status-im
/
codimd
mirror of https://github.com/status-im/codimd.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
2,714 Commits 23 Branches 35 Tags 26 MiB
Commit Graph

202 Commits

Author SHA1 Message Date
Max Wu fbb18b6e0a Fix stored XSS in the graphviz error message rendering [Security Issue] 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2019-04-14 12:12:02 -04:00
BoHong Li d387cac690
refactor: fix lint warning on public/js/extra.js 
Signed-off-by: BoHong Li <a60814billy@gmail.com>
 2019-04-12 18:00:25 +08:00
BoHong Li 67707d097f
fix: remove string.js for sucurity issue 
1. Upgrade Imgur to fix npm install
2. Upgrade less version for security
3. Change package name in package.json to fit npm package.json rule

Signed-off-by: BoHong Li <a60814billy@gmail.com>
 2019-04-12 18:00:22 +08:00
Sheogorath 982775f6dc
Fix broken HTML export with emojis 
HTML export was broken due to missing alt-attribute for emojis.

This patch adds the old alt-element style and restores the exportability
this way.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-03-09 15:04:07 +01:00
Sheogorath c5ca7b634a
Remove broken speakerdeck embedding 
The current speakerdeck implementation is broken. An alternative
implementation using oembed doesn't work due to CORS, which could be
solved by proxying the speakerdeck API, but we decided to not do this.

This patch provides the link to the speakerdeck presentation instead,
and this way doesn't break existing notes. This is right now the best
solution we could come up with.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2019-02-21 01:26:37 +01:00
Sheogorath d6dd33620c
Fix wrong anchors 
While experimenting with the ToC changes, it became obvious that anchors
for those unnamed headers don't work.

This patch fixes those links by running the autolinkify twice and make
sure linkify only adds links to non-empty ids.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-11-19 20:20:56 +01:00
Sheogorath d188b3526a
Again: Replace emoji-plugin regex 
The Regex introduced in the last commit[1], was already working quite
good. But still resulted in false positives for all URL that contained a
second `:`.

To fix this once and for all, we craft a simple, but long regex based on
all emoji names and use this to match them.

We could probably optimize it, but that should also be something the
regex engine itself can and should do.

[1]: 7e45533c75 (in this source tree)

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-10-31 15:33:45 +01:00
Sheogorath 7e45533c75
Fix emoji regex 
The old regex, adapted from the other plugins, was a bit too open for
matching. This leads to matching something like: `This is a sentence:
[And something with a: in it.]()` which doesn't become a link anymore.
Because the match is: ` [And something with a`.

This patch provides a fix for the regex to only match non-space string
within the `:`'s.

References:
- Introducing commit:
2063eb8bdf
- Inspirational source of the original RegEx:
2063eb8bdf/public/js/extra.js (L1095)

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-10-29 20:37:47 +01:00
Christoph (Sheogorath) Kern e115423d12
Merge pull request #1006 from SISheogorath/fix/missingEmojis 
Fix not rendered autocomplete emojis
 2018-10-22 23:02:33 +02:00
Sheogorath 1d452a6ed4
Remove dead package octicon 
Octicon no longer provides its CSS classes and this way is useless in
CodiMD. Replacing all used classes in the UI and remove it from build
system.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-10-10 23:42:41 +02:00
Sheogorath 2063eb8bdf
Fix not rendered autocomplete emojis 
Currently we have some emojis that are autocompleted but won't show up
in the resulting document.

This patch adds all emojis that are pushed to Codemirror and applies
them to the markdown rendering process, so they become usable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-10-10 21:24:33 +02:00
Sheogorath 75a23fe2c9
Add rel="noopener" to target="_blank" links 
The noopener construct protects from some nasty clickjacking attacks. We
can apply them savely to all our links since we don't rely on the
previously used page.

