* Run db migrations on npm start
* Add documentation about integration with AD LDAP * Add `rel="noopener"` to all links * Add documentation about integration with Nextcloud for authentication * Update URL on frontpage to point to codimd.org * Replace Fontawesome with Forkawesome * Add OpenID support * Add print icon to slide view * Add auto-complete for language names that are highlighted in codeblocks * Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language * Add Download action to published document API * Add reset password feature to `manage_users` script * Move from own `./tmp` directory to system temp directory * Add Etherpad migration guide * Move XSS library to a more native position * Use full version string to determine changes from the backend * Update winston (logging library) * Use slide preview in slide example * Improve migration handling * Update reveal.js to version 3.7.0 * Replace scrypt library with its successor * Replace `to-markdown` with `turndown` (successor library) * Update socket.io * Add warning on missing base URL * Update bootstrap to version 3.4.0 * Update handlebar * Fix paths in GitLab documentation * Fix missing `data:` URL in CSP * Fix oAuth2 name/label field * Fix GitLab API integration * Fix auto-completed but not rendered emojis * Fix menu organization depending on enabled services * Fix some logging in the OT module * Fix some unhandled internalOAuthError exception * Fix unwanted creation of robots.txt document in "freeurl-mode" * Fix some links on index page to lead to the right sections on feature page * Fix document breaking, empty headlines * Fix wrong multiplication for HSTS header seconds * Fix wrong subdirectories in exported user data * Fix CSP for speaker notes * Fix CSP for disqus * Fix URL API usage * Fix Gist embedding * Fix upload provider error message * Fix unescaped disqus user names * Fix SAML vulnerability * Fix link to SAML guide * Fix deep dependency problem with node 6.x * Fix broken PDF export by wrong unlink call * Fix possible XSS attack in MathJax * Refactor to use `ws` instead of the the no longer supported `uws` * Refactor frontend build system to use webpack version 4 * Refactor file path configuration (views, uploads, …) * Refactor `manage_users` script * Refactor handling of template variables * Refactor linting to use eslint * Remove no longer working Octicons * Remove links to our old Gitter channel * Remove unused library node-uuid * Remove unneeded blueimp-md5 dependency * Remove speakerdeck due to broken implementation * Adam.emts (translator) * [Alex Garcia](https://github.com/asg017) * [Cédric Couralet (micedre)](https://github.com/micedre) * [Claudius Coenen](https://github.com/ccoenen) * [Daan Sprenkels](https://github.com/dsprenkels) * [David Mehren](https://github.com/davidmehren) * [Erona](https://github.com/Eronana) * [Felix Yan](https://github.com/felixonmars) * [Jonathan](https://github.com/phrix32) * Jong-kai Yang (translator) * [MartB](https://github.com/MartB) * [Max Wu (jackycute)](https://github.com/jackycute) * [mcnesium](https://github.com/mcnesium) * Nullnine (translator) * RanoIP (translator) * [SuNbiT](https://github.com/sunbit) * Sylke Vicious (translator) * Timothee (translator) * [WilliButz](https://github.com/WilliButz) * [Xaver Maierhofer](https://github.com/xf-) * [云屿](https://github.com/cloudyu) -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEAeWzysDCaBZIKvtIHwXMNjXN3/0FAlx9Dj8ACgkQHwXMNjXN 3/2faw/8CYL5qB43K1L3wwMu5YMfVfrZALyQTrrb016I1VkGh+e18ffM4FOYSa5C xeUDf/GRa30EKqxaBZjsHoUGxQ196g9WvyA4HziEVUti2LvmWwnSjSvFqGrjFJ79 veaCfxG2NjvVc+k2Ts+E8G+1VH5TdU/TloViE6hvsu9zAOjKlxbTVlhu/YTpkIx0 9fmSSrSonMFURvVG9LFnTgtzf0f9cbjGCmu+EjKxDJ2CZ9WkjShaL3nuPTOXReaq 0MYOaWZJBsDd8nWcVqIamkKhzz/U7jRO6PpvXG6TXhJo8cqml/qpr3ZD6j6L9FOq HDQUUcligMynPaSOUBkVQXmlSPljL/2q1NYHAo0zDlP1vcm5+EWt1D4o73RZU4h5 41mNJhanDeNk/QPrnI+Dldwg1k4PBrLrlPUYyNM7F6FgoZPBTtFVJ9nQVHyI6UWS oa3iq0YKCd1ofl0AdfLljgIeRxpArQGK6ey87eXRZXveeDOC+TEAZeS1/1/cac7+ R7uCszvvLUBdE3W7JzcS5Xo4TtARPOjLkaYKObZhtzUW1YtMyGk+HpIvx2yZet8K NGpneShNa6IvygsVQqZ1ZZfIYLFIDsLQmoAe1+dffGF3K2b+ObkrT/hSimP2Ftq0 +MrdXH56cuKqfyGPnfoqa0zQhieGC6n57xW2WAoBAOcEmpx2Ng4= =cjCR -----END PGP SIGNATURE----- Merge tag '1.3.0' into DepauMD * Run db migrations on `npm start` * Add documentation about integration with AD LDAP * Add `rel="noopener"` to all links * Add documentation about integration with Nextcloud for authentication * Update URL on frontpage to point to codimd.org * Replace Fontawesome with Forkawesome * Add OpenID support * Add print icon to slide view * Add auto-complete for language names that are highlighted in codeblocks * Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language * Add Download action to published document API * Add reset password feature to `manage_users` script * Move from own `./tmp` directory to system temp directory * Add Etherpad migration guide * Move XSS library to a more native position * Use full version string to determine changes from the backend * Update winston (logging library) * Use slide preview in slide example * Improve migration handling * Update reveal.js to version 3.7.0 * Replace scrypt library with its successor * Replace `to-markdown` with `turndown` (successor library) * Update socket.io * Add warning on missing base URL * Update bootstrap to version 3.4.0 * Update handlebar * Fix paths in GitLab documentation * Fix missing `data:` URL in CSP * Fix oAuth2 name/label field * Fix GitLab API integration * Fix auto-completed but not rendered emojis * Fix menu organization depending on enabled services * Fix some logging in the OT module * Fix some unhandled internalOAuthError exception * Fix unwanted creation of robots.txt document in "freeurl-mode" * Fix some links on index page to lead to the right sections on feature page * Fix document breaking, empty headlines * Fix wrong multiplication for HSTS header seconds * Fix wrong subdirectories in exported user data * Fix CSP for speaker notes * Fix CSP for disqus * Fix URL API usage * Fix Gist embedding * Fix upload provider error message * Fix unescaped disqus user names * Fix SAML vulnerability * Fix link to SAML guide * Fix deep dependency problem with node 6.x * Fix broken PDF export by wrong unlink call * Fix possible XSS attack in MathJax * Refactor to use `ws` instead of the the no longer supported `uws` * Refactor frontend build system to use webpack version 4 * Refactor file path configuration (views, uploads, …) * Refactor `manage_users` script * Refactor handling of template variables * Refactor linting to use eslint * Remove no longer working Octicons * Remove links to our old Gitter channel * Remove unused library node-uuid * Remove unneeded blueimp-md5 dependency * Remove speakerdeck due to broken implementation * Adam.emts (translator) * [Alex Garcia](https://github.com/asg017) * [Cédric Couralet (micedre)](https://github.com/micedre) * [Claudius Coenen](https://github.com/ccoenen) * [Daan Sprenkels](https://github.com/dsprenkels) * [David Mehren](https://github.com/davidmehren) * [Erona](https://github.com/Eronana) * [Felix Yan](https://github.com/felixonmars) * [Jonathan](https://github.com/phrix32) * Jong-kai Yang (translator) * [MartB](https://github.com/MartB) * [Max Wu (jackycute)](https://github.com/jackycute) * [mcnesium](https://github.com/mcnesium) * Nullnine (translator) * RanoIP (translator) * [SuNbiT](https://github.com/sunbit) * Sylke Vicious (translator) * Timothee (translator) * [WilliButz](https://github.com/WilliButz) * [Xaver Maierhofer](https://github.com/xf-) * [云屿](https://github.com/cloudyu)
This commit is contained in:
commit
9bb50dda6c
25 changed files with 1490 additions and 1405 deletions
|
@ -221,7 +221,7 @@ There are some config settings you need to change in the files below.
|
||||||
| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD |
|
| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD |
|
||||||
| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
|
| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
|
||||||
| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
|
| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
|
||||||
| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth.md#saml-onelogin). |
|
| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). |
|
||||||
| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format |
|
| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format |
|
||||||
| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" |
|
| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" |
|
||||||
| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) |
|
| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) |
|
||||||
|
|
2
app.json
2
app.json
|
@ -6,7 +6,7 @@
|
||||||
"Markdown",
|
"Markdown",
|
||||||
"Notes"
|
"Notes"
|
||||||
],
|
],
|
||||||
"website": "https://hackmd.io",
|
"website": "https://codimd.org",
|
||||||
"repository": "https://github.com/hackmdio/codimd",
|
"repository": "https://github.com/hackmdio/codimd",
|
||||||
"logo": "https://github.com/hackmdio/codimd/raw/master/public/codimd-icon-1024.png",
|
"logo": "https://github.com/hackmdio/codimd/raw/master/public/codimd-icon-1024.png",
|
||||||
"success_url": "/",
|
"success_url": "/",
|
||||||
|
|
|
@ -2,7 +2,7 @@
|
||||||
|
|
||||||
// First configure the logger so it does not spam the console
|
// First configure the logger so it does not spam the console
|
||||||
const logger = require("../lib/logger");
|
const logger = require("../lib/logger");
|
||||||
logger.transports.console.level = "warning";
|
logger.transports.forEach((transport) => transport.level = "warning")
|
||||||
|
|
||||||
const models = require("../lib/models/");
|
const models = require("../lib/models/");
|
||||||
const readline = require("readline-sync");
|
const readline = require("readline-sync");
|
||||||
|
|
|
@ -5,9 +5,9 @@ Authentication guide - SAML
|
||||||
|
|
||||||
The basic procedure is the same as the case of OneLogin which is mentioned in [OneLogin-Guide](./saml-onelogin.md). If you want to match your IdP, you can use more configurations as below.
|
The basic procedure is the same as the case of OneLogin which is mentioned in [OneLogin-Guide](./saml-onelogin.md). If you want to match your IdP, you can use more configurations as below.
|
||||||
|
|
||||||
* If your IdP accepts metadata XML of the service provider to ease configuraion, use this url to download metadata XML.
|
* If your IdP accepts metadata XML of the service provider to ease configuration, use this url to download metadata XML.
|
||||||
* {{your-serverurl}}/auth/saml/metadata
|
* {{your-serverurl}}/auth/saml/metadata
|
||||||
* _Note: If not accessable from IdP, download to local once and upload to IdP._
|
* _Note: If not accessible from IdP, download to local once and upload to IdP._
|
||||||
* Change the value of `issuer`, `identifierFormat` to match your IdP.
|
* Change the value of `issuer`, `identifierFormat` to match your IdP.
|
||||||
* `issuer`: A unique id to identify the application to the IdP, which is the base URL of your HackMD as default
|
* `issuer`: A unique id to identify the application to the IdP, which is the base URL of your HackMD as default
|
||||||
* `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below.
|
* `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below.
|
||||||
|
@ -59,7 +59,7 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O
|
||||||
HMD_SAML_ATTRIBUTE_EMAIL=mail
|
HMD_SAML_ATTRIBUTE_EMAIL=mail
|
||||||
````
|
````
|
||||||
|
|
||||||
* If you want to controll permission by group membership, add group attribute name and required group (allowed) or external group (not allowed).
