Commit Graph

923 Commits

Author SHA1 Message Date
Max Wu ea118c2ec8 Update styles of details, summary and figure
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 21:05:13 +08:00
Max Wu 95e9f96aa0 Update to allow rp tag for ruby
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 20:55:10 +08:00
Max Wu 711a11ce23 Remove manual allow details tag since default already allow it
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-02-26 20:54:57 +08:00
Sheogorath 5d347d583d
Extend HTML5 support by whitelisting various tags
HTML5 provides a wide feature set of useful elements. Since Markdown
usually supports HTML it should be able to use these HTML5 tags as well.
As they were requested by some users and they where checked for being
safe, whitelisting them isn't a problem. To make the experience the same
as on GitHub when it comes to the basic look and feel of the rendered
markdown, some CSS was added to make the summary and the details tag
look like on GitHub.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-02-25 14:54:21 +01:00
Sheogorath 9c77e9d7f0
Allow the usage of the esc-key by codemirror
This change allows all input modes of codemirror to use the information
from an input esc-key and make this way vim and sublime more
functional. To prevent this change from breaking the return from the
fullscreen mode, it catches the esc-key in this case. Hopefully this is
an acceptable solution.

As before the vim-mode is handled different in fulltext-mode as it is
esc-key heavy.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-02-24 21:14:47 +01:00
Stefan Bühler c4f8fb78ee don't require referer to find note id in socket.io connections (fixes #623)
Signed-off-by: Stefan Bühler <buehler@cert.uni-stuttgart.de>
2018-02-05 14:26:42 +01:00
Sheogorath a01b4a843c
Update socket.io to version 2.0.4
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-30 19:44:32 +01:00
Christoph (Sheogorath) Kern adc781f7e3
Merge pull request #704 from SISheogorath/fix/ldapProviderName
Fix ldap provider name in template
2018-01-29 15:59:27 +01:00
Wu Cheng-Han 3c473e60a6 Upgrade reveal.js to 3.6.0 and useCDN option for CSS include 2018-01-29 13:09:52 +08:00
Sheogorath e44751b3f1
Fix ldap provider name in template
Before this fix it's impossible to set the provider name in the
sign-model since `ldap` is a boolean there and this way not able
to have an attribute like `ldap.providerName`.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-26 10:46:22 +01:00
Christoph (Sheogorath) Kern e52d7db96c
Merge pull request #694 from SISheogorath/refactor/socialmedia
Reorganize social media links and footer
2018-01-25 17:40:11 +01:00
Sheogorath 16892cd827
Reorganize social media links and footer
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-24 14:09:36 +01:00
Max Wu a9c88ce248
Fix task todo might not toggle
which caused by not matching syntax with double dashes correctly
2018-01-24 00:10:52 +08:00
Christoph (Sheogorath) Kern 584f1c5249
Merge pull request #691 from SISheogorath/feature/upload
Allow more detailed configuration of upload mime types
2018-01-23 12:10:33 +01:00
Christoph (Sheogorath) Kern 7de6e3211f
Merge pull request #598 from xxyy/feature/csp
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Christoph (Sheogorath) Kern 5d9a2c3569
Merge pull request #688 from hackmdio/add-ce-text-on-index
Add CE text on index title
2018-01-20 18:56:39 +01:00
Christoph (Sheogorath) Kern b7e227e9d5
Merge pull request #690 from Nebukadneza/add_allow_anonymous_edits
Add option to enable `freely` permission in closed instance
2018-01-20 18:56:09 +01:00
Sheogorath dc10ec60fb
Remove/update contact details
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 17:40:00 +01:00
Sheogorath a7935a595a
Allow more detailed configuration of upload mime types
Fixes #637

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 15:16:53 +01:00
Dario Ernst 6ae4b8bf13 Add option to enable `freely` permission in closed instance
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-20 15:14:56 +01:00
Max Wu 05cc3a73a2
Update body.ejs
Add CE text on index title
2018-01-20 10:12:38 +08:00
Sheogorath 40d1d75704
Release 1.0.1-ce 2018-01-19 14:40:15 +01:00
Christoph (Sheogorath) Kern d492070d3a
Merge pull request #685 from hackmdio/fixImageAlt
Fix image alt not render properly

