Currently, when creating a note with content via the API, a title is only saved to the database after visiting the note with the browser. This commit makes sure that a title is saved at creation time.
Closes#306
Signed-off-by: David Mehren <git@herrmehren.de>
The OAuth2 specification RECOMMENDS setting the state to protect against
CSRF attacks. Some OAuth2 providers (e.g. ORY Hydra) refuse to
authenticate without the state set.
This is a cherry-pick of 852868419d.
Signed-off-by: haslersn <sebastian.hasler@gmx.net>
CodiMD currently only uses the 'lang' attribute in YAML-metadata of a note for setting certain js-elements of the markdown-renderer. This commit adds the chosen lang into the published version of a note.
Signed-off-by: Erik Michelson <github@erik.michelson.eu>
This is a backport of #278 with the default value of `scope` changed to
`undefined`. This is thus a fully backward-compatible change.
Signed-off-by: Victor Berger <victor.berger@m4x.org>
Because of circular import problems, this commit also moves the error messages from response.js to errors.js
Signed-off-by: David Mehren <dmehren1@gmail.com>
This makes the references consistent/compatible with GitHub,
GitLab, Pandoc and many other tools.
This behavior can be enabled in config.json with:
```
"linkifyHeaderStyle": "gfm"
```
Signed-off-by: hoijui <hoijui.quaero@gmail.com>
We have various places with overly simple if statements that could be
handled by our logging library. Also a lot of those logs are not marked
as debug logs but as info logs, which can cause confusion during
debugging.
This patch removed unneeded if clauses around debug logging statements,
reworks debug log messages towards ECMA templates and add some new
logging statements which might be helpful in order to debug things like
image uploads.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Since we are about to release it's time to finally fix our linting. This
patch basically runs eslint --fix and does some further manual fixes.
Also it sets up eslint to fail on every warning on order to make
warnings visable in the CI process.
There should no functional change be introduced.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
With very low CPU frequency or bad IO situation, as well as not-loaded
JS CodiMD happens to present unneeded "I'm busy"-messages to users.
This patch allows to configure the lag. The default is taken from the
libray but set in our own default configs.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
disableRequestedAuthnContext: true|false
By default only Password authmethod is accepted, this option allows any other method.
Issue and option described here:
https://github.com/bergie/passport-saml/issues/226
Signed-off-by: Emmanuel Ormancey <emmanuel.ormancey@cern.ch>
Since Google+ is shutting down soon, we need to get the profile data
from another URL. Since the library already supports it, all we need to
do is adding a single line of code.
Details:
https://github.com/hackmdio/codimd/issues/1160
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
Fix wrong config options
In `./lib/web/auth/` some config includes still used `config.serverurl` instead of the correct `config.serverURL`. This causes wrong URL in worst case.
This patch should fix those problems and migrate the wrong statements to camelcase.
This commit also refactors the code a bit, and adds a '-' separator
between a filename and its duplicate index.
This commit fixes#1079.
Signed-off-by: Daan Sprenkels <hello@dsprenkels.com>
most rules degraded to WARN, so we don't go insane. This will
change over time. The aim is to conform to a common style
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
This fixes part of #1056: an error while obtaining the profile
would have `502`-crashed the server.
Signed-off-by: Claudius Coenen <opensource@amenthes.de>
Currently we only provide the version from `package.json`. This means
that during updates of instances, e.g. the demo instance, which runs
latest master instead of a stable release, changes are not reflected to
the webclient.
This patch adds a fullversion string that contains the current commit
and this way makes that clients are notified about changes.
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