|
* If you want to control permission by group membership, add group attribute name and required group (allowed) or external group (not allowed).
|
||||||
* `groupAttribute`: An attribute name of group membership
|
* `groupAttribute`: An attribute name of group membership
|
||||||
* `requiredGroups`: Group names array for allowed access to HackMD. Use vertical bar to separate for environment variables.
|
* `requiredGroups`: Group names array for allowed access to HackMD. Use vertical bar to separate for environment variables.
|
||||||
* `externalGroups`: Group names array for not allowed access to HackMD. Use vertical bar to separate for environment variables.
|
* `externalGroups`: Group names array for not allowed access to HackMD. Use vertical bar to separate for environment variables.
|
||||||
|
|
|
@ -151,5 +151,5 @@ module.exports = {
|
||||||
allowEmailRegister: true,
|
allowEmailRegister: true,
|
||||||
allowGravatar: true,
|
allowGravatar: true,
|
||||||
allowPDFExport: true,
|
allowPDFExport: true,
|
||||||
openID: true
|
openID: false
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
'use strict'
|
'use strict'
|
||||||
// external modules
|
// external modules
|
||||||
const md5 = require('blueimp-md5')
|
const crypto = require('crypto')
|
||||||
const randomcolor = require('randomcolor')
|
const randomcolor = require('randomcolor')
|
||||||
const config = require('./config')
|
const config = require('./config')
|
||||||
|
|
||||||
|
@ -30,16 +30,21 @@ exports.generateAvatarURL = function (name, email = '', big = true) {
|
||||||
if (typeof email !== 'string') {
|
if (typeof email !== 'string') {
|
||||||
email = '' + name + '@example.com'
|
email = '' + name + '@example.com'
|
||||||
}
|
}
|
||||||
|
name=encodeURIComponent(name)
|
||||||
|
|
||||||
|
let hash = crypto.createHash('md5')
|
||||||
|
hash.update(email.toLowerCase())
|
||||||
|
let hexDigest = hash.digest('hex')
|
||||||
|
|
||||||
if (email !== '' && config.allowGravatar) {
|
if (email !== '' && config.allowGravatar) {
|
||||||
photo = 'https://www.gravatar.com/avatar/' + md5(email.toLowerCase())
|
photo = 'https://www.gravatar.com/avatar/' + hexDigest;
|
||||||
if (big) {
|
if (big) {
|
||||||
photo += '?s=400'
|
photo += '?s=400'
|
||||||
} else {
|
} else {
|
||||||
photo += '?s=96'
|
photo += '?s=96'
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
photo = config.serverURL + '/user/' + (name || email.substring(0, email.lastIndexOf('@')) || md5(email.toLowerCase())) + '/avatar.svg'
|
photo = config.serverURL + '/user/' + (name || email.substring(0, email.lastIndexOf('@')) || hexDigest) + '/avatar.svg'
|
||||||
}
|
}
|
||||||
return photo
|
return photo
|
||||||
}
|
}
|
||||||
|
|
|
@ -320,7 +320,7 @@ function actionPDF (req, res, note) {
|
||||||
res.setHeader('Content-Type', 'application/pdf; charset=UTF-8')
|
res.setHeader('Content-Type', 'application/pdf; charset=UTF-8')
|
||||||
res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling
|
res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling
|
||||||
stream.pipe(res)
|
stream.pipe(res)
|
||||||
fs.unlink(path)
|
fs.unlinkSync(path)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -111,5 +111,7 @@
|
||||||
"Do you really want to delete your user account?": "本当にアカウントを削除しますか?",
|
"Do you really want to delete your user account?": "本当にアカウントを削除しますか?",
|
||||||
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "この操作はあなたのアカウントとあなたの所有するすべてのノートを削除し、さらに他の人のノートからあなたのアカウントへの参照を除去します。",
|
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "この操作はあなたのアカウントとあなたの所有するすべてのノートを削除し、さらに他の人のノートからあなたのアカウントへの参照を除去します。",
|
||||||
"Delete user": "ユーザーの削除",
|
"Delete user": "ユーザーの削除",
|
||||||
"Export user data": "ユーザーデータをエクスポート"
|
"Export user data": "ユーザーデータをエクスポート",
|
||||||
|
"Help us translating on %s": "%s の翻訳にご協力ください",
|
||||||
|
"Source Code": "ソースコード"
|
||||||
}
|
}
|
20
package.json
20
package.json
|
@ -1,12 +1,12 @@
|
||||||
{
|
{
|
||||||
"name": "CodiMD",
|
"name": "CodiMD",
|
||||||
"version": "1.2.1",
|
"version": "1.3.0",
|
||||||
"description": "Realtime collaborative markdown notes on all platforms.",
|
"description": "Realtime collaborative markdown notes on all platforms.",
|
||||||
"main": "app.js",
|
"main": "app.js",
|
||||||
"license": "AGPL-3.0",
|
"license": "AGPL-3.0",
|
||||||
"scripts": {
|
"scripts": {
|
||||||
"test": "npm run-script eslint && npm run-script jsonlint",
|
"test": "npm run-script eslint && npm run-script jsonlint && mocha",
|
||||||
"eslint": "node_modules/.bin/eslint lib public app.js",
|
"eslint": "node_modules/.bin/eslint lib public test app.js",
|
||||||
"jsonlint": "find . -not -path './node_modules/*' -type f -name '*.json' -o -type f -name '*.json.example' | while read json; do echo $json ; jq . $json; done",
|
"jsonlint": "find . -not -path './node_modules/*' -type f -name '*.json' -o -type f -name '*.json.example' | while read json; do echo $json ; jq . $json; done",
|
||||||
"standard": "echo 'standard is no longer being used, use `npm run eslint` instead!' && exit 1",
|
