Commit Graph

127 Commits

Author SHA1 Message Date
BoHong Li 4889e9732d Use JavaScript Standard Style
Introduce JavaScript Standard Style as project style rule,
and fixed all fail on backend code.
2017-03-08 18:45:51 +08:00
Wu Cheng-Han 1473437295 Refactor checkViewPermission to fix limited & protected permission check bug and fix code style 2017-01-16 23:47:53 +08:00
Wu Cheng-Han 3c0667813c Fix missing config in hackmd response 2017-01-16 12:41:34 +08:00
Sheogorath 747629e549 Add `allowemailregister` option 2017-01-12 13:54:45 +01:00
Max Wu a8068d38d5 Merge pull request #313 from elct9620/feature/disable_anonymous_view
WIP: Add options to limit anonymous view note
2017-01-10 20:23:47 +08:00
蒼時弦也 89b8ddeaba Add limited and protected permission 2017-01-10 10:02:37 +08:00
蒼時弦也 c21fb8e2a0 Recovery tariling spaces 2017-01-10 09:35:21 +08:00
蒼時弦也 f8e5b54767 Remove temporary change 2017-01-10 09:32:44 +08:00
Max Wu b13635aac9 Merge pull request #279 from alecdwm/ldap-auth
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
蒼時弦也 1fbecbb03d Fix anonymouse view permission check 2017-01-05 23:37:10 +08:00
蒼時弦也 aaf1ff4b2f Add limit for constrain anonymous view note 2017-01-05 22:36:40 +08:00
Wu Cheng-Han c1b5e74cf9 Fix and refactor extracting content using metaMarked directly might lead in invalid object 2017-01-04 23:57:16 +08:00
Wu Cheng-Han 10a8448c6a Fix yaml metadata description not able to show 2017-01-02 11:13:41 +08:00
Wu Cheng-Han f6d8e3ab00 Remove LZString compression for data storage 2017-01-02 10:59:53 +08:00
Florian Rhiem fdea226159 Fixed typo: anonmyous 2016-12-21 14:36:54 +01:00
Wu Cheng-Han 5bb3de2675 Add support of allow free url config option with correspond modifications 2016-12-16 15:38:05 +08:00
Wu Cheng-Han 5c7eb48319 Add support of allow anonymous config option with correspond modifications 2016-12-15 14:11:23 +08:00
alecdwm 02e9927714 Initial support for LDAP server authentication
Limitations as of this commit:

- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
  - instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
  because we aren't using oauth. The currently generated
  tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
Wu Cheng-Han a73d9ce39e Update to support optional email register and signin 2016-12-02 01:58:14 +08:00
Wu Cheng-Han 71a356552f Update to auto generate meta description based on content in publish note and slide 2016-11-26 23:04:29 +08:00
Wu Cheng-Han 9d4ede4cff Fix possible XSS in yaml-metadata and turn using ejs escape syntax than external lib [Security Issue] 2016-11-26 22:55:31 +08:00
Wu Cheng-Han f86a9e0c4b Fix slide might trigger script when processing markdown which cause XSS [Security Issue] 2016-11-26 22:46:08 +08:00
Wu Cheng-Han 1d2a9826af Update to improve history api error and bad request handling 2016-10-10 20:52:31 +08:00
Wu Cheng-Han 55ac4dcccb Update to allow CORS as API on revision actions 2016-10-10 20:33:48 +08:00
Wu Cheng-Han 3175616573 Update to support showing owner on the infobar 2016-10-10 20:32:20 +08:00
Wu Cheng-Han 0470a266fd Update to prevent caching and crawling status 2016-09-18 16:23:56 +08:00
Wu Cheng-Han 87f4d05e8e Update to use proper way to render view and fix upload image error should response with code 2016-08-19 11:31:23 +08:00
Wu Cheng-Han 4d7c3d2120 Add info api for note 2016-08-19 11:24:36 +08:00
Wu Cheng-Han a013c9d3bc Update slide mode to show extra info and support url actions and support disqus via yaml-metadata 2016-08-15 11:25:27 +08:00
Wu Cheng-Han 9bf7b92707 Fix meta might be null issue 2016-08-15 10:59:40 +08:00
Wu Cheng-Han 3bcb36b46c Improve index layout and UX with UI adjustments and better wording 2016-08-15 10:56:14 +08:00
Wu Cheng-Han be81ee22ec Update slide mode, now respect all meta settings and update default styles 2016-08-14 15:02:05 +08:00
Wu Cheng-Han b367e110b6 Update to support slideOptions in the YAML metadata 2016-08-01 00:08:22 +08:00
Wu Cheng-Han 0f4f270193 Fix yaml metadata title should pass to generateWebTitle 2016-07-30 11:01:07 +08:00
Wu Cheng-Han 95c8f25fb5 Update response to force note, publish note, publish slide redirect to their expected url 2016-07-02 16:11:30 +08:00
Wu Cheng-Han d39f1fc700 Update to make slide mode support all extra syntax and change it's rendering engine 2016-07-02 16:09:26 +08:00
Cheng-Han, Wu 558304ff62 Update to support new metadata: title, description, tags and google-analytics (GA) and refactor render publish slide response function 2016-06-21 21:42:03 +08:00
Cheng-Han, Wu ad6982e77e Remove robot meta on note edit page and html template, add prevent crawling header to enhance note privacy 2016-06-21 21:37:56 +08:00
Cheng-Han, Wu a125f80535 Fix pdf tmp path is missing a folder slash before timestamp 2016-06-17 16:33:58 +08:00
Cheng-Han, Wu 8e351e7e33 Add revision api 2016-06-17 16:11:14 +08:00
Cheng-Han, Wu 16990e35a2 Update slide template using ejs instead of mustache to reduce similar package dependency 2016-05-29 17:54:24 +08:00
Cheng-Han, Wu 6405bb5056 Add support of google signin 2016-05-21 22:48:00 +08:00
Cheng-Han, Wu eb5873a94d Update to move gitlab api path to sub path and fix its find user method for PR #121 2016-05-16 18:16:45 +08:00
Cheng-Han, Wu 93c6205aa6 Fix merge conflicts 2016-05-15 11:17:02 +08:00
Cheng-Han, Wu 8a01b7242c Merge branch 'gitlab_snippets' of https://github.com/jccrofty30/hackmd into jccrofty30-gitlab_snippets
# Conflicts:
#	lib/response.js
2016-05-15 11:02:15 +08:00
Cheng-Han, Wu 73835763c6 Merge PR #118 2016-05-15 10:58:41 +08:00
Cheng-Han, Wu a70ebf7762 Update to move dropbox app key setting to common.js and will auto load client-side related scripts 2016-05-15 10:54:24 +08:00
Jason Croft a3876dfc92 Start extending to support GitLab authentication.
Add necessary dependency.
Add baseURL parameter for self-hosted GitLab
Add necessary require.
Add block for GitLab auth.
Fix typo
Update font-awesome dependency for GitLab icon.
Use a color closer to GitLab orange.
More direct TODO
2016-05-11 21:02:53 -04:00
Jason Croft 17daf32239 Remove skeleton functions 2016-05-11 17:04:55 -04:00
Jason Croft 521f96fb11 Skeletons for GitLab actions. 2016-05-09 17:07:23 -04:00
Jason Croft 079822dfec Start extending to support GitLab authentication.
Add necessary dependency.
Add baseURL parameter for self-hosted GitLab
Add necessary require.
Add block for GitLab auth.
Fix typo
Update font-awesome dependency for GitLab icon.
Use a color closer to GitLab orange.
More direct TODO
2016-05-09 16:27:35 -04:00
Jannik Lorenz 404e44649f
Fix error page (missing googleDrive config) 2016-04-23 14:15:24 +02:00
Jannik Lorenz d7648e9cea
Hide Dropbox and Google Drive in Import/ Export when disabled 2016-04-23 12:58:24 +02:00
Cheng-Han, Wu 49b51e478f Refactor server with Sequelize ORM, refactor server configs, now will show note status (created or updated) and support docs (note alias) 2016-04-20 18:03:55 +08:00
Cheng-Han, Wu b6ca50072e Updated to add headers to prevent search engine crawl some unnecessary paths 2016-03-15 10:54:21 +08:00
Cheng-Han, Wu 845ef9bad6 Support export to and import from Google Drive 2016-03-04 23:17:35 +08:00
Cheng-Han, Wu c183002c14 Fixed note title might get wrong 2016-03-04 23:12:03 +08:00
Cheng-Han, Wu b2b1be3dda Support set url path and use relative url, move raphael to bower and fixed minor issue in history 2016-02-16 20:08:44 -08:00
Cheng-Han, Wu 3f2f063e9b Fixed export gist title might null and fake referer that redirect to gist html_url 2016-02-16 19:54:29 -08:00
Cheng-Han, Wu 4c4a0e0f3f Fixed prevent XSS might break lots of tags and only need after rendered 2016-02-11 03:45:13 -06:00
Cheng-Han, Wu 6700f033ab Prevent XSS in markdown rendering 2016-02-11 02:36:52 -06:00
Cheng-Han, Wu 1fb42bd276 Updated to allow CORS in download as API 2016-02-01 00:41:28 -06:00
Cheng-Han, Wu ff2fc76491 Supported export to gist 2016-01-31 15:42:26 -06:00
Cheng-Han, Wu 16dcd27b78 Fixed potential bug in realtime startConnection and bugs in note findOrNewNote, response showNote 2016-01-20 23:20:50 -06:00
Wu Cheng-Han 49c7dded45 Added private permission and clean up codes, solved potential race condition in realtime.js 2016-01-17 09:51:27 -06:00
Wu Cheng-Han 2ecec3b59a Support show last change user with profile and support YAML config inside the note with robots, lang, dir, breaks options 2016-01-12 08:01:42 -06:00
Wu Cheng-Han f5010af4f1 Added 404 and 403 status on routes 2015-12-30 00:33:36 -05:00
Wu Cheng-Han 031c96c72d Updated slide mode 2015-12-18 09:40:52 -06:00
Wu Cheng-Han b070de8fa9 Updated and merge reveal.js to use bower 2015-11-29 01:04:20 -06:00
xnum f51b7370f0 Add Slide Mode
using reveal.js
and some part of reveal-md
2015-11-23 20:38:26 +08:00
Wu Cheng-Han 75ae505a15 Updated response.js, the render url now using config getserverurl() 2015-11-17 01:19:01 +08:00
Ikumi Shimizu 7fc7325f87 fixed a bug in response.js:useCdn 2015-09-23 10:25:42 +09:00
Wu Cheng-Han b6c758f2fc Added server option "useCdn", use template statement to route resources' source 2015-09-22 12:06:13 +08:00
Wu Cheng-Han 04eef71b11 Change note action "share" to "publish" to avoid misleading 2015-07-06 13:51:55 +08:00
Wu Cheng-Han 10c9811fc5 Jump to 0.3.1 2015-07-02 00:10:20 +08:00
Wu Cheng-Han 4e64583a0b Marked as 0.2.8 2015-05-15 12:58:13 +08:00
Wu Cheng-Han 4b0ca55eb7 First commit, version 0.2.7 2015-05-04 15:53:29 +08:00