* Run db migrations on npm start
* Add documentation about integration with AD LDAP * Add `rel="noopener"` to all links * Add documentation about integration with Nextcloud for authentication * Update URL on frontpage to point to codimd.org * Replace Fontawesome with Forkawesome * Add OpenID support * Add print icon to slide view * Add auto-complete for language names that are highlighted in codeblocks * Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language * Add Download action to published document API * Add reset password feature to `manage_users` script * Move from own `./tmp` directory to system temp directory * Add Etherpad migration guide * Move XSS library to a more native position * Use full version string to determine changes from the backend * Update winston (logging library) * Use slide preview in slide example * Improve migration handling * Update reveal.js to version 3.7.0 * Replace scrypt library with its successor * Replace `to-markdown` with `turndown` (successor library) * Update socket.io * Add warning on missing base URL * Update bootstrap to version 3.4.0 * Update handlebar * Fix paths in GitLab documentation * Fix missing `data:` URL in CSP * Fix oAuth2 name/label field * Fix GitLab API integration * Fix auto-completed but not rendered emojis * Fix menu organization depending on enabled services * Fix some logging in the OT module * Fix some unhandled internalOAuthError exception * Fix unwanted creation of robots.txt document in "freeurl-mode" * Fix some links on index page to lead to the right sections on feature page * Fix document breaking, empty headlines * Fix wrong multiplication for HSTS header seconds * Fix wrong subdirectories in exported user data * Fix CSP for speaker notes * Fix CSP for disqus * Fix URL API usage * Fix Gist embedding * Fix upload provider error message * Fix unescaped disqus user names * Fix SAML vulnerability * Fix link to SAML guide * Fix deep dependency problem with node 6.x * Fix broken PDF export by wrong unlink call * Fix possible XSS attack in MathJax * Refactor to use `ws` instead of the the no longer supported `uws` * Refactor frontend build system to use webpack version 4 * Refactor file path configuration (views, uploads, …) * Refactor `manage_users` script * Refactor handling of template variables * Refactor linting to use eslint * Remove no longer working Octicons * Remove links to our old Gitter channel * Remove unused library node-uuid * Remove unneeded blueimp-md5 dependency * Remove speakerdeck due to broken implementation * Adam.emts (translator) * [Alex Garcia](https://github.com/asg017) * [Cédric Couralet (micedre)](https://github.com/micedre) * [Claudius Coenen](https://github.com/ccoenen) * [Daan Sprenkels](https://github.com/dsprenkels) * [David Mehren](https://github.com/davidmehren) * [Erona](https://github.com/Eronana) * [Felix Yan](https://github.com/felixonmars) * [Jonathan](https://github.com/phrix32) * Jong-kai Yang (translator) * [MartB](https://github.com/MartB) * [Max Wu (jackycute)](https://github.com/jackycute) * [mcnesium](https://github.com/mcnesium) * Nullnine (translator) * RanoIP (translator) * [SuNbiT](https://github.com/sunbit) * Sylke Vicious (translator) * Timothee (translator) * [WilliButz](https://github.com/WilliButz) * [Xaver Maierhofer](https://github.com/xf-) * [云屿](https://github.com/cloudyu) -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEAeWzysDCaBZIKvtIHwXMNjXN3/0FAlx9Dj8ACgkQHwXMNjXN 3/2faw/8CYL5qB43K1L3wwMu5YMfVfrZALyQTrrb016I1VkGh+e18ffM4FOYSa5C xeUDf/GRa30EKqxaBZjsHoUGxQ196g9WvyA4HziEVUti2LvmWwnSjSvFqGrjFJ79 veaCfxG2NjvVc+k2Ts+E8G+1VH5TdU/TloViE6hvsu9zAOjKlxbTVlhu/YTpkIx0 9fmSSrSonMFURvVG9LFnTgtzf0f9cbjGCmu+EjKxDJ2CZ9WkjShaL3nuPTOXReaq 0MYOaWZJBsDd8nWcVqIamkKhzz/U7jRO6PpvXG6TXhJo8cqml/qpr3ZD6j6L9FOq HDQUUcligMynPaSOUBkVQXmlSPljL/2q1NYHAo0zDlP1vcm5+EWt1D4o73RZU4h5 41mNJhanDeNk/QPrnI+Dldwg1k4PBrLrlPUYyNM7F6FgoZPBTtFVJ9nQVHyI6UWS