Fixes #638
2018-01-19 14:26:06 +01:00
Sheogorath a0fdfccb22
It's 2018! 🎉 2018-01-19 14:08:16 +01:00
Wu Cheng-Han 3703b12584 Fix image alt not render properly 2018-01-19 00:53:49 +08:00
Sheogorath 11a5dd0eb4
Release 1.0.0-ce 2018-01-18 13:03:18 +01:00
Max Wu 919b7467d4
Fix anchor id to keep uppercase characters
id shouldn’t be converted to lowercase since id attribute is case sensitive
2018-01-16 15:59:43 +08:00
Edoardo Odorico 6fc2c39eda Implemented dark theme.
Signed-off-by: Edoardo Odorico <edoubuntu@gmail.com>
2018-01-05 00:15:13 +01:00
Peter Dave Hello 76873d3f7e Fix file permission, remove useless executable 2017-12-14 05:05:18 +08:00
Christoph (Sheogorath) Kern b840c3fa57
Merge pull request #609 from monoxane/master
Correcting grammatical errors related to the document char count tooltip
2017-12-12 10:39:49 +01:00
Christoph (Sheogorath) Kern 0957f5963b
Merge pull request #633 from nakaeeee/saml-auth
Support SAML authentication
2017-12-04 18:57:57 +01:00
Thomas De Backer c60030b205 close open tags 2017-12-01 20:56:39 +01:00
Thomas De Backer 4eef4875ed Add untranslated sentences to locale 2017-11-30 19:02:40 +01:00
Norihito Nakae 4a4ae9d332 Initial support for SAML authentication 2017-11-28 18:52:24 +09:00
Sheogorath 93b91163cd
Prevent XSS vul by srcdoc in iframe 2017-11-24 10:10:50 +01:00
Literallie 3a752fde51
Revert "Load js-url lib using legacy-loader"
Didn't work in Firefox for some reason.

`[Script Loader] ReferenceError: module is not defined`

This reverts commit 5b83deb043.
2017-11-02 17:57:44 +01:00
Sheogorath 16b3e015ab
Merge pull request #606 from DoubleMalt/feature/MattermostAuth
Add Mattermost authentication strategy
2017-10-31 12:11:41 +01:00
Christoph Witzany 5cda55086a Add mattermost authentication 2017-10-31 10:34:51 +01:00
Sheogorath ef49b72442
Fix allowpdfexport handling on error page 2017-10-31 01:57:32 +01:00
Sheogorath e807f1b783
Fix mermaid error handling 2017-10-30 12:26:28 +01:00
Sheogorath 09d2ba41cf
Use mermaidAPI in mermaid scope
Introduced by a5b7145527 (diff-67ae90c5144c55348a3cbdb078240454L532)

