status-im/codimd
2
0
Fork 0
mirror of https://github.com/status-im/codimd.git synced 2025-01-12 18:34:30 +00:00
Code Issues Projects Releases Wiki Activity
2,952 Commits 23 Branches 35 Tags 26 MiB
Commit Graph

2952 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yukai Huang
0fb184c2d8
Merge branch 'master' into develop 2021-01-26 01:58:26 +08:00
Yukai Huang
452f9ac124
Merge pull request #1650 from hackmdio/bugfix/fix-reveal-markdown-stored-xss 
Fix slide mode stored XSS
 2021-01-25 16:50:23 +08:00
Yukai Huang
5b4c7ef4bb
Merge pull request #1651 from hackmdio/bugfix/fix-pdf-embed-freeze-on-safari-big-sur 
fix: avoid insert embed tag on the main thread which cause Safari on Big Sur freezing
 2021-01-25 15:00:57 +08:00
Yukai Huang
14e93fdb24
Merge pull request #1652 from hackmdio/bugfix/fix-vimeo-jsonp-callback 
fix: vimeo won't show up due to the jsonp callback data unable be parsed with jQuery
 2021-01-25 15:00:40 +08:00
Max Wu
c1a1290717
Merge pull request #1653 from hackmdio/fix/feature-section-slide-mode-link-broken 2021-01-22 15:45:14 +08:00
Raccoon
d74d30cc37
fix: feature section slide mode link broken 
Signed-off-by: Raccoon <raccoon@hackmd.io>
 2021-01-22 15:29:08 +08:00
Max Wu
2b9affbc08 fix: code style 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2021-01-21 14:35:16 +08:00
Max Wu
47bab4266b fix: vimeo won't show up due to the jsonp callback data unable be parsed with jQuery 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2021-01-21 14:35:16 +08:00
Max Wu
250dba3ffd fix: typo 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2021-01-21 14:23:45 +08:00
Max Wu
a1e3768f98 fix: avoid insert embed tag on the main thread which cause Safari on Big Sur freezing 
upgrade pdfobject to version 2.2.4

Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2021-01-21 14:23:45 +08:00
Max Wu
c47f0f0c71 fix: remove reveal options of dependencies which allow import user defined resources [Security Issue] 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2021-01-21 13:24:48 +08:00
Max Wu
9291a7670a fix: properly escape reveal markdown script tag with case-insensitive regex [Security Issue] 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2021-01-21 13:24:48 +08:00
Yukai Huang
0963fa9525
Merge pull request #1646 from hackmdio/release/2.3.2 
Release 2.3.2
2.3.2 		2021-01-04 17:57:03 +08:00
Yukai Huang
534b2c61b9
Bump package/package.lock version 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2021-01-04 17:45:40 +08:00
Yukai Huang
3273a50f64 Merge branch 'master' into develop 2021-01-04 17:44:01 +08:00
Yukai Huang
87f72f8614
Merge pull request #1645 from hackmdio/release/2.3.1 
Release 2.3.1
2.3.1 		2021-01-04 17:35:58 +08:00
Yukai Huang
fefe7d8e69
Update release note 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2021-01-04 17:21:01 +08:00
Yukai Huang
dd16949222
Merge pull request #1644 from hackmdio/bugfix/bump-mermaid-deps 
Bump mermaid version
 2021-01-04 17:01:47 +08:00
Yukai Huang
493b86b0de
Bump cdn mermaid version 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2021-01-04 15:11:51 +08:00
Yukai Huang
378fb7dcce
Bump mermaid to 8.6.4 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2021-01-04 14:15:33 +08:00
Yukai Huang
0650179881
Merge branch 'master' into develop 2020-12-31 14:24:14 +08:00
Yukai Huang
5967fef742
Merge pull request #1642 from hackmdio/release/2.3.0 
Release 2.3.0
2.3.0 		2020-12-31 14:17:11 +08:00
Yukai Huang
30e83538e6
Bump version in package.json 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-31 11:46:29 +08:00
Yukai Huang
db56ef1d3d
Update pdf broken pdf link in features.md 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-30 17:49:28 +08:00
Yukai Huang
d1b4b26fe4
Update release notes 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-30 16:58:58 +08:00
Yukai Huang
4d027119f6
Merge branch 'master' into develop 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-25 16:28:10 +08:00
Yukai Huang
48f3be8ae8
Merge pull request #1632 from hackmdio/bugfix/fix-xss-in-lightbox-image-attribute 
Fix xss issue for image lightbox
 2020-12-25 16:21:52 +08:00
Yukai Huang
25119adf52
Merge pull request #1633 from hackmdio/bugfix/fix-mermaid-render-xss 
fix: avoid eval string when putting back parsed string of mermaid
 2020-12-25 16:21:40 +08:00
Yukai Huang
8e3432a3e8
Merge pull request #1637 from hackmdio/bugfix/bump-vega-deps 
Bump vega dependencies
 2020-12-25 16:21:26 +08:00
Yukai Huang
562e1e06c0
Merge pull request #1636 from hackmdio/bugfix/check-image-mime 
Check upload image mime type
 2020-12-24 17:46:38 +08:00
Yukai Huang
de0f4588ac
Fix getImageMimeType mime usage 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-23 22:16:28 +08:00
Yukai Huang
c9e23985d3
Check image type from file extension 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-23 15:46:19 +08:00
Yukai Huang
e19e6642fb
Allow bmp/tiff image to be uploaded 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-23 15:45:49 +08:00
Yukai Huang
c1a22a5318
Replace hard coded impl in getImageMimeType 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-23 15:43:14 +08:00
Yukai Huang
59fd7e71ad
Update vega cdnjs assets 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-23 12:18:27 +08:00
Yukai Huang
312dffe21d
Bump vega deps 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-22 17:45:53 +08:00
Yukai Huang
7a88f9d95a
Check upload image mime type 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-22 16:48:13 +08:00
Max Wu
568355acf5 fix: properly validate mermaid syntax and handle parse error 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2020-12-21 14:56:48 +08:00
Max Wu
064dfb7865 fix: disable prefer-const lint rule for mermaid block text string 
Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2020-12-21 14:49:34 +08:00
Yukai Huang
5fee551d69
Fix fretboard title xss issue 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-21 14:25:47 +08:00
Max Wu
8d9a9ab0b2 fix: avoid eval string when putting back parsed string of mermaid 
where has stored XSS issue