oa3iq0YKCd1ofl0AdfLljgIeRxpArQGK6ey87eXRZXveeDOC+TEAZeS1/1/cac7+ R7uCszvvLUBdE3W7JzcS5Xo4TtARPOjLkaYKObZhtzUW1YtMyGk+HpIvx2yZet8K NGpneShNa6IvygsVQqZ1ZZfIYLFIDsLQmoAe1+dffGF3K2b+ObkrT/hSimP2Ftq0 +MrdXH56cuKqfyGPnfoqa0zQhieGC6n57xW2WAoBAOcEmpx2Ng4= =cjCR -----END PGP SIGNATURE----- Merge tag '1.3.0' into DepauMD * Run db migrations on `npm start` * Add documentation about integration with AD LDAP * Add `rel="noopener"` to all links * Add documentation about integration with Nextcloud for authentication * Update URL on frontpage to point to codimd.org * Replace Fontawesome with Forkawesome * Add OpenID support * Add print icon to slide view * Add auto-complete for language names that are highlighted in codeblocks * Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language * Add Download action to published document API * Add reset password feature to `manage_users` script * Move from own `./tmp` directory to system temp directory * Add Etherpad migration guide * Move XSS library to a more native position * Use full version string to determine changes from the backend * Update winston (logging library) * Use slide preview in slide example * Improve migration handling * Update reveal.js to version 3.7.0 * Replace scrypt library with its successor * Replace `to-markdown` with `turndown` (successor library) * Update socket.io * Add warning on missing base URL * Update bootstrap to version 3.4.0 * Update handlebar * Fix paths in GitLab documentation * Fix missing `data:` URL in CSP * Fix oAuth2 name/label field * Fix GitLab API integration * Fix auto-completed but not rendered emojis * Fix menu organization depending on enabled services * Fix some logging in the OT module * Fix some unhandled internalOAuthError exception * Fix unwanted creation of robots.txt document in "freeurl-mode" * Fix some links on index page to lead to the right sections on feature page * Fix document breaking, empty headlines * Fix wrong multiplication for HSTS header seconds * Fix wrong subdirectories in exported user data * Fix CSP for speaker notes * Fix CSP for disqus * Fix URL API usage * Fix Gist embedding * Fix upload provider error message * Fix unescaped disqus user names * Fix SAML vulnerability * Fix link to SAML guide * Fix deep dependency problem with node 6.x * Fix broken PDF export by wrong unlink call * Fix possible XSS attack in MathJax * Refactor to use `ws` instead of the the no longer supported `uws` * Refactor frontend build system to use webpack version 4 * Refactor file path configuration (views, uploads, …) * Refactor `manage_users` script * Refactor handling of template variables * Refactor linting to use eslint * Remove no longer working Octicons * Remove links to our old Gitter channel * Remove unused library node-uuid * Remove unneeded blueimp-md5 dependency * Remove speakerdeck due to broken implementation * Adam.emts (translator) * [Alex Garcia](https://github.com/asg017) * [Cédric Couralet (micedre)](https://github.com/micedre) * [Claudius Coenen](https://github.com/ccoenen) * [Daan Sprenkels](https://github.com/dsprenkels) * [David Mehren](https://github.com/davidmehren) * [Erona](https://github.com/Eronana) * [Felix Yan](https://github.com/felixonmars) * [Jonathan](https://github.com/phrix32) * Jong-kai Yang (translator) * [MartB](https://github.com/MartB) * [Max Wu (jackycute)](https://github.com/jackycute) * [mcnesium](https://github.com/mcnesium) * Nullnine (translator) * RanoIP (translator) * [SuNbiT](https://github.com/sunbit) * Sylke Vicious (translator) * Timothee (translator) * [WilliButz](https://github.com/WilliButz) * [Xaver Maierhofer](https://github.com/xf-) * [云屿](https://github.com/cloudyu)
This commit is contained in:
commit
9bb50dda6c
25 changed files with 1490 additions and 1405 deletions
|
@ -221,7 +221,7 @@ There are some config settings you need to change in the files below.