"standard": "echo 'standard is no longer being used, use `npm run eslint` instead!' && exit 1",
|
||||||
"dev": "webpack --config webpack.dev.js --progress --colors --watch",
|
"dev": "webpack --config webpack.dev.js --progress --colors --watch",
|
||||||
|
@ -23,9 +23,8 @@
|
||||||
"aws-sdk": "^2.345.0",
|
"aws-sdk": "^2.345.0",
|
||||||
"azure-storage": "^2.7.0",
|
"azure-storage": "^2.7.0",
|
||||||
"base64url": "^3.0.0",
|
"base64url": "^3.0.0",
|
||||||
"blueimp-md5": "^2.6.0",
|
|
||||||
"body-parser": "^1.15.2",
|
"body-parser": "^1.15.2",
|
||||||
"bootstrap": "^3.3.7",
|
"bootstrap": "^3.4.0",
|
||||||
"bootstrap-validator": "^0.11.8",
|
"bootstrap-validator": "^0.11.8",
|
||||||
"chance": "^1.0.4",
|
"chance": "^1.0.4",
|
||||||
"cheerio": "^0.22.0",
|
"cheerio": "^0.22.0",
|
||||||
|
@ -47,7 +46,7 @@
|
||||||
"formidable": "^1.0.17",
|
"formidable": "^1.0.17",
|
||||||
"gist-embed": "~2.6.0",
|
"gist-embed": "~2.6.0",
|
||||||
"graceful-fs": "^4.1.11",
|
"graceful-fs": "^4.1.11",
|
||||||
"handlebars": "^4.0.6",
|
"handlebars": "^4.0.13",
|
||||||
"helmet": "^3.13.0",
|
"helmet": "^3.13.0",
|
||||||
"highlight.js": "~9.12.0",
|
"highlight.js": "~9.12.0",
|
||||||
"i18n": "^0.8.3",
|
"i18n": "^0.8.3",
|
||||||
|
@ -98,7 +97,7 @@
|
||||||
"passport-ldapauth": "^2.0.0",
|
"passport-ldapauth": "^2.0.0",
|
||||||
"passport-local": "^1.0.0",
|
"passport-local": "^1.0.0",
|
||||||
"passport-oauth2": "^1.4.0",
|
"passport-oauth2": "^1.4.0",
|
||||||
"passport-saml": "^0.35.0",
|
"passport-saml": "^1.0.0",
|
||||||
"passport-twitter": "^1.0.4",
|
"passport-twitter": "^1.0.4",
|
||||||
"passport.socketio": "^3.7.0",
|
"passport.socketio": "^3.7.0",
|
||||||
"pdfobject": "^2.0.201604172",
|
"pdfobject": "^2.0.201604172",
|
||||||
|
@ -133,6 +132,11 @@
|
||||||
"ws": "^6.0.0",
|
"ws": "^6.0.0",
|
||||||
"xss": "^1.0.3"
|
"xss": "^1.0.3"
|
||||||
},
|
},
|
||||||
|
"resolutions": {
|
||||||
|
"**/tough-cookie": "~2.4.0",
|
||||||
|
"**/minimatch": "^3.0.2",
|
||||||
|
"**/request": "^2.88.0"
|
||||||
|
},
|
||||||
"engines": {
|
"engines": {
|
||||||
"node": ">=6.x"
|
"node": ">=6.x"
|
||||||
},
|
},
|
||||||
|
@ -184,6 +188,8 @@
|
||||||
"less": "^2.7.1",
|
"less": "^2.7.1",
|
||||||
"less-loader": "^4.1.0",
|
"less-loader": "^4.1.0",
|
||||||
"mini-css-extract-plugin": "^0.4.1",
|
"mini-css-extract-plugin": "^0.4.1",
|
||||||
|
"mocha": "^5.2.0",
|
||||||
|
"mock-require": "^3.0.3",
|
||||||
"optimize-css-assets-webpack-plugin": "^5.0.0",
|
"optimize-css-assets-webpack-plugin": "^5.0.0",
|
||||||
"script-loader": "^0.7.2",
|
"script-loader": "^0.7.2",
|
||||||
"string-loader": "^0.0.1",
|
"string-loader": "^0.0.1",
|
||||||
|
|
|
@ -222,9 +222,6 @@ When you’re a carpenter making a beautiful chest of drawers, you’re not goin
|
||||||
### SlideShare
|
### SlideShare
|
||||||
{%slideshare briansolis/26-disruptive-technology-trends-2016-2018-56796196 %}
|
{%slideshare briansolis/26-disruptive-technology-trends-2016-2018-56796196 %}
|
||||||
|
|
||||||
### Speakerdeck
|
|
||||||
{%speakerdeck sugarenia/xxlcss-how-to-scale-css-and-keep-your-sanity %}
|
|
||||||
|
|
||||||
### PDF
|
### PDF
|
||||||
**Caution: this might be blocked by your browser if not using an `https` URL.**
|
**Caution: this might be blocked by your browser if not using an `https` URL.**
|
||||||
{%pdf https://papers.nips.cc/paper/5346-sequence-to-sequence-learning-with-neural-networks.pdf %}
|
{%pdf https://papers.nips.cc/paper/5346-sequence-to-sequence-learning-with-neural-networks.pdf %}
|
||||||
|
|
|
@ -1,6 +1,101 @@
|
||||||
Release Notes
|
Release Notes
|
||||||
===
|
===
|
||||||
|
|
||||||
|
<i class="fa fa-tag"></i> 1.3.0 <i class="fa fa-clock-o"></i> 2019-03-03 00:00
|
||||||
|
---
|
||||||
|
|
||||||
|
### Enhancements
|
||||||
|
* Run db migrations on `npm start`
|
||||||
|
* Add documentation about integration with AD LDAP
|
||||||
|
* Add `rel="noopener"` to all links
|
||||||
|
* Add documentation about integration with Nextcloud for authentication
|
||||||
|
* Update URL on frontpage to point to codimd.org
|
||||||
|
* Replace Fontawesome with Forkawesome
|
||||||
|
* Add OpenID support
|
||||||
|
* Add print icon to slide view
|
||||||
|
* Add auto-complete for language names that are highlighted in codeblocks
|
||||||
|
* Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language
|
||||||
|
* Add Download action to published document API
|
||||||
|
* Add reset password feature to `manage_users` script
|
||||||
|
* Move from own `./tmp` directory to system temp directory
|
||||||
|
* Add Etherpad migration guide
|
||||||
|
* Move XSS library to a more native position
|
||||||
|
* Use full version string to determine changes from the backend
|
||||||
|
* Update winston (logging library)
|
||||||
|
* Use slide preview in slide example
|
||||||
|
* Improve migration handling
|
||||||
|
* Update reveal.js to version 3.7.0
|
||||||
|
* Replace scrypt library with its successor
|
||||||
|
* Replace `to-markdown` with `turndown` (successor library)
|
||||||
|
* Update socket.io
|
||||||
|
* Add warning on missing base URL
|
||||||
|
* Update bootstrap to version 3.4.0