Some more details: https://mathiasbynens.github.io/rel-noopener/

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-10-04 01:49:36 +02:00
Sheogorath 4b060c7dba
Rebrand HackMD to CodiMD 
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2018-06-24 13:24:12 +02:00
Max Wu a9c88ce248
Fix task todo might not toggle 
which caused by not matching syntax with double dashes correctly
 2018-01-24 00:10:52 +08:00
Wu Cheng-Han 3703b12584 Fix image alt not render properly 2018-01-19 00:53:49 +08:00
Max Wu 919b7467d4
Fix anchor id to keep uppercase characters 
id shouldn’t be converted to lowercase since id attribute is case sensitive
 2018-01-16 15:59:43 +08:00
Sheogorath e807f1b783
Fix mermaid error handling 2017-10-30 12:26:28 +01:00
Sheogorath 09d2ba41cf
Use mermaidAPI in mermaid scope 
Introduced by a5b7145527 (diff-67ae90c5144c55348a3cbdb078240454L532)

Fixes #600

Parse only throws error: 167368d508 (diff-67ae90c5144c55348a3cbdb078240454)
 2017-10-30 07:11:14 +01:00
Yukai Huang 60b86e0250 Fix markdown-it gist plugin code closing tag 
fix #596
 2017-10-21 11:45:17 +08:00
Wu Cheng-Han d96385eafd Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] 2017-10-05 10:17:26 +08:00
Wu Cheng-Han b0b417cefc Fix unescape > symbol inside the style tags to make the CSS works 2017-10-05 09:59:57 +08:00
BoHong Li 8c2b00b05a style: Fixed variable already declared 2017-05-08 19:29:07 +08:00
Wu Cheng-Han e32dd547b4 Update to support code block syntax highlighting of gherkin 2017-05-05 18:03:23 +08:00
Yukai Huang b711ecfadb Drop global variable ui exposing 2017-03-28 19:30:06 +08:00
Wu Cheng-Han b2985085d0 Update to change makefile syntax highlighting to Prism 2017-03-26 23:09:13 +08:00
Wu Cheng-Han 961d3fab1c Fix code style 2017-03-26 20:45:23 +08:00
Wu Cheng-Han 61dc6dbc15 Add support of abcjs 2017-03-26 20:39:07 +08:00
Wu Cheng-Han 802ed406e6 Fix todo list item class might add in wrong element 2017-03-22 15:42:38 +08:00
Wu Cheng-Han 9ff3649025 Fix unnecessary global calling of ownerui 2017-03-22 15:42:11 +08:00
Wu Cheng-Han 2fa51fb4ba Fix export html to replace fallen cdn tortue.me to cdnjs 2017-03-14 16:37:38 +08:00
Wu Cheng-Han f491cdabc1 Fix rendering might result XSS attribute on self closing tag [Security Issue] 2017-03-14 16:27:55 +08:00
BoHong Li 5bc642d02e Use JavaScript Standard Style (part 2) 
Fixed all fail on frontend code.
 2017-03-09 02:41:05 +08:00
Wu Cheng-Han 1a617ddf2e Fix duplicated headers anchor link not been updated properly 2017-02-03 22:02:12 +08:00
Wu Cheng-Han 7863eec366 Fix "[object HTMLCollection] is not iterable!" error in some browsers 2017-02-03 22:01:30 +08:00
Max Wu a261c8e812 Merge pull request #341 from nvsofts/fix_bom_utf8 
Removed UTF-8 BOM in download function
 2017-02-03 18:28:05 +08:00
NV 5a212b9335 Removed UTF-8 BOM in download function 2017-02-03 17:35:49 +09:00
Wu Cheng-Han 3df5507589 Upgrade viz.js to fix manual workaround and get smaller file size 2017-02-02 23:27:34 +08:00
Yukai Huang 0fca629c34 Rename common.js to login.js 2017-01-13 23:06:31 +08:00
Yukai Huang 3566d71aea Merge branch 'master' into frontend-next 2017-01-07 00:05:15 +08:00
Yukai Huang 47d7ff2561 Convert extra.js to es6 2017-01-05 17:52:32 +08:00
Wu Cheng-Han eaf9218f61 Update to show yaml-metadata and diagram parsing error in the view 2017-01-04 23:59:28 +08:00
Wu Cheng-Han 08b04e9528 Workaround that graphviz might not recover from error 2017-01-04 23:59:12 +08:00
Wu Cheng-Han 418a852cc4 Fix mathjax not able to render issue 2016-12-20 03:05:59 +08:00
Wu Cheng-Han c8d37dd192 Update to handle graphviz output empty graph 2016-12-19 16:53:54 +08:00
Wu Cheng-Han 92f2a4acf0 Remove unused vendor code and add fix related usages 2016-12-19 16:28:59 +08:00
Wu Cheng-Han 46752194e4 Update to make TOC syntax be case-insensitive 2016-12-12 10:49:23 +08:00
Wu Cheng-Han ead48e45e0 Fix header id and text might affects by mathjax tags 2016-11-28 22:15:07 +08:00
Wu Cheng-Han de2067f7e8 Update to support typescript and jsx syntax highlighting 2016-11-28 18:34:08 +08:00
Wu Cheng-Han 5287d46931 Optimize hackmd resource packing and load orders 2016-11-26 23:18:51 +08:00
Wu Cheng-Han b43e63dd21 Update to support go in code block syntax highlighting 2016-11-26 22:48:20 +08:00