Signed-off-by: Max Wu <jackymaxj@gmail.com>
 2020-12-21 14:24:46 +08:00
Yukai Huang
26a2c746d3
Escape attributes in lightbox image 
Signed-off-by: Yukai Huang <yukaihuangtw@gmail.com>
 2020-12-21 14:10:03 +08:00
Alexey Andreev
71366ee122
Add matrix badge and links to README 
See also: https://element.io/blog/gitter-goes-native/
https://matrix.org/blog/2020/12/07/gitter-now-speaks-matrix

Signed-off-by: Alexey Andreev <aa13q@ya.ru>
 2020-12-08 15:03:55 +03:00
Kyâne
fabdf36b52
Add some help strings to Prometheus metrics 
Signed-off-by: Kyâne <kyane@kyane.fr>
 2020-11-19 16:54:49 +01:00
Philipp Marmet (Adfinis AG)
c418a9729f
display mediawiki export format 
Signed-off-by: Philipp Marmet (Adfinis AG) <philipp.marmet@adfinis.com>
 2020-11-19 13:39:50 +01:00
Raccoon
381b3ff78e
Merge pull request #1610 from mic4ael/fix-jsonlint 
Don't run jsonlint on .vscode jsonc files
 2020-10-23 07:41:05 +08:00
Michal Kolodziejski
7d815cc90c Better redirection after a successful login 
Signed-off-by: Michal Kolodziejski <michal.kolodziejski@cern.ch>
 2020-10-17 12:57:23 +02:00
Michal Kolodziejski
6bf5e7ee72 Don't run jsonlint on .vscode jsonc files 
Signed-off-by: Michal Kolodziejski <michal.kolodziejski@cern.ch>
 2020-10-02 15:48:11 +02:00
Yukai Huang
cebd5e7da9
Merge pull request #1574 from santigl/spellcheck-en-gb-dict 
Spellcheck: add en_GB dictionary
 2020-09-10 16:14:04 +08:00
Yukai Huang
135c4ef021
Merge pull request #1586 from tamo/patch-1 
Fix ui-edit and ui-both buttons in night mode
 2020-09-10 15:32:06 +08:00