mirrors/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-09-20 07:59:03 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
2387 commits 36 branches 47 tags 158 MiB
Commit graph

2387 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sheogorath
651db60985
Update CDN defaults 
As we noticed in our poll about CDN usage, that most people
intentionally turn it off, but very little intetionally turn it on or
leave it on. [1]

There is also strong indicators that CDNs don't really provide any
benefits in loading time and due to the small deployments of CodiMD,
there is no big savings due to CDNs either. [2]

Therefore this patch changes the CDN default settings to off in order to
reduce the exposed user data.

[1]: https://community.codimd.org/t/poll-on-cdn-usage/28
[2]: https://csswizardry.com/2019/05/self-host-your-static-assets/

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2020-02-09 21:59:17 +01:00
Sheogorath
8039066f99
Update yarn.lock 
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2020-02-09 14:34:28 +01:00
Sheogorath
d5ae45b268
Merge branch 'google-oauth' 
See https://github.com/codimd/server/pull/265
 2020-02-09 13:48:26 +01:00
ike
78682f57c4 Update app.json 
Signed-off-by: ike <developer@ikewat.com>
 2020-02-08 15:57:35 +08:00
ike
197223dc81 Add Google oauth variable: hostedDomain 
Which is part of `passport-google-oauth2`.
It could be used as whitelist to a domain supported by google oauth.
Ref: https://github.com/jaredhanson/passport-google-oauth2/issues/3

Signed-off-by: ike <developer@ikewat.com>
 2020-02-08 15:57:22 +08:00
Sheogorath
b3d4cdbceb
Update RevealJS to version 3.9.2 
This update of revealJS helps us to get rid of the headjs depedency
integration using webpack. It updates reveal.js to 3.9.2 and updates the
csp hash accordingly for using the slide mode.

Background for this update is the critical security vulnerability
described by snyk in their disclosure:
https://snyk.io/vuln/SNYK-JS-REVEALJS-543841

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
 2020-02-01 12:53:15 +01:00
Sheogorath
c9e66c0385
Merge pull request #261 from ErikMichelson/fix/privacy-template-libravatar 
Changed Gravatar to Libravatar in privacy-template
 2020-01-23 09:32:19 +01:00
Erik Michelson
b4a25da931
Changed Gravatar to Libravatar in privacy-template 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2020-01-23 00:19:25 +01:00
Sheogorath
5fd3d21ee8
Merge pull request #259 from Amolith/master 
update env docs in reference to #247
 2020-01-21 01:49:10 +01:00
Sheogorath
5a8621bdee
Merge pull request #250 from ErikMichelson/fix/signin-focus 
Fix #249 - Focus user field after opening login modal
 2020-01-20 18:55:33 +01:00
Amolith
412540b8e5 update env docs in reference to #247 
Signed-off-by: Amolith <amolith@nixnet.xyz>
 2020-01-16 17:25:41 -05:00
Sheogorath
bebbf77217
Merge pull request #257 from bluehood/fix_fonts_without_cdn 
Fix font loading when useCDN is false
 2020-01-15 18:51:00 +01:00
Enrico Guiraud
2acd54bbdb
Fix font path when useCND is false and urlPath is used 
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
 2020-01-15 16:32:55 +01:00
Enrico Guiraud
2d3b009e13
Fix font paths when useCDN is false and no urlPath is present 
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
 2020-01-15 16:32:12 +01:00
Sheogorath
e222e4426d
Merge pull request #248 from b10102016/patch-1 
Update example config for gitlab authorization
 2020-01-13 18:53:14 +01:00
Ian Tsai
deb3b94662 Update example config for gitlab authorization 
Update example config for gitlab authorization

Signed-off-by: Ian Tsai <b10102016@gmail.com>
 2020-01-13 19:30:15 +08:00
Claudius Coenen
95d3e5c58b
Merge pull request #252 from ccoenen/master 
heroku complains about dialect
 2020-01-12 01:04:32 +01:00
Claudius
ebe67298fc heroku complains about dialect 
Signed-off-by: Claudius <opensource@amenthes.de>
 2020-01-11 23:51:52 +01:00
Erik Michelson
c9abe4276f
Fix #249 - Focus user field after opening login modal 
Signed-off-by: Erik Michelson <erik@liltv.de>
 2020-01-08 18:37:11 +01:00
Sheogorath
472ae01546
Merge pull request #235 from soerface/issue-234 
Fix #234 - make manage_users work again
 2019-12-28 13:35:57 +01:00
Sheogorath
1f1059d46c
Merge pull request #242 from bluehood/fix_urlpath 
Fix urlPath support, let CodiMD be served from a subpath correctly
 2019-12-28 13:33:25 +01:00
Sheogorath
76c1d8e2b8
Merge pull request #244 from savaroskij/master 
[DOC] Run `manage_users` with `NODE_ENV=production` set.
 2019-12-28 13:32:54 +01:00
Matteo Savatteri
8496baa5b9 [DOC] Run manage_users with NODE_ENV=production set. 
`manage_user` script defaults to `development` environment.