|
||||||
|
* Update handlebar
|
||||||
|
|
||||||
|
### Fixes
|
||||||
|
* Fix paths in GitLab documentation
|
||||||
|
* Fix missing `data:` URL in CSP
|
||||||
|
* Fix oAuth2 name/label field
|
||||||
|
* Fix GitLab API integration
|
||||||
|
* Fix auto-completed but not rendered emojis
|
||||||
|
* Fix menu organization depending on enabled services
|
||||||
|
* Fix some logging in the OT module
|
||||||
|
* Fix some unhandled internalOAuthError exception
|
||||||
|
* Fix unwanted creation of robots.txt document in "freeurl-mode"
|
||||||
|
* Fix some links on index page to lead to the right sections on feature page
|
||||||
|
* Fix document breaking, empty headlines
|
||||||
|
* Fix wrong multiplication for HSTS header seconds
|
||||||
|
* Fix wrong subdirectories in exported user data
|
||||||
|
* Fix CSP for speaker notes
|
||||||
|
* Fix CSP for disqus
|
||||||
|
* Fix URL API usage
|
||||||
|
* Fix Gist embedding
|
||||||
|
* Fix upload provider error message
|
||||||
|
* Fix unescaped disqus user names
|
||||||
|
* Fix SAML vulnerability
|
||||||
|
* Fix link to SAML guide
|
||||||
|
* Fix deep dependency problem with node 6.x
|
||||||
|
* Fix broken PDF export by wrong unlink call
|
||||||
|
* Fix possible XSS attack in MathJax
|
||||||
|
|
||||||
|
### Refactors
|
||||||
|
* Refactor to use `ws` instead of the the no longer supported `uws`
|
||||||
|
* Refactor frontend build system to use webpack version 4
|
||||||
|
* Refactor file path configuration (views, uploads, …)
|
||||||
|
* Refactor `manage_users` script
|
||||||
|
* Refactor handling of template variables
|
||||||
|
* Refactor linting to use eslint
|
||||||
|
|
||||||
|
### Removes
|
||||||
|
* Remove no longer working Octicons
|
||||||
|
* Remove links to our old Gitter channel
|
||||||
|
* Remove unused library node-uuid
|
||||||
|
* Remove unneeded blueimp-md5 dependency
|
||||||
|
* Remove speakerdeck due to broken implementation
|
||||||
|
|
||||||
|
### Contributors
|
||||||
|
* Adam.emts (translator)
|
||||||
|
* [Alex Garcia](https://github.com/asg017)
|
||||||
|
* [Cédric Couralet (micedre)](https://github.com/micedre)
|
||||||
|
* [Claudius Coenen](https://github.com/ccoenen)
|
||||||
|
* [Daan Sprenkels](https://github.com/dsprenkels)
|
||||||
|
* [David Mehren](https://github.com/davidmehren)
|
||||||
|
* [Erona](https://github.com/Eronana)
|
||||||
|
* [Felix Yan](https://github.com/felixonmars)
|
||||||
|
* [Jonathan](https://github.com/phrix32)
|
||||||
|
* Jong-kai Yang (translator)
|
||||||
|
* [MartB](https://github.com/MartB)
|
||||||
|
* [Max Wu (jackycute)](https://github.com/jackycute)
|
||||||
|
* [mcnesium](https://github.com/mcnesium)
|
||||||
|
* Nullnine (translator)
|
||||||
|
* RanoIP (translator)
|
||||||
|
* [SuNbiT](https://github.com/sunbit)
|
||||||
|
* Sylke Vicious (translator)
|
||||||
|
* Timothee (translator)
|
||||||
|
* [WilliButz](https://github.com/WilliButz)
|
||||||
|
* [Xaver Maierhofer](https://github.com/xf-)
|
||||||
|
* [云屿](https://github.com/cloudyu)
|
||||||
|
|
||||||
<i class="fa fa-tag"></i> 1.2.1 <i class="fa fa-clock-o"></i> 2018-09-26 00:00
|
<i class="fa fa-tag"></i> 1.2.1 <i class="fa fa-clock-o"></i> 2018-09-26 00:00
|
||||||
---
|
---
|
||||||
|
|
||||||
|
|
|
@ -459,34 +459,13 @@ export function finishView (view) {
|
||||||
// speakerdeck
|
// speakerdeck
|
||||||
view.find('div.speakerdeck.raw').removeClass('raw')
|
view.find('div.speakerdeck.raw').removeClass('raw')
|
||||||
.each((key, value) => {
|
.each((key, value) => {
|
||||||
const url = `https://speakerdeck.com/oembed.json?url=https%3A%2F%2Fspeakerdeck.com%2F${encodeURIComponent($(value).attr('data-speakerdeckid'))}`
|
const url = `https://speakerdeck.com/${$(value).attr('data-speakerdeckid')}`
|
||||||
// use yql because speakerdeck not support jsonp
|
const inner = $('<a>Speakerdeck</a>')
|
||||||
$.ajax({
|
inner.attr('href', url)
|
||||||
url: 'https://query.yahooapis.com/v1/public/yql',
|
inner.attr('rel', 'noopener noreferrer')
|
||||||
data: {
|
inner.attr('target', '_blank')
|
||||||
q: `select * from json where url ='${url}'`,
|
$(value).append(inner)
|
||||||
format: 'json'
|
})
|
||||||
},
|
|
||||||
dataType: 'jsonp',
|
|
||||||
success (data) {
|
|
||||||
if (!data.query || !data.query.results) return
|
|
||||||
const json = data.query.results.json
|
|
||||||
const html = json.html
|
|
||||||
var ratio = json.height / json.width
|
|
||||||
$(value).html(html)
|
|
||||||
const iframe = $(value).children('iframe')
|
|
||||||
const src = iframe.attr('src')
|
|
||||||
if (src.indexOf('//') === 0) { iframe.attr('src', `https:${src}`) }
|
|
||||||
const inner = $('<div class="inner"></div>').append(iframe)
|
|
||||||
const height = iframe.attr('height')
|
|
||||||
const width = iframe.attr('width')
|
|
||||||
ratio = (height / width) * 100
|
|
||||||
inner.css('padding-bottom', `${ratio}%`)
|
|
||||||
$(value).html(inner)
|
|
||||||
if (window.viewAjaxCallback) window.viewAjaxCallback()
|
|
||||||
}
|
|
||||||
})
|
|
||||||
})
|
|
||||||
// pdf
|
// pdf
|
||||||