Fixes #600

Parse only throws error: 167368d508 (diff-67ae90c5144c55348a3cbdb078240454)
2017-10-30 07:11:14 +01:00
Oliver Herrmann 7d0ef1276c
Corrected some grammatical issues
Obviously caught up in a bad translation and didn't particularly make sense for native english speakers.
2017-10-30 11:25:44 +11:00
Peter Dave Hello f896432250 Upgrade mermaid to v7.1.0, fix #600 2017-10-30 00:18:53 +08:00
Sheogorath abbc43f9b6 Merge pull request #599 from xxyy/fix/inline-styles
Externalise some trivial inline styles from slide.ejs
2017-10-27 13:24:26 +02:00
geekyd d63e6780eb Adds PDF export via config 2017-10-25 19:19:37 +05:30
Literallie af935e46fc
Externalise trivial inline styles from slide.ejs
Dynamic background images need some further work
2017-10-23 23:39:18 +02:00
Sheogorath c794412714 Merge pull request #591 from Rwing/master
support Simplified Chinese and rename original zh to Traditional Chinese
2017-10-23 11:53:31 +02:00
Rwing 362a7eaf65 support Simplified Chinese and rename original zh to Traditional Chinese 2017-10-23 17:38:04 +08:00
Literallie 567f26f5b9
Fix MathJax config not being picked up
thanks standard
2017-10-22 02:48:24 +02:00
Literallie 04f5e3a341
Move CSP logic to new file, Fix boolean config examples
Not sure why I was quoting these in the first place
2017-10-22 02:18:45 +02:00
Literallie 5b83deb043
Load js-url lib using legacy-loader
Doesn't use eval, plus no window object access
2017-10-22 00:03:45 +02:00
Literallie 4238b9b3ef
Fix MathJax CSP issues 2017-10-22 00:03:45 +02:00
Literallie 080436aebb
CSP: Add nonce to slide view inline JS 2017-10-22 00:03:45 +02:00
Yukai Huang 60b86e0250 Fix markdown-it gist plugin code closing tag
fix #596
2017-10-21 11:45:17 +08:00
geekyd 80fb91976e Hides empty export section 2017-10-18 03:34:45 +05:30
Sheogorath a16bde70be Provide table for permissions
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2017-10-12 11:05:22 +02:00
geekyd c6a1b65a91 Adds color to new note button 2017-10-07 23:23:03 +05:30
Wu Cheng-Han d96385eafd Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] 2017-10-05 10:17:26 +08:00
Wu Cheng-Han b0b417cefc Fix unescape > symbol inside the style tags to make the CSS works 2017-10-05 09:59:57 +08:00
Wu Cheng-Han 8979f215ab Fix blockquote not parse correctly in slide mode 2017-10-05 09:59:07 +08:00
Wu Cheng-Han 2bdccd3996 Fix home and end keys behavior for windows 2017-09-27 21:27:33 +08:00
Wu Cheng-Han fe384d80bf Fix the < and > symbols are doubly escaped which affected by executing preventXSS twice 2017-09-27 18:22:49 +08:00
Wu Cheng-Han f2743ff8f8 Fix slide mode contains unclosed tags might cause XSS [Security Issue] 2017-09-27 18:21:28 +08:00
Wu Cheng-Han 9b00afb863 Fix unclosed tags might cause XSS [Security Issue] 2017-09-27 18:20:04 +08:00
Max Wu a645f28b33 Fix slide mode might hide scrollbar on some linux 2017-06-14 12:12:28 +08:00
Wu Cheng-Han c8d3951d32 Add support of Danish locale 2017-06-11 15:52:04 +08:00
Max Wu ca71028dd7 Merge pull request #476 from butlerx/updated/reveal
add more reveal features to slide demo
2017-06-06 23:52:06 +08:00
butlerx dcaf38b6ce
fix grammer errors 2017-06-05 12:16:21 +01:00
Wu Cheng-Han 48f8378335 Fix speaker note separator regex should only take effect on the line start 2017-06-05 01:20:21 +08:00
butlerx 50153c65c6
add more reveal features to slide demo 2017-06-03 15:40:59 +01:00
Wu Cheng-Han 8f4be63df4 Update yams-metadata doc for slide theme 2017-06-03 13:33:07 +08:00
butlerx e5834c077f
add the ability to set slide theme in slide options 2017-05-31 23:28:43 +01:00
Max Wu c37b666915 Merge branch 'master' into BackendRefactor 2017-05-14 17:42:14 +08:00
Max Wu f85d1d8801 Merge pull request #429 from hackmdio/refactor-part-3
Refactor frontend part 3
2017-05-13 19:54:43 +08:00
