Commit Graph

347 Commits

Author SHA1 Message Date
Sheogorath 56182532cb
Add korean translation
This translation was contributed via POEditor by the user Basix.

Thanks a lot for your work!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-07 14:29:01 +02:00
Christoph (Sheogorath) Kern 551840ad57
Merge pull request #784 from pferreir/add-oauth2-support
Add "generic" OAuth2 support
2018-06-04 15:54:47 +02:00
Sheogorath 75f28ca7f3
Add export data UI
This adds the UI for the export feature introduced in
bcbb8c67c9

It allows to download all notes from the main page in the default user
submenu.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-26 03:20:44 +02:00
Sheogorath 70df29790a
Add token based security feature
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.

We can add a GUI that shows it later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 18:26:06 +02:00
Sheogorath 9fd09a8dfb
Add delete user UI
This provides the UI for the delete user feature introduced in
4229084c62

Placing of the user delete button is not perfect, but can be moved to an
own user tab later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 17:11:11 +02:00
Sheogorath 41a36e2e18
Add privacy and ToS links
To be GDPR compliant we need to provide privacy statement. These should
be linked on the index page. So as soon as a document exist under
`public/docs/privacy.md` the link will show up.

Since we already add legal links, we also add Terms of Use, which will
show up as soon as `public/docs/terms-of-use.md` exists.

This should allow everyone to provide the legal documents they need for
GDPR and other privacy and business laws.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-24 18:10:36 +02:00
Sheogorath ad69c5017b
Removing google drive integration
It's sad but it's not working. For multiple releases this should be
already broken which shows how often it's used.

As there is also a security issue related to that, it's better to
remove the feature completely. Whoever wants to rewrite it, feel free to
go.

This commit removes the Google Drive integration from HackMD's Frontend
editor and this way removes the need to provide any API key and Client
ID in the frontend.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-16 01:34:55 +02:00
Christoph (Sheogorath) Kern 6d44ded269
Revert "Workaround Google API problems" 2018-05-16 01:31:50 +02:00
Sheogorath 2cc3058a44
Remove Google Upload from UI
This temporarily removes the Upload from the UI as it's broken right
now.

Needs a refactoring and can be added in again later on by undoing this
commit.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-01 23:22:53 +02:00
Sheogorath 95f46520e3
Add matrix.org / Riot link
As an active part of the community prefers Matrix.org over Gitter, we
should link Matrix.org as a place to meet us.

As the matrix and gitter channels are interconnected. We don't loose any
message if a person decides to go for one or another.

We use an more universal way of translation to make it easier to provide
a link to various platforms.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-05 11:58:54 +02:00
Sheogorath d939de17df
Fix CSP for disqus and Google Analytics
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.

Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.