view.find('div.pdf.raw').removeClass('raw')
|
view.find('div.pdf.raw').removeClass('raw')
|
||||||
.each(function (key, value) {
|
.each(function (key, value) {
|
||||||
|
|
|
@ -1,7 +1,6 @@
|
||||||
/* eslint-env browser, jquery */
|
/* eslint-env browser, jquery */
|
||||||
/* global CodeMirror, Cookies, moment, editor, ui, Spinner,
|
/* global CodeMirror, Cookies, moment, Spinner, Idle, serverurl,
|
||||||
modeType, Idle, serverurl, key, gapi, Dropbox, FilePicker
|
key, Dropbox, ot, hex2rgb, Visibility */
|
||||||
ot, MediaUploader, hex2rgb, num_loaded, Visibility */
|
|
||||||
|
|
||||||
require('../vendor/showup/showup')
|
require('../vendor/showup/showup')
|
||||||
|
|
||||||
|
|
|
@ -45,7 +45,7 @@ var filterXSSOptions = {
|
||||||
// allow comment tag
|
// allow comment tag
|
||||||
if (tag === '!--') {
|
if (tag === '!--') {
|
||||||
// do not filter its attributes
|
// do not filter its attributes
|
||||||
return html
|
return html.replace(/<(?!!--)/g, '<').replace(/-->/g, '__HTML_COMMENT_END__').replace(/>/g, '>').replace(/__HTML_COMMENT_END__/g, '-->')
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
onTagAttr: function (tag, name, value, isWhiteAttr) {
|
onTagAttr: function (tag, name, value, isWhiteAttr) {
|
||||||
|
|
|
@ -3,11 +3,12 @@
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js" integrity="sha256-PieqE0QdEDMppwXrTzSZQr6tWFX3W5KkyRVyF1zN3eg=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js" integrity="sha256-PieqE0QdEDMppwXrTzSZQr6tWFX3W5KkyRVyF1zN3eg=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js" integrity="sha256-jnOjDTXIPqall8M0MyTSt98JetJuZ7Yu+1Jm7hLTF7U=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js" integrity="sha256-jnOjDTXIPqall8M0MyTSt98JetJuZ7Yu+1Jm7hLTF7U=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
||||||
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
||||||
|
@ -23,5 +24,6 @@
|
||||||
<% } else { %>
|
<% } else { %>
|
||||||
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
||||||
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
||||||
|
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
|
||||||
<%- include ../build/index-pack-scripts %>
|
<%- include ../build/index-pack-scripts %>
|
||||||
<% } %>
|
<% } %>
|
||||||
|
|
|
@ -8,7 +8,7 @@
|
||||||
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
||||||
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
||||||
<% if(useCDN) { %>
|
<% if(useCDN) { %>
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
||||||
|
|
|
@ -15,7 +15,7 @@
|
||||||
<link rel="icon" type="image/png" href="{{{url}}}/favicon.png">
|
<link rel="icon" type="image/png" href="{{{url}}}/favicon.png">
|
||||||
<link rel="apple-touch-icon" href="{{{url}}}/apple-touch-icon.png">
|
<link rel="apple-touch-icon" href="{{{url}}}/apple-touch-icon.png">
|
||||||
|
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.5.1/themes/prism.min.css" integrity="sha256-vtR0hSWRc3Tb26iuN2oZHt3KRUomwTufNIf5/4oeCyg=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.5.1/themes/prism.min.css" integrity="sha256-vtR0hSWRc3Tb26iuN2oZHt3KRUomwTufNIf5/4oeCyg=" crossorigin="anonymous" />
|
||||||
|
@ -49,7 +49,7 @@
|
||||||
{{{ui-toc-affix}}}
|
{{{ui-toc-affix}}}
|
||||||
</div>
|
</div>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/gist-embed/2.6.0/gist-embed.min.js" integrity="sha256-KyF2D6xPIJUW5sUDSs93vWyZm+1RzIpKCexxElmxl8g=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/gist-embed/2.6.0/gist-embed.min.js" integrity="sha256-KyF2D6xPIJUW5sUDSs93vWyZm+1RzIpKCexxElmxl8g=" crossorigin="anonymous" defer></script>
|
||||||
<script>
|
<script>
|
||||||
var markdown = $(".markdown-body");
|
var markdown = $(".markdown-body");
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<% if(useCDN) { %>
|
<% if(useCDN) { %>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/list.pagination.js/0.1.1/list.pagination.min.js" integrity="sha256-WwTza96H3BgcQTfEfxX7MFaFc/dZA0QrPRKDRLdFHJo=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/list.pagination.js/0.1.1/list.pagination.min.js" integrity="sha256-WwTza96H3BgcQTfEfxX7MFaFc/dZA0QrPRKDRLdFHJo=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js" integrity="sha256-HzzZFiY4t0PIv02Tm8/R3CVvLpcjHhO1z/YAUCp4oQ4=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js" integrity="sha256-HzzZFiY4t0PIv02Tm8/R3CVvLpcjHhO1z/YAUCp4oQ4=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||||
|
|
|
@ -10,7 +10,7 @@
|
||||||
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
||||||
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
||||||
<% if(useCDN) { %>
|
<% if(useCDN) { %>
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.4/select2.min.css" integrity="sha256-ijlUKKj3hJCiiT2HWo1kqkI79NTEYpzOsw5Rs3k42dI=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.4/select2.min.css" integrity="sha256-ijlUKKj3hJCiiT2HWo1kqkI79NTEYpzOsw5Rs3k42dI=" crossorigin="anonymous" />
|
||||||
|
|
|
@ -18,7 +18,7 @@
|
||||||
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
||||||
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
||||||
<% if(useCDN) { %>
|
<% if(useCDN) { %>
