The current speakerdeck implementation is broken. An alternative
implementation using oembed doesn't work due to CORS, which could be
solved by proxying the speakerdeck API, but we decided to not do this.
This patch provides the link to the speakerdeck presentation instead,
and this way doesn't break existing notes. This is right now the best
solution we could come up with.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Our socket.io version is 2.0.4 while the current socket.io version is
2.1.1.
This patch updates socket.io to version 2.1.1 and takes care of the CDN
client version.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
There are some places in our code that made it to be not translated.
This patch fixes some small translation problems and adds some static
strings in templates to translation.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
There is a new reveal.js version out. As we try to keep up with
upstream, time to integreate it.
This patch updates reveal.js in for CDN-using instances as well as the
ones using the libraries.
Checked that speaker view in slide mode still works, so no CSP change
needed.
https://github.com/hakimel/reveal.js/releases/tag/3.7.02d241b9300/lib/csp.js (L72-L74)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
While experimenting with the ToC changes, it became obvious that anchors
for those unnamed headers don't work.
This patch fixes those links by running the autolinkify twice and make
sure linkify only adds links to non-empty ids.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Right now, the ToC has an undefined variable i that was an index in the
original ToC code. Since the major rewrite in
4fe0620853 it's a recursive function
without this index. The variable `i` was wrongly copied into its current
place from the old code.
This patch replaces the variable `i` with the index of the header
element. Fix the undefined variable problem.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Seems like ids in Firefox are case sensitive. So linking in the current
way fails.
This patch fixes the links by using the exact matching version of the
titles on the features page.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
most rules degraded to WARN, so we don't go insane. This will
change over time. The aim is to conform to a common style
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
Since it's a very useful feature, we should mention it in multiple
locations.
So we mention it in the slide mode section of the features page.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The yaml-metadata documentation should mention the type field. This is
also open for future extension.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We have this awesome editing mode for slide shows. We just don't enable
it or tell anyone that it exists. Maybe we should do this.
This patch sets the type for the slide example.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Currently we only provide the version from `package.json`. This means
that during updates of instances, e.g. the demo instance, which runs
latest master instead of a stable release, changes are not reflected to
the webclient.
This patch adds a fullversion string that contains the current commit
and this way makes that clients are notified about changes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We can load the xss functions directly from the library instead of
loading them through the expose loader of webpack, this should simplify
the setup and maybe even improve speed a bit.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The Regex introduced in the last commit[1], was already working quite
good. But still resulted in false positives for all URL that contained a
second `:`.
To fix this once and for all, we craft a simple, but long regex based on
all emoji names and use this to match them.
We could probably optimize it, but that should also be something the
regex engine itself can and should do.
[1]: 7e45533c75 (in this source tree)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The old regex, adapted from the other plugins, was a bit too open for
matching. This leads to matching something like: `This is a sentence:
[And something with a: in it.]()` which doesn't become a link anymore.
Because the match is: ` [And something with a`.
This patch provides a fix for the regex to only match non-space string
within the `:`'s.
References:
- Introducing commit:
2063eb8bdf
- Inspirational source of the original RegEx:
2063eb8bdf/public/js/extra.js (L1095)
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Codemirror provides various modes via keymapping. These are already
available by a menu in the interface. But they aren't mentioned
anywhere.
This patch provides some documentation about the editor modes and their
implications. Since they are a feature, the documentation is done on the
features page.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We no longer use Gitter for development talk and similar. So we might
want to remove it?
This patch removes Gitter from README, help page and features page. And
replaces it in the help modal with POEditor, our translation platform.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Octicon no longer provides its CSS classes and this way is useless in
CodiMD. Replacing all used classes in the UI and remove it from build
system.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Currently we have some emojis that are autocompleted but won't show up
in the resulting document.
This patch adds all emojis that are pushed to Codemirror and applies
them to the markdown rendering process, so they become usable.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Right now we support code highlighting for rust, but it doesn't appear
in autocomplete of codemirror, because codemirror is not aware of it.
This patch lets highlightjs simply tell codemirror, what it supports and
adds this to the autocomplete list.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The printing instructions seem to not be really clear. Linking the
reveal.js offical docs should help.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
With OpenID every OpenID capable provider can provide authentication for
users of a CodiMD instance. This means we have federated
authentication.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This patch replaces font-awesome with its fork called fork-awesome.
Besides the fact that the newer versions of font-awesome can't be
shipped with distros like debian due to license issues, fork-awesome
also provides more FOSS related icons and builds on top of version 4.7.x
of font-awesome, which we used until this patch.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The noopener construct protects from some nasty clickjacking attacks. We
can apply them savely to all our links since we don't rely on the
previously used page.
Some more details: https://mathiasbynens.github.io/rel-noopener/
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Since the youtube video on our feature page seems to have vanished, this
patch replaces it with an video of the blender foundation
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Removing copyrigt sign since we are not copyrighting things.