|
|||
| `CMD_LDAP_USERNAMEFIELD` | Fallback to userid | The LDAP field which is used as the username on CodiMD |
|
||||
| `CMD_LDAP_TLS_CA` | `server-cert.pem, root.pem` | Root CA for LDAP TLS in PEM format (use comma to separate) |
|
||||
| `CMD_LDAP_PROVIDERNAME` | `My institution` | Optional name to be displayed at login form indicating the LDAP provider |
|
||||
| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth.md#saml-onelogin). |
|
||||
| `CMD_SAML_IDPSSOURL` | `https://idp.example.com/sso` | authentication endpoint of IdP. for details, see [guide](docs/guides/auth/saml-onelogin.md). |
|
||||
| `CMD_SAML_IDPCERT` | `/path/to/cert.pem` | certificate file path of IdP in PEM format |
|
||||
| `CMD_SAML_ISSUER` | no example | identity of the service provider (optional, default: serverurl)" |
|
||||
| `CMD_SAML_IDENTIFIERFORMAT` | no example | name identifier format (optional, default: `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`) |
|
||||
|
|
2
app.json
2
app.json
|
@ -6,7 +6,7 @@
|
|||
"Markdown",
|
||||
"Notes"
|
||||
],
|
||||
"website": "https://hackmd.io",
|
||||
"website": "https://codimd.org",
|
||||
"repository": "https://github.com/hackmdio/codimd",
|
||||
"logo": "https://github.com/hackmdio/codimd/raw/master/public/codimd-icon-1024.png",
|
||||
"success_url": "/",
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
// First configure the logger so it does not spam the console
|
||||
const logger = require("../lib/logger");
|
||||
logger.transports.console.level = "warning";
|
||||
logger.transports.forEach((transport) => transport.level = "warning")
|
||||
|
||||
const models = require("../lib/models/");
|
||||
const readline = require("readline-sync");
|
||||
|
|
|
@ -5,9 +5,9 @@ Authentication guide - SAML
|
|||
|
||||
The basic procedure is the same as the case of OneLogin which is mentioned in [OneLogin-Guide](./saml-onelogin.md). If you want to match your IdP, you can use more configurations as below.
|
||||
|
||||
* If your IdP accepts metadata XML of the service provider to ease configuraion, use this url to download metadata XML.
|
||||
* If your IdP accepts metadata XML of the service provider to ease configuration, use this url to download metadata XML.
|
||||
* {{your-serverurl}}/auth/saml/metadata
|
||||
* _Note: If not accessable from IdP, download to local once and upload to IdP._
|
||||
* _Note: If not accessible from IdP, download to local once and upload to IdP._
|
||||
* Change the value of `issuer`, `identifierFormat` to match your IdP.
|
||||
* `issuer`: A unique id to identify the application to the IdP, which is the base URL of your HackMD as default
|
||||
* `identifierFormat`: A format of unique id to identify the user of IdP, which is the format based on email address as default. It is recommend that you use as below.
|
||||
|
@ -59,7 +59,7 @@ The basic procedure is the same as the case of OneLogin which is mentioned in [O
|
|||
HMD_SAML_ATTRIBUTE_EMAIL=mail
|
||||
````
|
||||
|
||||
* If you want to controll permission by group membership, add group attribute name and required group (allowed) or external group (not allowed).
|
||||
* If you want to control permission by group membership, add group attribute name and required group (allowed) or external group (not allowed).
|
||||
* `groupAttribute`: An attribute name of group membership
|
||||
* `requiredGroups`: Group names array for allowed access to HackMD. Use vertical bar to separate for environment variables.
|
||||
* `externalGroups`: Group names array for not allowed access to HackMD. Use vertical bar to separate for environment variables.