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
||||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/css/basic/emojify.min.css" integrity="sha256-UOrvMOsSDSrW6szVLe8ZDZezBxh5IoIfgTwdNDgTjiU=" crossorigin="anonymous" />
|
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/css/basic/emojify.min.css" integrity="sha256-UOrvMOsSDSrW6szVLe8ZDZezBxh5IoIfgTwdNDgTjiU=" crossorigin="anonymous" />
|
||||||
|
@ -75,11 +75,12 @@
|
||||||
<% if(useCDN) { %>
|
<% if(useCDN) { %>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js" integrity="sha256-jnOjDTXIPqall8M0MyTSt98JetJuZ7Yu+1Jm7hLTF7U=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js" integrity="sha256-jnOjDTXIPqall8M0MyTSt98JetJuZ7Yu+1Jm7hLTF7U=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
||||||
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
||||||
|
@ -92,6 +93,7 @@
|
||||||
<% } else { %>
|
<% } else { %>
|
||||||
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
||||||
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
||||||
|
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
|
||||||
<%- include build/pretty-pack-scripts %>
|
<%- include build/pretty-pack-scripts %>
|
||||||
<% } %>
|
<% } %>
|
||||||
<%- include shared/ga %>
|
<%- include shared/ga %>
|
||||||
|
|
|
@ -5,7 +5,7 @@ var disqus_config = function () {
|
||||||
};
|
};
|
||||||
(function() {
|
(function() {
|
||||||
var d = document, s = d.createElement('script');
|
var d = document, s = d.createElement('script');
|
||||||
s.src = 'https://<%= disqus %>.disqus.com/embed.js';
|
s.src = 'https://<%= disqus.replace(/[^A-Za-z0-9]+/g, '') %>.disqus.com/embed.js';
|
||||||
s.setAttribute('data-timestamp', +new Date());
|
s.setAttribute('data-timestamp', +new Date());
|
||||||
(d.head || d.body).appendChild(s);
|
(d.head || d.body).appendChild(s);
|
||||||
})();
|
})();
|
||||||
|
|
|
@ -96,6 +96,7 @@
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
||||||
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
||||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
||||||
|
@ -108,6 +109,7 @@
|
||||||
<% } else { %>
|
<% } else { %>
|
||||||
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
||||||
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
||||||
|
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
|
||||||
<%- include build/slide-pack-scripts %>
|
<%- include build/slide-pack-scripts %>
|
||||||
<% } %>
|
<% } %>
|
||||||
</body>
|
</body>
|
||||||
|
|
124
test/csp.js
Normal file
124
test/csp.js
Normal file
|
@ -0,0 +1,124 @@
|
||||||
|
/* eslint-env node, mocha */
|
||||||
|
'use strict'
|
||||||
|
|
||||||
|
const assert = require('assert')
|
||||||
|
const crypto = require('crypto')
|
||||||
|
const fs = require('fs')
|
||||||
|
const path = require('path')
|
||||||
|
const mock = require('mock-require')
|
||||||
|
|
||||||
|
describe('Content security policies', function () {
|
||||||
|
let defaultConfig, csp
|
||||||
|
|
||||||
|
before(function () {
|
||||||
|
csp = require('../lib/csp')
|
||||||
|
})
|
||||||
|
|
||||||
|
beforeEach(function () {
|
||||||
|
// Reset config to make sure we don't influence other tests
|
||||||
|
defaultConfig = {
|
||||||
|
csp: {
|
||||||
|
enable: true,
|
||||||
|
directives: {
|
||||||
|
},
|
||||||
|
addDefaults: true,
|
||||||
|
addDisqus: true,
|
||||||
|
addGoogleAnalytics: true,
|
||||||
|
upgradeInsecureRequests: 'auto',
|
||||||
|
reportURI: undefined
|
||||||
|
},
|
||||||
|
useCDN: true
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
afterEach(function () {
|
||||||
|
mock.stop('../lib/config')
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
})
|
||||||
|
|
||||||
|
after(function () {
|
||||||
|
mock.stopAll()
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
})
|
||||||
|
|
||||||
|
// beginnging Tests
|
||||||
|
it('Disable CDN', function () {
|
||||||
|
let testconfig = defaultConfig
|
||||||
|
testconfig.useCDN = false
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
|
||||||
|
assert(!csp.computeDirectives().scriptSrc.includes('https://cdnjs.cloudflare.com'))
|
||||||
|
assert(!csp.computeDirectives().scriptSrc.includes('https://cdn.mathjax.org'))
|
||||||
|
assert(!csp.computeDirectives().styleSrc.includes('https://cdnjs.cloudflare.com'))
|
||||||
|
assert(!csp.computeDirectives().styleSrc.includes('https://fonts.googleapis.com'))
|
||||||
|
assert(!csp.computeDirectives().fontSrc.includes('https://cdnjs.cloudflare.com'))
|
||||||
|
assert(!csp.computeDirectives().fontSrc.includes('https://fonts.gstatic.com'))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Disable Google Analytics', function () {
|
||||||
|
let testconfig = defaultConfig
|
||||||
|
testconfig.csp.addGoogleAnalytics = false
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
|
||||||
|
assert(!csp.computeDirectives().scriptSrc.includes('https://www.google-analytics.com'))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Disable Disqus', function () {
|
||||||
|
let testconfig = defaultConfig
|
||||||
|
testconfig.csp.addDisqus = false
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