Changing hackmd.io to codimd.org since HackMD is more and more dividing
from CodiMD and may brings up wrong expectations.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We broke the follow us before by removing Facebook and Twitter. Adding
POEditor should fix it and help to attract new translators.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Apart from the uri versioning, one big change is the snippet visibility post data (visibility_level -> visibility)
Default gitlab api version to v4
Signed-off-by: Cédric Couralet <cedric.couralet@gmail.com>
The ToC generated broken HTML with unclosed `<li>` tags. This got fixed
as well as some minor optimisation and adding list elements for the
subentries so the elements appear in the ToC while scrolling.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This replaces the existing iterative implementation of the ToC
generation with an recursive one.
This also solves the problem of skipped headers which causes wrong
leveling of them.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We have some issues with night mode and the font color. This should fix
this in the permission table and the delete node modal. As well as some
picture styling.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
It wasn't possible to create unicode based URLs in freeurl mode, because
the noteid used for the websocket connection is double escaped. When we
decode it and let socketio-client reencode it, we get the real
shortid/noteid and can find the note in the database and open the
connection.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
It redirects the user to the print view of the document. I claim that
people should either be smart enough to use ctrl+P or ask someone who
knows how to print a webpage. I don't want to babysit our users.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Looks like I missed a few. This should be complete now. And make us
ready for the repo rename and merging.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Even when it looks a bit weird in first place to rename all internals
step by step, it makes sense to do so, because we run into confusion
afterwards.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Since static path is providing with a high expiration data, we provide
configs via API. This shouldn't add any noticeable load while making it
uncached and this way working again.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
First fixed some linting issues. Also optimized some functions to be
undoable with one ctrl+z.
This should also speedup some operations
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
We don't support it on CDN false instances, but it doesn't hurt to keep
it in for CDN-enabled instances
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This translation was contributed via POEditor by the user Basix.
Thanks a lot for your work!
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
As we use various services and integration we should provide an example
privacy policy.
It has to be adjust when using it to match your setup.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This adds the UI for the export feature introduced in
bcbb8c67c9
It allows to download all notes from the main page in the default user
submenu.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.
We can add a GUI that shows it later on.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This provides the UI for the delete user feature introduced in
4229084c62
Placing of the user delete button is not perfect, but can be moved to an
own user tab later on.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
To be GDPR compliant we need to provide privacy statement. These should
be linked on the index page. So as soon as a document exist under
`public/docs/privacy.md` the link will show up.
Since we already add legal links, we also add Terms of Use, which will
show up as soon as `public/docs/terms-of-use.md` exists.
This should allow everyone to provide the legal documents they need for
GDPR and other privacy and business laws.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
It's sad but it's not working. For multiple releases this should be
already broken which shows how often it's used.
As there is also a security issue related to that, it's better to
remove the feature completely. Whoever wants to rewrite it, feel free to
go.
This commit removes the Google Drive integration from HackMD's Frontend
editor and this way removes the need to provide any API key and Client
ID in the frontend.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This temporarily removes the Upload from the UI as it's broken right
now.
Needs a refactoring and can be added in again later on by undoing this
commit.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
As an active part of the community prefers Matrix.org over Gitter, we
should link Matrix.org as a place to meet us.
As the matrix and gitter channels are interconnected. We don't loose any
message if a person decides to go for one or another.
We use an more universal way of translation to make it easier to provide
a link to various platforms.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Adding some documentation for night mode and upload times. Extend the
contact section for community support.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.
Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.
They are enabled by default to prevent breaking changes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Night mode provides a generally, dark interface. This fix provides the
needed CSS to also turn modal and panels into night mode design as well.
This mainly effects the help modal.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Right now the full title of an element is may not shown as the space of
the ToC is limited. With this path it'll be shower on hover and this way
provide more useful information.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
The night mode toggle doesn't get the right state after restore from
local storage. This results in the need to toggle twice to disable night
mode.
This patch adds the needed class so the toggleNightMode function gets
the right state on execution.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Right now the night mode is possible to set by a toggle in the menu bar
but needs to be re-enabled on every document switch, reload, etc.. This
is super annoying so we should keep this state in local storage or
a cookie.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
HTML5 provides a wide feature set of useful elements. Since Markdown
usually supports HTML it should be able to use these HTML5 tags as well.
As they were requested by some users and they where checked for being
safe, whitelisting them isn't a problem. To make the experience the same
as on GitHub when it comes to the basic look and feel of the rendered
markdown, some CSS was added to make the summary and the details tag
look like on GitHub.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
This change allows all input modes of codemirror to use the information
from an input esc-key and make this way vim and sublime more
functional. To prevent this change from breaking the return from the
fullscreen mode, it catches the esc-key in this case. Hopefully this is
an acceptable solution.
As before the vim-mode is handled different in fulltext-mode as it is
esc-key heavy.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Before this fix it's impossible to set the provider name in the
sign-model since `ldap` is a boolean there and this way not able
to have an attribute like `ldap.providerName`.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.
Signed-off-by: Dario Ernst <dario@kanojo.de>