Commit Graph

1709 Commits

Author SHA1 Message Date
Literallie 6bdc90d6ff
Add env vars for extra HSTS options 2017-10-13 01:42:05 +02:00
Literallie 1634d5c567
Add on/off env var for HSTS 2017-10-13 01:42:05 +02:00
Literallie 56411ca0e1
Make HSTS behaviour configurable; Fixes #584 2017-10-13 01:42:05 +02:00
Wu Cheng-Han bee5e2a558 Update license field in package.json 2017-10-13 01:56:13 +08:00
Sheogorath f93a14e3e1 Fix LDAP problem about missing uidNumber
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 14:52:28 +02:00
Sheogorath a16bde70be Provide table for permissions
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 11:05:22 +02:00
Sheogorath 53c2d0b5ca Merge pull request #581 from SISheogorath/fix/HMD_URL_ADDPORT
Fix missing boolean setting for HMD_URL_ADDPORT
2017-10-12 00:01:27 +02:00
Sheogorath 89c60d1331
Fix missing boolean setting for HMD_URL_ADDPORT
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-11 23:13:22 +02:00
Wu Cheng-Han da5026859d Update contributing guide for signed-off and DCO 2017-10-12 02:07:03 +08:00
Wu Cheng-Han 45717da98d Fix typo 2017-10-12 02:06:08 +08:00
Wu Cheng-Han 8086cdb749 Change license from MIT to AGPLv3 2017-10-12 01:45:57 +08:00
Wu Cheng-Han 81af737ce6 Update authors list and add contributors file 2017-10-12 01:45:17 +08:00
Wu Cheng-Han 4e94f44a12 Add sign you work section in contributing and DCO 2017-10-12 01:44:55 +08:00
Sheogorath 8b65d7df1a Merge pull request #575 from PeterDaveHello/fix.travis.yml
Remove duplicated nodejs version in .travis.yml
2017-10-11 10:23:30 +02:00
Sheogorath 4dd60cee50 Merge pull request #566 from ccoenen/fix-mysql-revision-order
createdAt DESC with quotation marks did not work with MySQL fixes #565
2017-10-11 01:08:16 +02:00
Claudius Coenen 87ac05738f Merge pull request #573 from PeterDaveHello/add-version-badge
Add version badge in README.md
2017-10-10 23:45:50 +02:00
Sheogorath 11133c3cec Merge pull request #571 from SISheogorath/fix/shellcheck
Prevent argument breaking by spaces
2017-10-10 23:28:16 +02:00
Peter Dave Hello 711c38403d Remove duplicated nodejs version in .travis.yml
lts/boron is v6
2017-10-11 00:16:11 +08:00
Peter Dave Hello 121b089d96 Add version badge in README.md 2017-10-10 21:54:13 +08:00
Sheogorath 6ed44f0864
Prevent argument breaking by spaces 2017-10-10 13:36:37 +02:00
Claudius Coenen 724a6bc26f createdAt DESC with quotation marks did not work with MySQL fixes #565 2017-10-09 14:03:33 +02:00
Sheogorath a99cac0cf0 Merge pull request #550 from SISheogorath/fix/gitlabAvatar
Fix broken profile images in GitLab