|
||||
|
|
|
@ -151,5 +151,5 @@ module.exports = {
|
|||
allowEmailRegister: true,
|
||||
allowGravatar: true,
|
||||
allowPDFExport: true,
|
||||
openID: true
|
||||
openID: false
|
||||
}
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
'use strict'
|
||||
// external modules
|
||||
const md5 = require('blueimp-md5')
|
||||
const crypto = require('crypto')
|
||||
const randomcolor = require('randomcolor')
|
||||
const config = require('./config')
|
||||
|
||||
|
@ -30,16 +30,21 @@ exports.generateAvatarURL = function (name, email = '', big = true) {
|
|||
if (typeof email !== 'string') {
|
||||
email = '' + name + '@example.com'
|
||||
}
|
||||
name=encodeURIComponent(name)
|
||||
|
||||
let hash = crypto.createHash('md5')
|
||||
hash.update(email.toLowerCase())
|
||||
let hexDigest = hash.digest('hex')
|
||||
|
||||
if (email !== '' && config.allowGravatar) {
|
||||
photo = 'https://www.gravatar.com/avatar/' + md5(email.toLowerCase())
|
||||
photo = 'https://www.gravatar.com/avatar/' + hexDigest;
|
||||
if (big) {
|
||||
photo += '?s=400'
|
||||
} else {
|
||||
photo += '?s=96'
|
||||
}
|
||||
} else {
|
||||
photo = config.serverURL + '/user/' + (name || email.substring(0, email.lastIndexOf('@')) || md5(email.toLowerCase())) + '/avatar.svg'
|
||||
photo = config.serverURL + '/user/' + (name || email.substring(0, email.lastIndexOf('@')) || hexDigest) + '/avatar.svg'
|
||||
}
|
||||
return photo
|
||||
}
|
||||
|
|
|
@ -320,7 +320,7 @@ function actionPDF (req, res, note) {
|
|||
res.setHeader('Content-Type', 'application/pdf; charset=UTF-8')
|
||||
res.setHeader('X-Robots-Tag', 'noindex, nofollow') // prevent crawling
|
||||
stream.pipe(res)
|
||||
fs.unlink(path)
|
||||
fs.unlinkSync(path)
|
||||
})
|
||||
}
|
||||
|
||||
|
|
|
@ -111,5 +111,7 @@
|
|||
"Do you really want to delete your user account?": "本当にアカウントを削除しますか?",
|
||||
"This will delete your account, all notes that are owned by you and remove all references to your account from other notes.": "この操作はあなたのアカウントとあなたの所有するすべてのノートを削除し、さらに他の人のノートからあなたのアカウントへの参照を除去します。",
|
||||
"Delete user": "ユーザーの削除",
|
||||
"Export user data": "ユーザーデータをエクスポート"
|
||||
"Export user data": "ユーザーデータをエクスポート",
|
||||
"Help us translating on %s": "%s の翻訳にご協力ください",
|
||||
"Source Code": "ソースコード"
|
||||
}
|
20
package.json
20
package.json
|
@ -1,12 +1,12 @@
|
|||
{
|
||||
"name": "CodiMD",
|
||||
"version": "1.2.1",
|
||||
"version": "1.3.0",
|
||||
"description": "Realtime collaborative markdown notes on all platforms.",
|
||||
"main": "app.js",
|
||||
"license": "AGPL-3.0",
|
||||
"scripts": {
|
||||
"test": "npm run-script eslint && npm run-script jsonlint",
|
||||
"eslint": "node_modules/.bin/eslint lib public app.js",
|
||||
"test": "npm run-script eslint && npm run-script jsonlint && mocha",
|
||||
"eslint": "node_modules/.bin/eslint lib public test app.js",
|
||||
"jsonlint": "find . -not -path './node_modules/*' -type f -name '*.json' -o -type f -name '*.json.example' | while read json; do echo $json ; jq . $json; done",
|
||||
"standard": "echo 'standard is no longer being used, use `npm run eslint` instead!' && exit 1",
|
||||
"dev": "webpack --config webpack.dev.js --progress --colors --watch",
|
||||
|
@ -23,9 +23,8 @@
|
|||
"aws-sdk": "^2.345.0",
|
||||
"azure-storage": "^2.7.0",