Wu Cheng-Han 80ee507951 Fix mathjax with blockquote might have race condition 2016-11-18 12:19:05 +08:00
Wu Cheng-Han 09e6596074 Update to support haskell syntax highlighting in code block 2016-11-18 12:17:37 +08:00
Wu Cheng-Han 793aef0e2e Fix syntax highlighting not apply correctly in slides 2016-11-07 21:27:58 +08:00
Yukai Huang f1f8846b0a Config extra entry for html.min.css 2016-11-02 18:01:26 +08:00
Wu Cheng-Han 25fa503981 Fix viewAjaxCallback might be called on null 2016-11-01 15:04:48 +08:00
Wu Cheng-Han a8bce53c47 Fix viewAjaxCallback not able to be assigned 2016-10-29 23:33:58 +08:00
Wu Cheng-Han a563a15bab Fix generateCleanHTML not remove smoothhashscroll attribute properly 2016-10-29 23:33:16 +08:00
Wu Cheng-Han dae141a9d3 Fix possible unclose HTML and leaked html tags when fail to parse diagrams 2016-10-26 01:30:17 +08:00
Wu Cheng-Han 5ad7d61499 Fix passing markdown-it-emoji incorrect parameter type 2016-10-23 16:46:34 +08:00
Wu Cheng-Han 67786a8aab Fix code block syntax highlighting might not process properly because the HTML is escaped 2016-10-23 16:30:09 +08:00
Wu Cheng-Han 27bc94744d Fix index.js isValidURL is not defined error 2016-10-22 15:48:28 +08:00
Wu Cheng-Han 7ebc84bec0 Try to remove unused front-end dependency 2016-10-19 22:14:32 +08:00
Wu Cheng-Han d70d0318e5 Fix to use bower version emojify.js 2016-10-19 22:12:12 +08:00
Wu Cheng-Han 5640de8c77 Update to make history not depends on extra 2016-10-19 22:10:33 +08:00
Wu Cheng-Han d44e830366 Update emoji parser using markdown-it-emoji instead of emojify to solve issue #217 2016-10-18 16:50:58 +08:00
Wu Cheng-Han eb724b05a7 Optimize finishView selector performance by avoid using universal selector, fix finishView code indentation and remove empty line 2016-10-18 12:15:35 +08:00
Wu Cheng-Han 843f025cb5 Fix finishView mermaid might select and replace whole markdown-body issue 2016-10-18 12:14:17 +08:00
Wu Cheng-Han e311a1f620 Fix code block which in deeper level will not be parsed issue 2016-10-18 00:14:50 +08:00
Wu Cheng-Han 70a52e2eae Remove auto linkify image since it might print out unwanted url and it can be achieved by reference syntax, issue #214 2016-10-17 18:03:26 +08:00
Wu Cheng-Han fe912f73ec Fix code block highlighting html not escaped when no languages specified 2016-10-17 17:54:58 +08:00
Wu Cheng-Han 211d25253e Update to support wrap syntax for code block 2016-10-14 17:35:35 +08:00
Yukai Huang b5f42807b9 Fix ownership display 2016-10-13 23:29:25 +08:00
Yukai Huang ae3e1b972b Fix spellcheck 
* also fix spaces width
 2016-10-13 16:41:20 +08:00
Yukai Huang 747502e694 Fix HTML exporting 2016-10-13 16:35:43 +08:00
Yukai Huang f4f2497d23 Expose parseMeta function 2016-10-13 15:59:22 +08:00
Yukai Huang 440ad3506c Fix lastchangeui and moment timestamps 2016-10-13 15:13:03 +08:00
Yukai Huang 43c9f68b9a Refactor webpack module 2016-10-13 08:56:56 +08:00
Yukai Huang b90c26fe90 Config CDN for viz.js 2016-10-13 08:56:02 +08:00
Yukai Huang 895bf98b03 Load custom markdown-it-regex plugin with script-loader 2016-10-12 14:37:32 +08:00
Yukai Huang b73fcfc5c9 Revert 56c5378 
viz.js still has problem with split chunk
 2016-10-12 14:37:05 +08:00
Yukai Huang 4a6a69e7bc Fix module export 2016-10-11 21:22:05 +08:00
Yukai Huang 6e651c8108 Merge branch 'master' into webpack-frontend 2016-10-11 18:40:23 +08:00
Yukai Huang 4a6903c91b Revert customized markdown-it-mathjax plugin 2016-10-11 17:53:46 +08:00
Yukai Huang 56c5378939 Optimize viz.js async rendering through webpack chunk 2016-10-11 17:15:06 +08:00
Yukai Huang 06437ccaa9 Manage more packages with npm and webpack 2016-10-11 14:52:45 +08:00
Wu Cheng-Han 1d1eedce7e Improve syntax highlighting performance by moving it to finish view 2016-10-10 20:45:49 +08:00
Wu Cheng-Han 3175616573 Update to support showing owner on the infobar 2016-10-10 20:32:20 +08:00
Yukai Huang e10203b7e9 More function expose workaround for reveal-markdown.js 2016-10-10 08:24:58 +08:00
Yukai Huang 28858288fb Fix more js errors 2016-10-09 17:55:07 +08:00
Yukai Huang 196d546f7e Fix pdfobject require 2016-10-09 10:51:39 +08:00
Yukai Huang 963a435ae1 Resolve dependency module requiring 
* es5 style module exports
* remove script tag require
* webpack config ProvidePlugin