Fixes #549
2017-10-08 22:20:35 +02:00
Claudius Coenen 132d4657d7 Merge pull request #564 from geekyd/pop_button
Adds button style to "new note"
2017-10-08 15:41:28 +02:00
Sheogorath a4caac6276 Merge pull request #563 from geekyd/master
Updates default max_line_len in uglifyjs
2017-10-08 01:23:22 +02:00
geekyd c6a1b65a91 Adds color to new note button 2017-10-07 23:23:03 +05:30
geekyd 4f53afe92e Increases max_line_len in uglifyjs 2017-10-07 07:21:02 +05:30
Sheogorath 74a7216a30 Merge pull request #553 from weisslj/fix-s3-bucket-documentation
Correct documentation of S3 bucket
2017-10-07 01:20:43 +02:00
Wu Cheng-Han d96385eafd Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] 2017-10-05 10:17:26 +08:00
Wu Cheng-Han b0b417cefc Fix unescape > symbol inside the style tags to make the CSS works 2017-10-05 09:59:57 +08:00
Wu Cheng-Han 8979f215ab Fix blockquote not parse correctly in slide mode 2017-10-05 09:59:07 +08:00
Max Wu b469592db8 Update .travis.yml 2017-09-27 22:26:03 +08:00
Wu Cheng-Han 7f52a4b38a Update yarn.lock file 2017-09-27 22:07:55 +08:00
Max Wu 6f2d1d4320 Merge pull request #538 from madebyherzblut/fix-yarn-lock
Update yarn.lock
2017-09-27 21:46:13 +08:00
Max Wu fb14e121cd Merge pull request #527 from sygi/patch-1
Typo in Polish translation
2017-09-27 21:41:06 +08:00
Max Wu 8168615e10 Merge pull request #541 from Stonesjtu/patch-1
Fix naming typo.
2017-09-27 21:40:26 +08:00
Wu Cheng-Han 2bdccd3996 Fix home and end keys behavior for windows 2017-09-27 21:27:33 +08:00
Wu Cheng-Han fe384d80bf Fix the < and > symbols are doubly escaped which affected by executing preventXSS twice 2017-09-27 18:22:49 +08:00
Wu Cheng-Han f2743ff8f8 Fix slide mode contains unclosed tags might cause XSS [Security Issue] 2017-09-27 18:21:28 +08:00
Wu Cheng-Han 9b00afb863 Fix unclosed tags might cause XSS [Security Issue] 2017-09-27 18:20:04 +08:00
Johannes Weißl 89a2389586 Correct documentation of S3 bucket
Documentation added in aaf034b on Nov 17th 2016 says the S3 bucket can
be specified with `s3.bucket`, but commit c8bcc4c (#285) on Dec 18th
2016 used `s3bucket`. Instead of fixing the code (#552) to match the
documentation this commit changes just the documentation so that
existing configurations are not broken. Also, the `s3` object is passed
as is to `AWS.S3()`, which does not know the option `bucket` (but
silently ignores it in my test).

http://docs.aws.amazon.com/AWSJavaScriptSDK/latest/AWS/S3.html#constructor-property

Following the old documentation leads to this exception:

    2017-09-23T09:42:38.079Z - error:  MissingRequiredParameter: Missing required key 'Bucket' in params
        at ParamValidator.fail (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:50:37)
        at ParamValidator.validateStructure (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:61:14)
        at ParamValidator.validateMember (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:88:21)
        at ParamValidator.validate (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/param_validator.js:34:10)
        at Request.VALIDATE_PARAMETERS (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/event_listeners.js:125:42)
        at Request.callListeners (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:105:20)
        at callNextListener (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:95:12)
        at /srv/hackmd/hackmd/node_modules/aws-sdk/lib/event_listeners.js:85:9
        at finish (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:315:7)
        at /srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:333:9
        at Credentials.get (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/credentials.js:126:7)
        at getAsyncCredentials (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:327:24)
        at Config.getCredentials (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/config.js:347:9)
        at Request.VALIDATE_CREDENTIALS (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/event_listeners.js:80:26)
        at Request.callListeners (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:101:18)
        at Request.emit (/srv/hackmd/hackmd/node_modules/aws-sdk/lib/sequential_executor.js:77:10)
2017-09-23 18:28:57 +02:00
Sheogorath 500207545f
Fix broken profile images 2017-09-22 12:40:43 +02:00
James cd5e45163f Merge pull request #1 from SISheogorath/patch-2
Update en.json
2017-09-11 19:07:36 -04:00
Sheogorath 9da6c88985 Update en.json 2017-09-11 02:21:31 +02:00
James 3fa82048c1 Update en.json 2017-09-07 12:19:02 -04:00
James 5ea2b1dbe6 Update en.json 2017-09-07 12:08:41 -04:00
Kaiyu Shi 4ae8086301 Give google the correct name. 2017-09-04 16:04:20 +08:00
Marc Deop 2c780f53df
Add support for minio 2017-08-30 18:58:34 +02:00
Christian Schuhmann 355c805db8 Update yarn.lock 2017-08-29 16:53:15 +02:00
Jakub Sygnowski 3ca1255064 (nit) typo 2017-08-10 14:50:45 +02:00
Raccoon d1d6d5810b Merge pull request #499 from bd808/no-ssh
Use git URLs in package.json
2017-07-03 10:58:23 +08:00