Wu Cheng-Han be99350655 Fix to implement toggle of TOC in HTML template 2017-05-09 22:11:57 +08:00
BoHong Li 8c2b00b05a style: Fixed variable already declared 2017-05-08 19:29:07 +08:00
Yukai Huang 4839838d0c Manage syncscroll / currentMode in appState 2017-05-07 20:38:22 +08:00
Yukai Huang 0e9afde5fa Move syncsroll under lib 2017-05-07 20:38:22 +08:00
Yukai Huang d9221f6011 Remove CodeMirror-other-cursors dom creation
Since it’s done via hackmdio/CodeMirror#1
2017-05-07 20:38:22 +08:00
Yukai Huang 88c0c68856 Change more global var to global 2017-05-07 20:38:22 +08:00
Yukai Huang 68ccee20b3 Extract modeType 2017-05-07 20:37:27 +08:00
Yukai Huang 18a6f9063e Change some global variables to local 2017-05-07 20:37:27 +08:00
Yukai Huang 432f215a45 Fix indentation 2017-05-07 20:37:27 +08:00
Yukai Huang c6c11c54ef Expose internal editor config variable 2017-05-07 20:37:27 +08:00
Yukai Huang db06a51299 Load statusbar template by string-loader 2017-05-07 20:37:26 +08:00
Wu Cheng-Han e32dd547b4 Update to support code block syntax highlighting of gherkin 2017-05-05 18:03:23 +08:00
Max Wu 38a7c373e7 Fix fb message link might not available for public 2017-04-24 12:52:09 +08:00
Max Wu 450159a462 Merge pull request #427 from PeterDaveHello/fix-indent
Fix indent in views, shouldn't mix tabs with spaces
2017-04-18 10:41:58 +08:00
Max Wu 2a5a518e88 Merge pull request #426 from PeterDaveHello/cdnjs-integration
Use abcjs on cdnjs
2017-04-18 10:40:51 +08:00
Peter Dave Hello 5f3fe5c62c Fix indent in views, shouldn't mix tabs with spaces 2017-04-18 05:24:04 +08:00
Peter Dave Hello 08c0a0392c Use abcjs on cdnjs, cc @jackycute 2017-04-18 05:19:19 +08:00
Peter Dave Hello 7e3e0edb17 Remove executable permission from static files 2017-04-18 05:01:23 +08:00
Wu Cheng-Han 48df250491 Fix link regex should filter protocol with case insensitive flag [Security Issue] 2017-04-11 22:25:14 +08:00
Max Wu 5ecea7e118 Merge pull request #417 from hackmdio/refactor
Refactor editor cont.
2017-04-10 11:41:33 +08:00
Ian Dees 3aaf1bbe24 Update body.ejs 2017-04-05 11:07:18 -04:00
Ian Dees 138170704a Clarify permission language
See https://github.com/hackmdio/hackmd/issues/415
2017-04-05 10:16:15 -04:00
Yukai Huang a938cac42a Fix indentations 2017-03-28 20:38:31 +08:00
Yukai Huang b711ecfadb Drop global variable ui exposing 2017-03-28 19:30:06 +08:00
Yukai Huang ba1bef015f Update to es6 module import style 2017-03-28 18:31:36 +08:00
Yukai Huang 7637a6a8a6 Update cm instance in changes event argument 2017-03-28 17:32:42 +08:00
Yukai Huang f5b95c5d36 Move updateStatusBar method into editor class 2017-03-28 17:16:32 +08:00
Yukai Huang df743ab902 Fix listener “this” context 2017-03-28 17:11:20 +08:00
Yukai Huang 46ed658d8b Promisify getStatusBarTemplate method 2017-03-28 15:24:52 +08:00
Yukai Huang af5ef52f4b Add cm instance to cursorActivity argument 2017-03-28 12:15:56 +08:00
Yukai Huang 579dda9515 Update focus argument with cm instance 2017-03-28 12:11:05 +08:00
Yukai Huang d7c068cbfd Rewrite cursorActivity with multi listener style
- adjust function order to prevent standard lint failure
2017-03-28 12:10:35 +08:00
Yukai Huang b86ecb1342 Extract selection update from updateStatusbar 2017-03-28 11:57:44 +08:00
Yukai Huang 81666a726c Impl multiple codemirror event listener 2017-03-28 11:18:36 +08:00
Yukai Huang fff7ebd1b5 Change minor TODO to FIXME 2017-03-28 11:17:30 +08:00
Wu Cheng-Han b2985085d0 Update to change makefile syntax highlighting to Prism 2017-03-26 23:09:13 +08:00
Wu Cheng-Han a3cdc5ba80 Update to add abc in support charts of textcomplete 2017-03-26 20:46:05 +08:00
Wu Cheng-Han 961d3fab1c Fix code style 2017-03-26 20:45:23 +08:00
Wu Cheng-Han 61dc6dbc15 Add support of abcjs 2017-03-26 20:39:07 +08:00
Wu Cheng-Han 3156c38598 Fix text complete of extra tags for list not triggered properly 2017-03-23 20:49:31 +08:00
