Commit Graph

150 Commits

Author SHA1 Message Date
Raccoon f76f7509e4
fix: multiple errors by custom note url
1. revert config refactoring
2. custom note url -> note alias
3. handle error in promise catch
4. adjust modal style
5. return 404 in change note alias api when note not found

Signed-off-by: Raccoon <raccoon@hackmd.io>
2021-07-24 01:01:43 +08:00
Michal Kolodziejski 7d815cc90c Better redirection after a successful login
Signed-off-by: Michal Kolodziejski <michal.kolodziejski@cern.ch>
2020-10-17 12:57:23 +02:00
BoHong Li da3fd00577
refactor: change errorServiceUnavailable function signature to avoid parameter passing error
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-02-26 11:26:56 +08:00
BoHong Li 13ed2e6b44
refactor: change errorInternalError function signature to avoid parameter passing error
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-02-26 11:26:01 +08:00
BoHong Li 8787177991
refactor: change errorTooLong function signature to avoid parameter passing error
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-02-26 11:23:55 +08:00
BoHong Li 35a2135b36
refactor: change errorBadRequest function signature to avoid parameter passing error
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-02-26 11:22:59 +08:00
BoHong Li 09a353ffcc
refactor: change errorNotFound function signature to avoid parameter passing error
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-02-26 11:20:42 +08:00
BoHong Li 6b1ce381df
fix: change errorForbidden function signature, add req into function parameter
avoid incorrect function parameter passing

Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-02-26 11:13:45 +08:00
BoHong Li 57345b06f7
refactor: noteActions
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-01-06 14:19:03 +08:00
BoHong Li 82cade2b87
refactor: noteActions
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-01-06 14:19:03 +08:00
BoHong Li 7f9970449a
refactor: showPublishNote
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-01-06 14:19:03 +08:00
BoHong Li 66edff87c5
refactor: show note
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-01-06 14:19:03 +08:00
BoHong Li b4ec353fcd
refactor: remove web folder
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-01-06 14:19:02 +08:00
BoHong Li 68fcf35c70
feat: merge all route to single file
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2020-01-06 14:19:02 +08:00
kondouagi 0dfb8a320d feat: add syntax hilight on pdf
Signed-off-by: kondouagi <kondouagi@gmail.com>
2019-10-22 12:43:09 +09:00
BoHong Li 044b6b9422
refactor: fix lint
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-05 10:22:12 +08:00
BoHong Li 6c968f9622
fix: history api failed cause by circular dependency
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-05 10:04:15 +08:00
BoHong Li 534b916abb
refactor: fix lint on lib/response.js
Signed-off-by: BoHong Li <raccoon@hackmd.io>
2019-08-04 23:56:32 +08:00
BoHong Li 8c26107ab1
fix: lint
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-15 13:36:44 +08:00
Raccoon 43c0bff8c4
Merge pull request #1179 from cdancette/update-history-on-creation
Update history on note creation
2019-04-15 13:26:30 +08:00
BoHong Li 0883595e95
refactor: fix lint warning on lib/response.js
Signed-off-by: BoHong Li <a60814billy@gmail.com>
2019-04-12 18:00:52 +08:00
Corentin c078d2d304 Update history on note creation
Signed-off-by: Corentin <corentin@cdancette.fr>
2019-03-24 17:46:11 +01:00
toshi0123 6aab032709 Fix empty serverURL did not redirect properly
Signed-off-by: toshi0123 <7948737+toshi0123@users.noreply.github.com>
2019-03-04 13:59:14 +09:00
Sheogorath 4e81079050
Fix broken PDF export by wrong unlink call
We used `fs.unlink()` to remove the pdf file after we send it out to the
client. This breaks in Node 10, when no function as second parameter is
supplied.

This patches changes it to the `fs.unlinkSync` function that doesn't
have this requirement and this way doesn't crash.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2019-01-24 13:02:53 +01:00
Daan Sprenkels 4bd8d7eb91 Disallow creation of robots.txt in freeurl
Add a configuration setting to "hard"-disable creation of notes as
set by the configuration value. This defaults to `['robots.txt',
'favicon.ico']`, because these files are often accidentally created
by bots and browsers.

This commit fixes #1052.

Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
2018-11-17 13:23:03 +01:00
Christoph (Sheogorath) Kern 54d3d930cf
Merge pull request #1027 from asg017/master
Add download action to published notes
2018-11-12 22:11:44 +01:00
Claudius 44ffc564da removing global site layout vars from individual routers, putting them into app.local
Signed-off-by: Claudius <opensource@amenthes.de>
2018-11-03 00:52:48 +01:00
Alex Garcia fcf08f89c3 forgot break statement
Signed-off-by: Alex Garcia <alexsebastian.garcia@gmail.com>
2018-10-27 17:54:01 -07:00
Alex Garcia 5b789025f3 Add download action to published notes
Signed-off-by: Alex Garcia <alexsebastian.garcia@gmail.com>
2018-10-27 16:55:14 -07:00
Cédric Couralet d7987def7f Fix #1001: get only project user is member of (and return max of results)
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
2018-10-09 07:04:04 +00:00
Sheogorath 9f9c4089be
Add OpenID to CodiMD
With OpenID every OpenID capable provider can provide authentication for
users of a CodiMD instance. This means we have federated
authentication.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-05 22:43:32 +02:00
Christoph (Sheogorath) Kern 32af96aa37
Merge pull request #940 from WilliButz/fix-configurable-paths
enhance configurabiltiy of paths & make execution path-independent
2018-10-05 22:21:01 +02:00
Sheogorath c03b42d5d4
Fix little bug in length limit
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-09-28 00:17:43 +02:00
Claudius bb80bc2292
removing superfluous config parameters for template files
Signed-off-by: Claudius <opensource@amenthes.de>
2018-09-26 21:01:15 +02:00
Sheogorath 353642c870
Fix document length limit on post
We recently introduced a new way to create notes using a post requeest
to the `/new` endpoint. This is not limited in size, other than pasting
a note in the editor. This patch should enforce this limit also on this
way.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-09-26 16:08:24 +02:00
Sheogorath 6fdb9eea46
Fix server crash on PDF creation
`markdown-pdf` seems to fail to provide the PDFs on tmpfs. This leads
crashing codimd which expects the file to be there. This patch should
add some proper error handling when expectation and reality don't fit
together.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-09-24 20:25:25 +02:00
Cédric Couralet 66d374b128 Add possibility to choose between version v3 or v4 for the gitlab api.
Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility)

Default gitlab api version to v4

Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
2018-07-31 08:36:56 +00:00
Sheogorath 2184491f4a
Final replacements
Looks like I missed a few. This should be complete now. And make us
ready for the repo rename and merging.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 14:13:46 +02:00
Sheogorath a762928e97
Do final internal renameing
A little minor change, by moving the CodiMD version header in its own
middleware. Should simplify to determine the version number of the
Backend in future.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 14:05:41 +02:00
Sheogorath 23c33c0c04
Rename HackMD view to CodiMD
Even when it looks a bit weird in first place to rename all internals
step by step, it makes sense to do so, because we run into confusion
afterwards.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:40:18 +02:00
Christoph (Sheogorath) Kern cfdfafdb79
Merge pull request #856 from hackmdio/fix/lineEndings
Fix possible line-ending issues for init note
2018-06-24 01:57:47 +02:00
Sheogorath f69e77de42
Fix broken images in PDF caused by misconfigred server URL
As it turns out, if the serverURL can't be generated correctly, HackMD
will use relative paths in image upload. This causes broken links in
PDF.

With this commit we force absolute links during PDF creation which
hopefully fixes the problem.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 01:00:29 +02:00
Sheogorath b7b621822c
Fix possible line-ending issues for init note
By uploading a malicous note currently it is possible to prevent this
note from being edited. This happens when using Windows line endings.

With this commit we remove all `\r` characters from the notes and this
way prevent this problem.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 00:32:50 +02:00
Christoph (Sheogorath) Kern 56d78a7d6c
Merge pull request #830 from SISheogorath/feature/GDPR
GDPR compliant part 1
2018-06-17 23:33:57 +02:00
Christoph (Sheogorath) Kern 551840ad57
Merge pull request #784 from pferreir/add-oauth2-support
Add "generic" OAuth2 support
2018-06-04 15:54:47 +02:00
Christoph (Sheogorath) Kern 12ab90020a
Merge pull request #785 from pferreir/redirect-to-login
403: Redirect user to login page if not logged in
2018-05-31 12:16:11 +02:00
Sheogorath 70df29790a
Add token based security feature
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.

We can add a GUI that shows it later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 18:26:06 +02:00
Sheogorath 41a36e2e18
Add privacy and ToS links
To be GDPR compliant we need to provide privacy statement. These should
be linked on the index page. So as soon as a document exist under
`public/docs/privacy.md` the link will show up.

Since we already add legal links, we also add Terms of Use, which will
show up as soon as `public/docs/terms-of-use.md` exists.

This should allow everyone to provide the legal documents they need for
GDPR and other privacy and business laws.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-24 18:10:36 +02:00
Sheogorath 2492cf2cdf
Fix typos for `allowAnonymousEdits`
Looks like we lost some variables during the refactoring of the configs
to camel case.

This should fix it.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-10 14:40:27 +02:00
Sheogorath d939de17df
Fix CSP for disqus and Google Analytics
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.

Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.

They are enabled by default to prevent breaking changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 16:33:52 +02:00