|
||||
"base64url": "^3.0.0",
|
||||
"blueimp-md5": "^2.6.0",
|
||||
"body-parser": "^1.15.2",
|
||||
"bootstrap": "^3.3.7",
|
||||
"bootstrap": "^3.4.0",
|
||||
"bootstrap-validator": "^0.11.8",
|
||||
"chance": "^1.0.4",
|
||||
"cheerio": "^0.22.0",
|
||||
|
@ -47,7 +46,7 @@
|
|||
"formidable": "^1.0.17",
|
||||
"gist-embed": "~2.6.0",
|
||||
"graceful-fs": "^4.1.11",
|
||||
"handlebars": "^4.0.6",
|
||||
"handlebars": "^4.0.13",
|
||||
"helmet": "^3.13.0",
|
||||
"highlight.js": "~9.12.0",
|
||||
"i18n": "^0.8.3",
|
||||
|
@ -98,7 +97,7 @@
|
|||
"passport-ldapauth": "^2.0.0",
|
||||
"passport-local": "^1.0.0",
|
||||
"passport-oauth2": "^1.4.0",
|
||||
"passport-saml": "^0.35.0",
|
||||
"passport-saml": "^1.0.0",
|
||||
"passport-twitter": "^1.0.4",
|
||||
"passport.socketio": "^3.7.0",
|
||||
"pdfobject": "^2.0.201604172",
|
||||
|
@ -133,6 +132,11 @@
|
|||
"ws": "^6.0.0",
|
||||
"xss": "^1.0.3"
|
||||
},
|
||||
"resolutions": {
|
||||
"**/tough-cookie": "~2.4.0",
|
||||
"**/minimatch": "^3.0.2",
|
||||
"**/request": "^2.88.0"
|
||||
},
|
||||
"engines": {
|
||||
"node": ">=6.x"
|
||||
},
|
||||
|
@ -184,6 +188,8 @@
|
|||
"less": "^2.7.1",
|
||||
"less-loader": "^4.1.0",
|
||||
"mini-css-extract-plugin": "^0.4.1",
|
||||
"mocha": "^5.2.0",
|
||||
"mock-require": "^3.0.3",
|
||||
"optimize-css-assets-webpack-plugin": "^5.0.0",
|
||||
"script-loader": "^0.7.2",
|
||||
"string-loader": "^0.0.1",
|
||||
|
|
|
@ -222,9 +222,6 @@ When you’re a carpenter making a beautiful chest of drawers, you’re not goin
|
|||
### SlideShare
|
||||
{%slideshare briansolis/26-disruptive-technology-trends-2016-2018-56796196 %}
|
||||
|
||||
### Speakerdeck
|
||||
{%speakerdeck sugarenia/xxlcss-how-to-scale-css-and-keep-your-sanity %}
|
||||
|
||||
### PDF
|
||||
**Caution: this might be blocked by your browser if not using an `https` URL.**
|
||||
{%pdf https://papers.nips.cc/paper/5346-sequence-to-sequence-learning-with-neural-networks.pdf %}
|
||||
|
|
|
@ -1,6 +1,101 @@
|
|||
Release Notes
|
||||
===
|
||||
|
||||
<i class="fa fa-tag"></i> 1.3.0 <i class="fa fa-clock-o"></i> 2019-03-03 00:00
|
||||
---
|
||||
|
||||
### Enhancements
|
||||
* Run db migrations on `npm start`
|
||||
* Add documentation about integration with AD LDAP
|
||||
* Add `rel="noopener"` to all links
|
||||
* Add documentation about integration with Nextcloud for authentication
|
||||
* Update URL on frontpage to point to codimd.org
|
||||
* Replace Fontawesome with Forkawesome
|
||||
* Add OpenID support
|
||||
* Add print icon to slide view
|
||||
* Add auto-complete for language names that are highlighted in codeblocks
|
||||
* Improve translations for Chinese, Dutch, French, German, Italien, Korean, Polish, and Russian language
|
||||
* Add Download action to published document API
|
||||
* Add reset password feature to `manage_users` script
|
||||
* Move from own `./tmp` directory to system temp directory
|
||||
* Add Etherpad migration guide
|
||||
* Move XSS library to a more native position
|
||||
* Use full version string to determine changes from the backend
|
||||
* Update winston (logging library)
|
||||
* Use slide preview in slide example
|
||||
* Improve migration handling
|
||||
* Update reveal.js to version 3.7.0
|
||||
* Replace scrypt library with its successor
