a41c4db0c2
fix: S3 client config passing for image upload
...
ref issue: https://github.com/aws/aws-sdk-js-v3/issues/1396
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2021-05-13 19:03:25 +08:00
54f6e55b71
Merge pull request #1679 from hackmdio/bugfix/fix-no-referrer-for-return-url
...
Handle when request url has no valid referer
2021-05-13 12:56:42 +08:00
db5fc5075a
fix: avoid append zero suffix on exporting user data
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2021-05-13 11:57:13 +08:00
5e709653ab
fix: handle when request url has no valid referer
...
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2021-05-13 11:53:03 +08:00
6585976e4d
Merge pull request #1588 from tamo/google-oauth-verified
2021-05-11 17:41:33 +08:00
ee1230b6f4
Merge pull request #1532 from freitagsrunde/feature/customTocLevel
...
Set TOC depth freely for every note by using YAML metadata or an option within `[toc]`
2021-05-11 17:30:31 +08:00
98bf5a6148
Fix async series been interrupted by parse alias
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2021-05-11 16:51:27 +08:00
0c3171b17d
Merge pull request #1570 from hackmdio/bugfix/update-history-usage
...
Use encoded noteId when calling updateHistory
2021-05-11 16:27:50 +08:00
ab58cd45b4
Use encoded noteId in updateHistory call
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2021-05-11 16:21:46 +08:00
965cca9d39
fix: lint
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-04-28 17:37:43 +08:00
20b10b7bb7
refactor: beforeCreate and parseNoteId
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-04-27 19:25:46 +08:00
d3bbdfc7d3
fix: can traversal any md files
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-04-27 18:25:06 +08:00
bf5325b37f
Merge pull request #1609 from mic4ael/return-to-note-on-login
...
Better redirection after a successful login
2021-04-16 12:20:09 +08:00
dc37e5df63
Better update of the authorship of anonymous users
...
Co-authored-by: Yukai Huang <yukaihuangtw@gmail.com>
Signed-off-by: Giuseppe Lo Presti <giuseppe.lopresti@cern.ch>
2021-03-18 09:13:22 +01:00
c9399f33d1
Support anonymous updates via API if allowAnonymousEdits is true
...
Signed-off-by: Giuseppe Lo Presti <giuseppe.lopresti@cern.ch>
2021-03-09 12:32:54 +01:00
de0f4588ac
Fix getImageMimeType mime usage
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 22:16:28 +08:00
c9e23985d3
Check image type from file extension
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 15:46:19 +08:00
e19e6642fb
Allow bmp/tiff image to be uploaded
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 15:45:49 +08:00
c1a22a5318
Replace hard coded impl in getImageMimeType
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-23 15:43:14 +08:00
7a88f9d95a
Check upload image mime type
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-12-22 16:48:13 +08:00
7d815cc90c
Better redirection after a successful login
...
Signed-off-by: Michal Kolodziejski <michal.kolodziejski@cern.ch>
2020-10-17 12:57:23 +02:00
f42d1c3e3e
Add privacyPolicyURL (CMD_PRIVACY_POLICY_URL)
...
If you use Google OAuth, you need to add Privacy Policy to the top.
https://support.google.com/cloud/answer/9110914#all-apps-zippy
https://github.com/hackmdio/codimd/issues/1582#issuecomment-682270394
Signed-off-by: Tamotsu Takahashi <ttakah@gmail.com>
2020-09-01 20:54:08 +09:00
ab0ac83582
Fix updateHistory parameter
...
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
2020-08-12 18:10:39 +08:00
4792908169
Fix linter
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-08-04 17:11:09 +08:00
e7a4996cbe
Update note title and history in update api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-08-04 16:48:33 +08:00
091c77bdb1
Refactor, change response type to json in update-api user online checking
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-30 18:56:57 +08:00
04fe74d520
Refactor, use body parser, adjust update api content column
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-30 18:14:10 +08:00
53526c154a
Check online users, update authorships, save revisions in update note content API
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
96f8f06b00
Disconnect online users by delete API
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
b3cf98b329
Fix linter
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
b597dc9811
Add update note api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
66d53956c4
Add delete note api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-27 18:01:10 +08:00
8e72eb5aca
Merge pull request #1548 from hackmdio/feature/list-my-note-api
...
List-my-note API
2020-07-15 17:13:35 +08:00
03bc329b3f
Fix linter
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-14 17:34:32 +08:00
a22cf73f60
Refactor, variable naming and myNoteList mapping
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-14 17:34:32 +08:00
dcf48e749e
Update route of list-my-notes api
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-14 17:34:32 +08:00
3438c5701b
removed default value for toc depth
...
seems to be set elsewhere
Co-authored-by: Yukai Huang <yukaihuangtw@gmail.com>
Signed-off-by: Gereon Dusella <git@gereondusella.de>
2020-07-13 11:04:46 +02:00
91fb54539a
Merge pull request #1546 from schokotets/develop
...
feature: pass-through yaml metadata image to html meta tag
2020-07-10 10:33:55 +08:00
3e09c7a21f
Merge pull request #1505 from daniele-athome/pr/feature/tags-array
...
Use array for tags when available (close #1496 )
2020-07-09 15:50:57 +08:00
07f32f5bbf
Fix standard
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-01 11:42:28 +08:00
2973bfbceb
Add list-my-note API
...
Signed-off-by: James Tsai <jamesscamel@gmail.com>
2020-07-01 11:42:28 +08:00
2c9f73cfb2
feature: pass-through yaml metadata image to html meta tag
...
Signed-off-by: schokotets <moritzleni@gmail.com>
2020-06-27 17:22:11 +02:00
1248bc9cd4
added default value `3` to CMD_DEFAULT_TOC_DEPTH
...
Signed-off-by: Gereon Dusella <git@gereondusella.de>
2020-06-03 20:17:06 +02:00
56e01fa76e
added an Environment Variable `CMD_DEFAULT_TOC_DEPTH` to set default toc depth
...
Signed-off-by: Gereon Dusella <git@gereondusella.de>
2020-06-03 17:38:28 +02:00
8b67d6916d
fix: improve image upload to filesystem may caused app crash
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-31 00:41:01 +08:00
ac6021a579
fix: returning 500 when getStatus failed
...
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 03:25:57 +08:00
a3742e4564
fix: getStatus should reject promise
...
1. reject promise when getStatus failed
2. change to use promise-way call getStatus in debug message
Signed-off-by: Raccoon <raccoon@hackmd.io>
2020-05-17 03:25:20 +08:00
54ab0a08de
Merge pull request #1512 from stregouet/oauth2-state
...
fix: add state parameter for oauth2
2020-05-13 16:26:26 +08:00
20bacfbaf1
Merge pull request #1507 from tarlety/feature-metrics-merge-develop
...
Exporting metrics for node.js, express, router, and codimd realtime status.
2020-05-13 16:25:38 +08:00
6ff6d215ab
fix: add state parameter for oauth2
...
state parameter is recommended with oauth2 authentification
to mitigate CSRF attacks (see [1]).
hydra [2] will throw the following error message if state is
missing:
description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request
parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy."
[1]: https://auth0.com/docs/protocols/oauth2/oauth-state
[2]: https://www.ory.sh/hydra/
Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>
2020-05-11 15:59:49 +02:00
Max Wu
Raccoon
Yukai Huang
Giuseppe Lo Presti
Michal Kolodziejski
Tamotsu Takahashi
James Tsai
gereon
schokotets
Gereon Dusella
Samuel Trégouët