef1276c
Corrected some grammatical issues
Obviously caught up in a bad translation and didn't particularly make sense for native english speakers.
2017-10-30 11:25:44 +11:00
Peter Dave Hello f896432250 Upgrade mermaid to v7.1.0, fix #600 2017-10-30 00:18:53 +08:00
Sheogorath abbc43f9b6 Merge pull request #599 from xxyy/fix/inline-styles
Externalise some trivial inline styles from slide.ejs
2017-10-27 13:24:26 +02:00
geekyd d63e6780eb Adds PDF export via config 2017-10-25 19:19:37 +05:30
Literallie af935e46fc
Externalise trivial inline styles from slide.ejs
Dynamic background images need some further work
2017-10-23 23:39:18 +02:00
Sheogorath c794412714 Merge pull request #591 from Rwing/master
support Simplified Chinese and rename original zh to Traditional Chinese
2017-10-23 11:53:31 +02:00
Rwing 362a7eaf65 support Simplified Chinese and rename original zh to Traditional Chinese 2017-10-23 17:38:04 +08:00
Literallie 567f26f5b9
Fix MathJax config not being picked up
thanks standard
2017-10-22 02:48:24 +02:00
Literallie 04f5e3a341
Move CSP logic to new file, Fix boolean config examples
Not sure why I was quoting these in the first place
2017-10-22 02:18:45 +02:00
Literallie 5b83deb043
Load js-url lib using legacy-loader
Doesn't use eval, plus no window object access
2017-10-22 00:03:45 +02:00
Literallie 4238b9b3ef
Fix MathJax CSP issues 2017-10-22 00:03:45 +02:00
Literallie 080436aebb
CSP: Add nonce to slide view inline JS 2017-10-22 00:03:45 +02:00
Yukai Huang 60b86e0250 Fix markdown-it gist plugin code closing tag
fix #596
2017-10-21 11:45:17 +08:00
geekyd 80fb91976e Hides empty export section 2017-10-18 03:34:45 +05:30
Sheogorath a16bde70be Provide table for permissions
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 11:05:22 +02:00
geekyd c6a1b65a91 Adds color to new note button 2017-10-07 23:23:03 +05:30
Wu Cheng-Han d96385eafd Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] 2017-10-05 10:17:26 +08:00
Wu Cheng-Han b0b417cefc Fix unescape > symbol inside the style tags to make the CSS works 2017-10-05 09:59:57 +08:00