|
||||
* Replace `to-markdown` with `turndown` (successor library)
|
||||
* Update socket.io
|
||||
* Add warning on missing base URL
|
||||
* Update bootstrap to version 3.4.0
|
||||
* Update handlebar
|
||||
|
||||
### Fixes
|
||||
* Fix paths in GitLab documentation
|
||||
* Fix missing `data:` URL in CSP
|
||||
* Fix oAuth2 name/label field
|
||||
* Fix GitLab API integration
|
||||
* Fix auto-completed but not rendered emojis
|
||||
* Fix menu organization depending on enabled services
|
||||
* Fix some logging in the OT module
|
||||
* Fix some unhandled internalOAuthError exception
|
||||
* Fix unwanted creation of robots.txt document in "freeurl-mode"
|
||||
* Fix some links on index page to lead to the right sections on feature page
|
||||
* Fix document breaking, empty headlines
|
||||
* Fix wrong multiplication for HSTS header seconds
|
||||
* Fix wrong subdirectories in exported user data
|
||||
* Fix CSP for speaker notes
|
||||
* Fix CSP for disqus
|
||||
* Fix URL API usage
|
||||
* Fix Gist embedding
|
||||
* Fix upload provider error message
|
||||
* Fix unescaped disqus user names
|
||||
* Fix SAML vulnerability
|
||||
* Fix link to SAML guide
|
||||
* Fix deep dependency problem with node 6.x
|
||||
* Fix broken PDF export by wrong unlink call
|
||||
* Fix possible XSS attack in MathJax
|
||||
|
||||
### Refactors
|
||||
* Refactor to use `ws` instead of the the no longer supported `uws`
|
||||
* Refactor frontend build system to use webpack version 4
|
||||
* Refactor file path configuration (views, uploads, …)
|
||||
* Refactor `manage_users` script
|
||||
* Refactor handling of template variables
|
||||
* Refactor linting to use eslint
|
||||
|
||||
### Removes
|
||||
* Remove no longer working Octicons
|
||||
* Remove links to our old Gitter channel
|
||||
* Remove unused library node-uuid
|
||||
* Remove unneeded blueimp-md5 dependency
|
||||
* Remove speakerdeck due to broken implementation
|
||||
|
||||
### Contributors
|
||||
* Adam.emts (translator)
|
||||
* [Alex Garcia](https://github.com/asg017)
|
||||
* [Cédric Couralet (micedre)](https://github.com/micedre)
|
||||
* [Claudius Coenen](https://github.com/ccoenen)
|
||||
* [Daan Sprenkels](https://github.com/dsprenkels)
|
||||
* [David Mehren](https://github.com/davidmehren)
|
||||
* [Erona](https://github.com/Eronana)
|
||||
* [Felix Yan](https://github.com/felixonmars)
|
||||
* [Jonathan](https://github.com/phrix32)
|
||||
* Jong-kai Yang (translator)
|
||||
* [MartB](https://github.com/MartB)
|
||||
* [Max Wu (jackycute)](https://github.com/jackycute)
|
||||
* [mcnesium](https://github.com/mcnesium)
|
||||
* Nullnine (translator)
|
||||
* RanoIP (translator)
|
||||
* [SuNbiT](https://github.com/sunbit)
|
||||
* Sylke Vicious (translator)
|
||||
* Timothee (translator)
|
||||
* [WilliButz](https://github.com/WilliButz)
|
||||
* [Xaver Maierhofer](https://github.com/xf-)
|
||||
* [云屿](https://github.com/cloudyu)
|
||||
|
||||
<i class="fa fa-tag"></i> 1.2.1 <i class="fa fa-clock-o"></i> 2018-09-26 00:00
|
||||
---
|
||||
|
||||
|
|
|
@ -459,33 +459,12 @@ export function finishView (view) {
|
|||
// speakerdeck
|
||||
view.find('div.speakerdeck.raw').removeClass('raw')
|
||||
.each((key, value) => {
|
||||