Signed-off-by: Matteo Savatteri <matteosavatteri@lcm.mi.infn.it>
 2019-12-24 18:02:55 +01:00
Enrico Guiraud
23c7b5b0a6
Fix urlPath support, let CodiMD be served from a subpath correctly 
Webpack now uses relative paths for resources linked from by static
snippets. A templated <base> tag has been introduced in headers
so app.js can set the base URL at runtime.

Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
 2019-12-20 12:03:16 +01:00
Sheogorath
313eb74ed6
Merge pull request #239 from bluehood/npm_not_yarn 
[DOC] Use `npm start`, not `yarn start` to start
 2019-12-20 11:15:49 +01:00
Enrico Guiraud
ed2a792886
[DOC] Use npm start, not yarn start to start 
`yarn start --production` ignores the `--production` flag,
`npm start --production` does not.

Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
 2019-12-20 11:08:40 +01:00
Sheogorath
6733e8ead2
Merge pull request #243 from bluehood/docs 
[DOC] Misc improvements to manual setup instructions
 2019-12-20 11:04:40 +01:00
Enrico Guiraud
5c552b81a0
[DOC] Misc improvements to manual setup instructions 
Signed-off-by: Enrico Guiraud <enrico.guiraud@cern.ch>
 2019-12-20 00:26:48 +01:00
Soeren Wegener
bb1c150698
Check for falsy existing_user variable. Fixes #234 
Use another return code for "User already exist"
This allows external scripts to differentiate between failure reasons.

Signed-off-by: Soeren Wegener <wegener92@gmail.com>
 2019-12-09 17:46:25 +01:00
Sheogorath
33150b79c7
Merge pull request #218 from hoijui/linkifyHeaderStyle 
Linkify header style
 2019-12-03 14:40:00 +01:00
Sheogorath
2ddec15af8
Merge pull request #224 from davidmehren/webpack_updates 
Upgrade webpack & plugins
 2019-12-03 14:35:56 +01:00
Sheogorath
9bd09805d4
Merge pull request #227 from foobarable/fix/saml 
Fixing redirection after SAML login
 2019-12-03 14:35:19 +01:00
Ralph Krimmel
bd689dd096 Making the linter happy by removing superfluous ; 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-29 15:59:11 +01:00
Ralph Krimmel
4e1d4868e7 Making the linter happy by removing superfluous ; 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-29 15:54:58 +01:00
Ralph Krimmel
31a3a17369 Merge branch 'fix/saml' of https://github.com/foobarable/server into fix/saml 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-28 14:16:30 +01:00
Ralph Krimmel
9534cdafbf Making the linter happy by removing superfluous ; 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-28 14:00:34 +01:00
Ralph Krimmel
32113e874d Making the linter happy by removing superfluous ; 2019-11-28 12:26:50 +01:00
Ralph Krimmel
3fb3ca54e9 Removing returnTo setting from referer in all other authentication sources 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-28 12:25:59 +01:00
Ralph Krimmel
e0a8872742 Moving the storage of referrer information to main authorization check instead of doing it in the authentication source 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-28 10:59:59 +01:00
Ralph Krimmel
3e8cf5778f Fixing linting problems 
Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-27 15:17:00 +01:00
foobarable
1881775379 Fixing redirection after SAML login 
Saving referer into session in SAML auth so passport can redirect correctly after SAML login.

Signed-off-by: Ralph Krimmel <rkrimme1@gwdg.de>
 2019-11-27 15:08:30 +01:00
David Mehren
3e218e2983
Upgrade webpack & plugins 
Signed-off-by: David Mehren <dmehren1@gmail.com>
 2019-11-23 18:11:17 +01:00
Sheogorath
689f5a0a95
Merge pull request #213 from davidmehren/refactor_backend_notes 
First steps in refactoring the backend code
 2019-11-20 20:07:35 +01:00
Sheogorath
f894d3c2fa Update sv.json (POEditor.com) 2019-11-20 20:07:02 +01:00
Sheogorath
7a7e2e1d7a Update sk.json (POEditor.com) 2019-11-20 20:07:00 +01:00
Sheogorath
62791f80e0 Update it.json (POEditor.com) 2019-11-20 20:06:58 +01:00
Sheogorath
62ea120f92 Update fr.json (POEditor.com) 2019-11-20 20:06:56 +01:00
Sheogorath
18f3499ddb Update ca.json (POEditor.com) 2019-11-20 20:06:54 +01:00
Sheogorath
b4a0770a89
Merge pull request #223 from codimd/snyk-fix-84ae3f6ae6fb5c18e43decdf8ab49318 
[Snyk] Fix for 1 vulnerabilities
 2019-11-16 12:18:09 +01:00
snyk-bot
5dbfb82b7f fix: package.json to reduce vulnerabilities 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-HANDLEBARS-534478
 2019-11-16 05:35:27 +00:00