|
||||||
|
assert(!csp.computeDirectives().scriptSrc.includes('https://disqus.com'))
|
||||||
|
assert(!csp.computeDirectives().scriptSrc.includes('https://*.disqus.com'))
|
||||||
|
assert(!csp.computeDirectives().scriptSrc.includes('https://*.disquscdn.com'))
|
||||||
|
assert(!csp.computeDirectives().styleSrc.includes('https://*.disquscdn.com'))
|
||||||
|
assert(!csp.computeDirectives().fontSrc.includes('https://*.disquscdn.com'))
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Set ReportURI', function () {
|
||||||
|
let testconfig = defaultConfig
|
||||||
|
testconfig.csp.reportURI = 'https://example.com/reportURI'
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
|
||||||
|
assert.strictEqual(csp.computeDirectives().reportUri, 'https://example.com/reportURI')
|
||||||
|
})
|
||||||
|
|
||||||
|
it('Set own directives', function () {
|
||||||
|
let testconfig = defaultConfig
|
||||||
|
mock('../lib/config', defaultConfig)
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
const unextendedCSP = csp.computeDirectives()
|
||||||
|
testconfig.csp.directives = {
|
||||||
|
defaultSrc: ['https://default.example.com'],
|
||||||
|
scriptSrc: ['https://script.example.com'],
|
||||||
|
imgSrc: ['https://img.example.com'],
|
||||||
|
styleSrc: ['https://style.example.com'],
|
||||||
|
fontSrc: ['https://font.example.com'],
|
||||||
|
objectSrc: ['https://object.example.com'],
|
||||||
|
mediaSrc: ['https://media.example.com'],
|
||||||
|
childSrc: ['https://child.example.com'],
|
||||||
|
connectSrc: ['https://connect.example.com']
|
||||||
|
}
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
csp = mock.reRequire('../lib/csp')
|
||||||
|
|
||||||
|
const variations = ['default', 'script', 'img', 'style', 'font', 'object', 'media', 'child', 'connect']
|
||||||
|
|
||||||
|
for (let i = 0; i < variations.length; i++) {
|
||||||
|
assert.strictEqual(csp.computeDirectives()[variations[i] + 'Src'].toString(), ['https://' + variations[i] + '.example.com'].concat(unextendedCSP[variations[i] + 'Src']).toString())
|
||||||
|
}
|
||||||
|
})
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This test reminds us to update the CSP hash for the speaker notes
|
||||||
|
*/
|
||||||
|
it('Unchanged hash for reveal.js speaker notes plugin', function () {
|
||||||
|
const hash = crypto.createHash('sha1')
|
||||||
|
hash.update(fs.readFileSync(path.resolve(__dirname, '../node_modules/reveal.js/plugin/notes/notes.html'), 'utf8'), 'utf8')
|
||||||
|
assert.strictEqual(hash.digest('hex'), '471f3826880fac884a4a14faabc492bc854ae994')
|
||||||
|
})
|
||||||
|
})
|
52
test/letter-avatars.js
Normal file
52
test/letter-avatars.js
Normal file
|
@ -0,0 +1,52 @@
|
||||||
|
/* eslint-env node, mocha */
|
||||||
|
|
||||||
|
'use strict'
|
||||||
|
|
||||||
|
const assert = require('assert')
|
||||||
|
const mock = require('mock-require')
|
||||||
|
|
||||||
|
describe('generateAvatarURL() gravatar enabled', function () {
|
||||||
|
let avatars
|
||||||
|
beforeEach(function () {
|
||||||
|
// Reset config to make sure we don't influence other tests
|
||||||
|
let testconfig = {
|
||||||
|
allowGravatar: true,
|
||||||
|
serverURL: 'http://localhost:3000',
|
||||||
|
port: 3000
|
||||||
|
}
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
avatars = mock.reRequire('../lib/letter-avatars')
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return correct urls', function () {
|
||||||
|
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', true), 'https://www.gravatar.com/avatar/d41b5f3508cc3f31865566a47dd0336b?s=400')
|
||||||
|
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', false), 'https://www.gravatar.com/avatar/d41b5f3508cc3f31865566a47dd0336b?s=96')
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return correct urls for names with spaces', function () {
|
||||||
|
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels'), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||||
|
})
|
||||||
|
})
|
||||||
|
|
||||||
|
describe('generateAvatarURL() gravatar disabled', function () {
|
||||||
|
let avatars
|
||||||
|
beforeEach(function () {
|
||||||
|
// Reset config to make sure we don't influence other tests
|
||||||
|
let testconfig = {
|
||||||
|
allowGravatar: false,
|
||||||
|
serverURL: 'http://localhost:3000',
|
||||||
|
port: 3000
|
||||||
|
}
|
||||||
|
mock('../lib/config', testconfig)
|
||||||
|
avatars = mock.reRequire('../lib/letter-avatars')
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return correct urls', function () {
|
||||||
|
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', true), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||||
|
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', false), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||||
|
})
|
||||||
|
|
||||||
|
it('should return correct urls for names with spaces', function () {
|
||||||
|
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels'), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||||
|
})
|
||||||
|
})
|
Loading…
Reference in a new issue