Note that this commit only fix JavaScript module loading runtime error.
 2016-10-08 20:02:30 +08:00
Wu Cheng-Han 23008bc1e1 Update to support wiki markup syntax highlighting in view using prism 2016-09-18 16:42:27 +08:00
Wu Cheng-Han b708a72873 Fix the element selector in smoothHashScroll might contain special characters and cause the Syntax error 2016-09-18 16:28:07 +08:00
Wu Cheng-Han b4ad011dc1 Fix toc id naming to avoid overlap with user toc 2016-08-15 11:27:32 +08:00
Wu Cheng-Han e08152ed03 Update toc styles to make toc menu always accessible without scrolling 2016-08-14 11:24:04 +08:00
Wu Cheng-Han b6aa045997 Update to add expand and collapse toggle for TOC, keep showing second level TOC if there is only one first level TOC 2016-08-02 10:54:03 +08:00
Wu Cheng-Han e8f59c1df8 Update to add viewAjaxCallback on every parts that use ajax loading 2016-07-02 16:16:22 +08:00
Wu Cheng-Han 160b51d16a Update to prevent mermaid start on load 2016-07-02 16:03:00 +08:00
Cheng-Han, Wu 6577313925 Remove metadata spellcheck support 2016-06-21 21:44:26 +08:00
Cheng-Han, Wu 3424cdd771 Add support of embed pdf 2016-06-21 21:44:06 +08:00