Wu Cheng-Han 890f7089bf Fix google drive file picker not initialize properly 2017-03-23 20:17:50 +08:00
Wu Cheng-Han 7e3b74d0da Mark as 0.5.1 2017-03-23 00:22:44 +08:00
Wu Cheng-Han e629800457 Fix XSS vulnerability in link regex [Security Issue] 2017-03-22 18:26:35 +08:00
Wu Cheng-Han 0f3b028ed6 Fix render.js code styles 2017-03-22 18:26:30 +08:00
Wu Cheng-Han cac618eca8 Fix front-end index.js code styles 2017-03-22 17:48:26 +08:00
Wu Cheng-Han 802ed406e6 Fix todo list item class might add in wrong element 2017-03-22 15:42:38 +08:00
Wu Cheng-Han 9ff3649025 Fix unnecessary global calling of ownerui 2017-03-22 15:42:11 +08:00
Wu Cheng-Han b17c2404b1 Fix duplicated loading of reveal markdown plugin 2017-03-21 20:44:12 +08:00
Wu Cheng-Han 10a7a9b37e Update to use CDN css for emojify.js when applicable 2017-03-21 00:27:58 +08:00
Wu Cheng-Han 7989b89591 Add support of Catalan locale 2017-03-20 14:52:25 +08:00
Wu Cheng-Han afc4f269bc Update to make removeDOMEvents only process once in slide mode 2017-03-20 11:28:50 +08:00
Wu Cheng-Han 448b006194 Update to generate front-end constants on server startup
To avoid extra webpacking on changing configs and follow the 12 factor app
2017-03-20 01:39:09 +08:00
Max Wu f6bd238b0f Merge pull request #387 from hackmdio/cm-refactor
Extract CodeMirror instance
2017-03-14 23:11:56 +08:00
Wu Cheng-Han f55a4b8497 Update to fix pagination error in list.js over v1.5.0 2017-03-14 23:08:15 +08:00
Wu Cheng-Han 506a381eca Add config option for gitlab api scope and auto adapt gitlab snippet feature on it 2017-03-14 18:04:23 +08:00
Wu Cheng-Han 2fa51fb4ba Fix export html to replace fallen cdn tortue.me to cdnjs 2017-03-14 16:37:38 +08:00
Wu Cheng-Han f491cdabc1 Fix rendering might result XSS attribute on self closing tag [Security Issue] 2017-03-14 16:27:55 +08:00
Yukai Huang cc30d370f7 Fix variable exporting error 2017-03-13 22:00:20 +08:00
Yukai Huang 93e41f3a40 Merge branch 'master' into cm-refactor 2017-03-13 21:32:50 +08:00
Wu Cheng-Han edb1b4aa0a Merge branch 'master' of https://github.com/jackycute/HackMD 2017-03-13 18:56:32 +08:00
Wu Cheng-Han c818cde782 Update facebook message link in features doc 2017-03-13 18:55:44 +08:00
Yukai Huang 9b513f619f Use JavaScript standard style 2017-03-09 15:39:42 +08:00
BoHong Li 5bc642d02e Use JavaScript Standard Style (part 2)
Fixed all fail on frontend code.
2017-03-09 02:41:05 +08:00
Yukai Huang 6556c284e5 Extract editor related code
- in public/js/lib/editor/index.js
2017-03-08 21:43:32 +08:00
Yukai Huang 121d84863a Extract UI jquery node 2017-03-07 21:59:18 +08:00
Wu Cheng-Han 0bea4da623 Fix out of sync when deleting on same cursor position on several clients
from: https://github.com/aullman/opentok-editor/issues/4
2017-02-18 20:11:57 +08:00
Wu Cheng-Han 0aaa598130 Fix not determine OT have pending operations properly 2017-02-18 20:11:18 +08:00
Wu Cheng-Han f7149f5a83 Fix to keep selections on save and restore info 2017-02-18 20:10:34 +08:00
Wu Cheng-Han 1ca39d9c8e Update to allow li tag specify value number 2017-02-17 21:56:35 +08:00
Max Wu 99a2cbc604 Update google drive picker to enable setOwnedByMe to show shared files and folders 2017-02-11 00:11:21 +08:00
Wu Cheng-Han 1a617ddf2e Fix duplicated headers anchor link not been updated properly 2017-02-03 22:02:12 +08:00
Wu Cheng-Han 7863eec366 Fix "[object HTMLCollection] is not iterable!" error in some browsers 2017-02-03 22:01:30 +08:00
Wu Cheng-Han 0a3baec5b6 Fix missing type declaration in text complete strategy 2017-02-03 21:59:26 +08:00
Max Wu a261c8e812 Merge pull request #341 from nvsofts/fix_bom_utf8
Removed UTF-8 BOM in download function
2017-02-03 18:28:05 +08:00
NV 5a212b9335 Removed UTF-8 BOM in download function 2017-02-03 17:35:49 +09:00
Wu Cheng-Han e67a6ad368 Fix missing type declaration 2017-02-03 00:07:08 +08:00