They are enabled by default to prevent breaking changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 16:33:52 +02:00
Pedro Ferreira 40b3855702 Add support for generic OAuth2 providers
Signed-off-by: Pedro Ferreira <pedro.ferreira@cern.ch>
2018-03-26 15:55:39 +02:00
Sheogorath 2411dffa2c
Change config to camel case with backwards compatibility
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 19:08:14 +02:00
Sheogorath a01b4a843c
Update socket.io to version 2.0.4
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-30 19:44:32 +01:00
Christoph (Sheogorath) Kern adc781f7e3
Merge pull request #704 from SISheogorath/fix/ldapProviderName
Fix ldap provider name in template
2018-01-29 15:59:27 +01:00
Wu Cheng-Han 3c473e60a6 Upgrade reveal.js to 3.6.0 and useCDN option for CSS include 2018-01-29 13:09:52 +08:00
Sheogorath e44751b3f1
Fix ldap provider name in template
Before this fix it's impossible to set the provider name in the
sign-model since `ldap` is a boolean there and this way not able
to have an attribute like `ldap.providerName`.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-26 10:46:22 +01:00
Christoph (Sheogorath) Kern e52d7db96c
Merge pull request #694 from SISheogorath/refactor/socialmedia
Reorganize social media links and footer
2018-01-25 17:40:11 +01:00
Sheogorath 16892cd827
Reorganize social media links and footer
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-24 14:09:36 +01:00
Christoph (Sheogorath) Kern 7de6e3211f
Merge pull request #598 from xxyy/feature/csp
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Christoph (Sheogorath) Kern 5d9a2c3569
Merge pull request #688 from hackmdio/add-ce-text-on-index
Add CE text on index title
2018-01-20 18:56:39 +01:00
Christoph (Sheogorath) Kern b7e227e9d5
Merge pull request #690 from Nebukadneza/add_allow_anonymous_edits
Add option to enable `freely` permission in closed instance
2018-01-20 18:56:09 +01:00
Sheogorath dc10ec60fb
Remove/update contact details
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 17:40:00 +01:00
Dario Ernst 6ae4b8bf13 Add option to enable `freely` permission in closed instance
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-20 15:14:56 +01:00
Max Wu 05cc3a73a2
Update body.ejs
Add CE text on index title
2018-01-20 10:12:38 +08:00
Sheogorath a0fdfccb22
It's 2018! 🎉 2018-01-19 14:08:16 +01:00
Edoardo Odorico 6fc2c39eda Implemented dark theme.
Signed-off-by: Edoardo Odorico <edoubuntu@gmail.com>
2018-01-05 00:15:13 +01:00
Christoph (Sheogorath) Kern 0957f5963b
Merge pull request #633 from nakaeeee/saml-auth
Support SAML authentication
2017-12-04 18:57:57 +01:00
Thomas De Backer c60030b205 close open tags 2017-12-01 20:56:39 +01:00
Thomas De Backer 4eef4875ed Add untranslated sentences to locale 2017-11-30 19:02:40 +01:00
Norihito Nakae 4a4ae9d332 Initial support for SAML authentication 2017-11-28 18:52:24 +09:00
Sheogorath 16b3e015ab
Merge pull request #606 from DoubleMalt/feature/MattermostAuth
Add Mattermost authentication strategy
2017-10-31 12:11:41 +01:00
Christoph Witzany 5cda55086a Add mattermost authentication 2017-10-31 10:34:51 +01:00
Sheogorath ef49b72442
Fix allowpdfexport handling on error page 2017-10-31 01:57:32 +01:00
Peter Dave Hello f896432250 Upgrade mermaid to v7.1.0, fix #600 2017-10-30 00:18:53 +08:00
Sheogorath abbc43f9b6 Merge pull request #599 from xxyy/fix/inline-styles
Externalise some trivial inline styles from slide.ejs
2017-10-27 13:24:26 +02:00
geekyd d63e6780eb Adds PDF export via config 2017-10-25 19:19:37 +05:30
Literallie af935e46fc
Externalise trivial inline styles from slide.ejs
Dynamic background images need some further work
2017-10-23 23:39:18 +02:00
Sheogorath c794412714 Merge pull request #591 from Rwing/master
support Simplified Chinese and rename original zh to Traditional Chinese
2017-10-23 11:53:31 +02:00
Rwing 362a7eaf65 support Simplified Chinese and rename original zh to Traditional Chinese 2017-10-23 17:38:04 +08:00
Literallie 4238b9b3ef
Fix MathJax CSP issues 2017-10-22 00:03:45 +02:00
Literallie 080436aebb
CSP: Add nonce to slide view inline JS 2017-10-22 00:03:45 +02:00
geekyd 80fb91976e Hides empty export section 2017-10-18 03:34:45 +05:30
geekyd c6a1b65a91 Adds color to new note button 2017-10-07 23:23:03 +05:30
Wu Cheng-Han c8d3951d32 Add support of Danish locale 2017-06-11 15:52:04 +08:00
butlerx e5834c077f
add the ability to set slide theme in slide options 2017-05-31 23:28:43 +01:00
Max Wu f85d1d8801 Merge pull request #429 from hackmdio/refactor-part-3
Refactor frontend part 3
2017-05-13 19:54:43 +08:00
Wu Cheng-Han be99350655 Fix to implement toggle of TOC in HTML template 2017-05-09 22:11:57 +08:00
Yukai Huang db06a51299 Load statusbar template by string-loader 2017-05-07 20:37:26 +08:00
Max Wu 450159a462 Merge pull request #427 from PeterDaveHello/fix-indent
Fix indent in views, shouldn't mix tabs with spaces
2017-04-18 10:41:58 +08:00
Peter Dave Hello 5f3fe5c62c Fix indent in views, shouldn't mix tabs with spaces 2017-04-18 05:24:04 +08:00
Peter Dave Hello 08c0a0392c Use abcjs on cdnjs, cc @jackycute 2017-04-18 05:19:19 +08:00
Max Wu 5ecea7e118 Merge pull request #417 from hackmdio/refactor
Refactor editor cont.
2017-04-10 11:41:33 +08:00
Ian Dees 3aaf1bbe24 Update body.ejs 2017-04-05 11:07:18 -04:00
Ian Dees 138170704a Clarify permission language
See https://github.com/hackmdio/hackmd/issues/415
2017-04-05 10:16:15 -04:00
Yukai Huang b86ecb1342 Extract selection update from updateStatusbar 2017-03-28 11:57:44 +08:00
Wu Cheng-Han 10a7a9b37e Update to use CDN css for emojify.js when applicable 2017-03-21 00:27:58 +08:00
Wu Cheng-Han 7989b89591 Add support of Catalan locale 2017-03-20 14:52:25 +08:00
Wu Cheng-Han 448b006194 Update to generate front-end constants on server startup
To avoid extra webpacking on changing configs and follow the 12 factor app
2017-03-20 01:39:09 +08:00
Wu Cheng-Han 506a381eca Add config option for gitlab api scope and auto adapt gitlab snippet feature on it 2017-03-14 18:04:23 +08:00
Wu Cheng-Han 6c87262bd9 Fix to use minified CDN file source in mermaid 2017-02-02 23:40:55 +08:00
Wu Cheng-Han d5008b7aeb Update viz.js and mermaid CDN links 2017-02-02 23:37:20 +08:00
Wu Cheng-Han fc00fa7434 Add link to features on profile dropdown 2017-01-21 14:24:51 +08:00
Wu Cheng-Han a669c201be Fix template partial path 2017-01-21 14:04:54 +08:00
Wu Cheng-Han 09a7bcbdef Refactor templates and rearrange its path 2017-01-21 13:08:29 +08:00
Wu Cheng-Han 5e1d022e13 Add screenshot on index page 2017-01-21 12:52:26 +08:00
Wu Cheng-Han 53223b5e2c Update index layout to add profile on navbar 2017-01-16 12:06:04 +08:00
Max Wu 4851098477 Merge pull request #317 from SISheogorath/master+allowEmailRegister
Add `allowemailregister` option
2017-01-12 23:37:28 +08:00
Wu Cheng-Han 8b378d7847 Update to use shorter wording in limited and protected permissions 2017-01-12 23:36:23 +08:00
Sheogorath 747629e549 Add `allowemailregister` option 2017-01-12 13:54:45 +01:00
Wu Cheng-Han 5f65795e79 Fix permission order and keep wording consistency 2017-01-12 19:04:17 +08:00
Max Wu a8068d38d5 Merge pull request #313 from elct9620/feature/disable_anonymous_view
WIP: Add options to limit anonymous view note
2017-01-10 20:23:47 +08:00
蒼時弦也 d6be0cf755 Update limite icon to fa-id-card 2017-01-10 20:22:06 +08:00
蒼時弦也 a9fe43ac3a Update limited/protected permission icon 2017-01-10 17:22:57 +08:00
蒼時弦也 7b02c48d93 Adjust permission order to more clarly 2017-01-10 14:13:30 +08:00
蒼時弦也 89b8ddeaba Add limited and protected permission 2017-01-10 10:02:37 +08:00
neopostmodern ff545b2688 Allow displaying LDAP provider name on sign-in modal 2017-01-09 12:49:23 +01:00
Max Wu b13635aac9 Merge pull request #279 from alecdwm/ldap-auth
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
Wu Cheng-Han ac2b100d35 Add back missing release-note link on index 2017-01-02 12:26:10 +08:00
Wu Cheng-Han d74fea1d10 Update year to 2017 2017-01-02 11:14:25 +08:00
James Stephenson ec1ae8c6b5 Added Esperanto translation
Translation by Jonathan Powell and James Stephenson
2016-12-30 22:02:57 -05:00
Florian Rhiem fdea226159 Fixed typo: anonmyous 2016-12-21 14:36:54 +01:00
Wu Cheng-Han 276d500406 Upgrade dependencies 2016-12-19 16:20:27 +08:00
Wu Cheng-Han 5c7eb48319 Add support of allow anonymous config option with correspond modifications 2016-12-15 14:11:23 +08:00
alecdwm 72a0e90f7d LDAP signin form moved to main signin-modal
- previously was a separate modal
- now is located on main modal, like email auth
2016-12-14 12:56:26 +01:00
alecdwm 02e9927714 Initial support for LDAP server authentication
Limitations as of this commit:

- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
  - instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
  because we aren't using oauth. The currently generated
  tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
Wu Cheng-Han 00e284584e Switch email register and signin button order to make form default action as signin 2016-12-14 03:08:35 +08:00
Wu Cheng-Han 62c703baa1 Fix the generate template not including base url variable 2016-12-12 12:19:12 +08:00
Wu Cheng-Han ecb956f515 Fix index signin and signout button might not shown if only email enabled 2016-12-07 21:19:06 +08:00
Wu Cheng-Han 4bd5598568 Fix Facebook page link name 2016-12-06 22:15:34 +08:00
Wu Cheng-Han da46a3696b Add preferences to editor status bar and make allow override browser keymap option 2016-12-04 00:56:14 +08:00
Wu Cheng-Han a73d9ce39e Update to support optional email register and signin 2016-12-02 01:58:14 +08:00
Wu Cheng-Han c59b4cb883 Update webpack and slide resource loading to reduce pack size 2016-11-29 00:44:29 +08:00
Wu Cheng-Han 47d5efb29e Fix slide resource path and style load orders to avoid conflicts 2016-11-29 00:44:15 +08:00
Wu Cheng-Han 76a6190dac Update dependency gist-embed to 2.6.0 2016-11-26 23:25:29 +08:00
Wu Cheng-Han efd62bd1ca Optimize slide page resource packing and load orders, fix possible wrong chunks orders and font awesome version 2016-11-26 23:24:59 +08:00
Wu Cheng-Han ad90643c94 Optimize pretty page resource packing and load orders 2016-11-26 23:22:47 +08:00
Wu Cheng-Han 5287d46931 Optimize hackmd resource packing and load orders 2016-11-26 23:18:51 +08:00
Wu Cheng-Han 3fbfdb7db8 Optimize index page resources packing and loads 2016-11-26 23:13:02 +08:00
Wu Cheng-Han 9d4ede4cff Fix possible XSS in yaml-metadata and turn using ejs escape syntax than external lib [Security Issue] 2016-11-26 22:55:31 +08:00