codimd/lib
Samuel Trégouët 6ff6d215ab fix: add state parameter for oauth2
state parameter is recommended with oauth2 authentification
to mitigate CSRF attacks (see [1]).
hydra [2] will throw the following error message if state is
missing:

  description="The state is missing or has less than 8 characters and is therefore considered too weak" error=invalid_state hint="Request
 parameter \"state\" must be at least be 8 characters long to ensure sufficient entropy."

[1]: https://auth0.com/docs/protocols/oauth2/oauth-state
[2]: https://www.ory.sh/hydra/

Signed-off-by: Samuel Trégouët <samuel.tregouet@gmail.com>
2020-05-11 15:59:49 +02:00
..
auth fix: add state parameter for oauth2 2020-05-11 15:59:49 +02:00
config fix: add state parameter for oauth2 2020-05-11 15:59:49 +02:00
errorPage refactor: remove web folder 2020-01-06 14:19:02 +08:00
history refactor: change errorInternalError function signature to avoid parameter passing error 2020-02-26 11:26:01 +08:00
homepage refactor: remove web folder 2020-01-06 14:19:02 +08:00
imageRouter chore: change aws-sdk to @aws-sdk/client-s3-node, reduced module size 2020-04-12 02:24:35 +08:00
middleware refactor: change errorServiceUnavailable function signature to avoid parameter passing error 2020-02-26 11:26:56 +08:00
migrations feat: remove very old history migration method (since 0.2.8) 2020-01-06 14:19:01 +08:00
models Fix GitHub's avatar URL 2020-04-20 12:25:32 +01:00
note return errorForbidden when anonymous user tries to create freeUrl pad (closes #1499) 2020-04-29 22:42:56 +02:00
ot Fix logging in ot module 2018-11-13 23:30:13 +01:00
realtime refactor: remove web folder 2020-01-06 14:19:02 +08:00
status Lazy load dicts, support cdn, config webpack 2020-02-05 18:34:02 +08:00
user refactor: change errorInternalError function signature to avoid parameter passing error 2020-02-26 11:26:01 +08:00
web/middleware Update lib/web/middleware/checkVersion.js 2020-03-17 02:24:01 +08:00
workers refactor: fix lint on lib/workers/dmpWorker.js 2019-08-04 23:56:31 +08:00
csp.js fix: only enable dropbox directives when config is given 2020-03-03 18:35:57 +08:00
letter-avatars.js refactor: fix lint on lib/letter-avatars.js 2019-08-04 23:56:32 +08:00
logger.js refactor: fix lint warning on lib/logger.js 2019-04-12 18:00:54 +08:00
response.js refactor: change errorServiceUnavailable function signature to avoid parameter passing error 2020-02-26 11:26:56 +08:00
routes.js refactor: noteActions 2020-01-06 14:19:03 +08:00
utils.js refactor: remove web folder 2020-01-06 14:19:02 +08:00