Commit Graph

1691 Commits

Author SHA1 Message Date
Literallie af935e46fc
Externalise trivial inline styles from slide.ejs
Dynamic background images need some further work
2017-10-23 23:39:18 +02:00
Sheogorath c794412714 Merge pull request #591 from Rwing/master
support Simplified Chinese and rename original zh to Traditional Chinese
2017-10-23 11:53:31 +02:00
Rwing 362a7eaf65 support Simplified Chinese and rename original zh to Traditional Chinese 2017-10-23 17:38:04 +08:00
Literallie 567f26f5b9
Fix MathJax config not being picked up
thanks standard
2017-10-22 02:48:24 +02:00
Literallie 04f5e3a341
Move CSP logic to new file, Fix boolean config examples
Not sure why I was quoting these in the first place
2017-10-22 02:18:45 +02:00
Literallie e5f03fe135
Add dirty workaround for speakers view inline script 2017-10-22 00:03:46 +02:00
Literallie 2b2b8d6d1d
Allow any connect-src in CSP
Managing these for all the integrations seems like a lot of effort
2017-10-22 00:03:46 +02:00
Literallie d51da8c12c
Don't add nonce to CSP if unsafe-inline is on
Browsers ignore unsafe-inline if a nonce is sent
2017-10-22 00:03:46 +02:00
Literallie 91101c856c
Change CSP config format to be more intuitive 2017-10-22 00:03:46 +02:00
Literallie 5b83deb043
Load js-url lib using legacy-loader
Doesn't use eval, plus no window object access
2017-10-22 00:03:45 +02:00
Literallie 996cb37991
CSP: Workaround for ws:// protocol
The spec allows wss:// for 'self', but not ws:// :(
2017-10-22 00:03:45 +02:00
Literallie 0cbdc852cb
CSP: Allow more content types 2017-10-22 00:03:45 +02:00
Literallie 4238b9b3ef
Fix MathJax CSP issues 2017-10-22 00:03:45 +02:00
Literallie 080436aebb
CSP: Add nonce to slide view inline JS 2017-10-22 00:03:45 +02:00
Literallie 5d2d3ec875
CSP: Upgrade insecure requests if possible
Config option; default is to only upgrade if usessl
2017-10-22 00:03:45 +02:00
Literallie ba183ce654
Add basic CSP support 2017-10-22 00:03:44 +02:00
Sheogorath a23048254d Merge pull request #597 from hackmdio/fix-gist-tag-structure
Fix markdown-it gist plugin code closing tag

Fix #596
2017-10-21 14:30:09 +02:00
Yukai Huang 60b86e0250 Fix markdown-it gist plugin code closing tag
fix #596
2017-10-21 11:45:17 +08:00
Sheogorath 92b769fb26 Merge pull request #595 from geekyd/swap
Hides empty export section
2017-10-19 15:04:27 +02:00
Sheogorath 053e616be5 Merge pull request #586 from PeterDaveHello/jsonlint
Add jsonlint script to ensure all json files are valid
2017-10-18 01:18:21 +02:00
geekyd 80fb91976e Hides empty export section 2017-10-18 03:34:45 +05:30
Sheogorath 80f1c8197a Merge pull request #593 from felixonmars/patch-1
Fix a typo in README.md
2017-10-17 20:01:37 +02:00
Felix Yan b72556b915 Fix a typo in README.md 2017-10-17 23:48:33 +08:00
Claudius Coenen cc49ce55c8 Fix #521 by converting content fields to LONGTEXT in MySQL, to prevent truncation of data. 2017-10-16 10:13:11 +02:00
Sheogorath 5ce8f40eac Merge pull request #585 from xxyy/feature/hsts-cfg
Make HSTS Behaviour Configurable (Fixes #584)
2017-10-14 18:02:41 +02:00
James 76ffd398af Update en.json 2017-10-13 20:35:57 -04:00
James 2550541b69 Update en.json 2017-10-13 20:35:00 -04:00
Sheogorath ec8936a9f1 Merge pull request #569 from SISheogorath/feature/extendedPermissionDocs
Provide table for permissions
2017-10-14 01:51:29 +02:00
Peter Dave Hello f70d2df1be Add jsonlint script to ensure all json files are valid 2017-10-14 00:19:32 +08:00
Peter Dave Hello 0864b06e0c Integrate npm package "doctoc" to update README.md 2017-10-13 16:21:25 +08:00
Peter Dave Hello 6fadd9126e Add "Table of Contents" in README.md 2017-10-13 15:59:57 +08:00
Peter Dave Hello 4ebda60165 Reorganize README.md structure, cc #574 2017-10-13 15:57:58 +08:00
Literallie 6bdc90d6ff
Add env vars for extra HSTS options 2017-10-13 01:42:05 +02:00
Literallie 1634d5c567
Add on/off env var for HSTS 2017-10-13 01:42:05 +02:00
Literallie 56411ca0e1
Make HSTS behaviour configurable; Fixes #584 2017-10-13 01:42:05 +02:00
Wu Cheng-Han bee5e2a558 Update license field in package.json 2017-10-13 01:56:13 +08:00
Sheogorath f93a14e3e1 Fix LDAP problem about missing uidNumber
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 14:52:28 +02:00
Sheogorath a16bde70be Provide table for permissions
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 11:05:22 +02:00
Sheogorath 53c2d0b5ca Merge pull request #581 from SISheogorath/fix/HMD_URL_ADDPORT
Fix missing boolean setting for HMD_URL_ADDPORT
2017-10-12 00:01:27 +02:00
Sheogorath 89c60d1331
Fix missing boolean setting for HMD_URL_ADDPORT
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-11 23:13:22 +02:00
Wu Cheng-Han da5026859d Update contributing guide for signed-off and DCO 2017-10-12 02:07:03 +08:00
Wu Cheng-Han 45717da98d Fix typo 2017-10-12 02:06:08 +08:00
Wu Cheng-Han 8086cdb749 Change license from MIT to AGPLv3 2017-10-12 01:45:57 +08:00
Wu Cheng-Han 81af737ce6 Update authors list and add contributors file 2017-10-12 01:45:17 +08:00
Wu Cheng-Han 4e94f44a12 Add sign you work section in contributing and DCO 2017-10-12 01:44:55 +08:00
Sheogorath 8b65d7df1a Merge pull request #575 from PeterDaveHello/fix.travis.yml
Remove duplicated nodejs version in .travis.yml
2017-10-11 10:23:30 +02:00
Sheogorath 4dd60cee50 Merge pull request #566 from ccoenen/fix-mysql-revision-order
createdAt DESC with quotation marks did not work with MySQL fixes #565
2017-10-11 01:08:16 +02:00
Claudius Coenen 87ac05738f Merge pull request #573 from PeterDaveHello/add-version-badge
Add version badge in README.md
2017-10-10 23:45:50 +02:00
Sheogorath 11133c3cec Merge pull request #571 from SISheogorath/fix/shellcheck
Prevent argument breaking by spaces
2017-10-10 23:28:16 +02:00
Peter Dave Hello 711c38403d Remove duplicated nodejs version in .travis.yml
lts/boron is v6
2017-10-11 00:16:11 +08:00