const url = `https://speakerdeck.com/oembed.json?url=https%3A%2F%2Fspeakerdeck.com%2F${encodeURIComponent($(value).attr('data-speakerdeckid'))}`
|
||||
// use yql because speakerdeck not support jsonp
|
||||
$.ajax({
|
||||
url: 'https://query.yahooapis.com/v1/public/yql',
|
||||
data: {
|
||||
q: `select * from json where url ='${url}'`,
|
||||
format: 'json'
|
||||
},
|
||||
dataType: 'jsonp',
|
||||
success (data) {
|
||||
if (!data.query || !data.query.results) return
|
||||
const json = data.query.results.json
|
||||
const html = json.html
|
||||
var ratio = json.height / json.width
|
||||
$(value).html(html)
|
||||
const iframe = $(value).children('iframe')
|
||||
const src = iframe.attr('src')
|
||||
if (src.indexOf('//') === 0) { iframe.attr('src', `https:${src}`) }
|
||||
const inner = $('<div class="inner"></div>').append(iframe)
|
||||
const height = iframe.attr('height')
|
||||
const width = iframe.attr('width')
|
||||
ratio = (height / width) * 100
|
||||
inner.css('padding-bottom', `${ratio}%`)
|
||||
$(value).html(inner)
|
||||
if (window.viewAjaxCallback) window.viewAjaxCallback()
|
||||
}
|
||||
})
|
||||
const url = `https://speakerdeck.com/${$(value).attr('data-speakerdeckid')}`
|
||||
const inner = $('<a>Speakerdeck</a>')
|
||||
inner.attr('href', url)
|
||||
inner.attr('rel', 'noopener noreferrer')
|
||||
inner.attr('target', '_blank')
|
||||
$(value).append(inner)
|
||||
})
|
||||
// pdf
|
||||
view.find('div.pdf.raw').removeClass('raw')
|
||||
|
|
|
@ -1,7 +1,6 @@
|
|||
/* eslint-env browser, jquery */
|
||||
/* global CodeMirror, Cookies, moment, editor, ui, Spinner,
|
||||
modeType, Idle, serverurl, key, gapi, Dropbox, FilePicker
|
||||
ot, MediaUploader, hex2rgb, num_loaded, Visibility */
|
||||
/* global CodeMirror, Cookies, moment, Spinner, Idle, serverurl,
|
||||
key, Dropbox, ot, hex2rgb, Visibility */
|
||||
|
||||
require('../vendor/showup/showup')
|
||||
|
||||
|
|
|
@ -45,7 +45,7 @@ var filterXSSOptions = {
|
|||
// allow comment tag
|
||||
if (tag === '!--') {
|
||||
// do not filter its attributes
|
||||
return html
|
||||
return html.replace(/<(?!!--)/g, '<').replace(/-->/g, '__HTML_COMMENT_END__').replace(/>/g, '>').replace(/__HTML_COMMENT_END__/g, '-->')
|
||||
}
|
||||
},
|
||||
onTagAttr: function (tag, name, value, isWhiteAttr) {
|
||||
|
|
|
@ -3,11 +3,12 @@
|
|||
<script src="https://cdnjs.cloudflare.com/ajax/libs/spin.js/2.3.2/spin.min.js" integrity="sha256-PieqE0QdEDMppwXrTzSZQr6tWFX3W5KkyRVyF1zN3eg=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js" integrity="sha256-jnOjDTXIPqall8M0MyTSt98JetJuZ7Yu+1Jm7hLTF7U=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
||||
|
@ -23,5 +24,6 @@
|
|||
<% } else { %>
|
||||
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
||||
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
||||
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
|
||||
<%- include ../build/index-pack-scripts %>
|
||||
<% } %>
|
||||
|
|
|
@ -8,7 +8,7 @@
|
|||
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
||||
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
||||
<% if(useCDN) { %>
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
||||
|
|
|
@ -15,7 +15,7 @@
|
|||
<link rel="icon" type="image/png" href="{{{url}}}/favicon.png">
|
||||
<link rel="apple-touch-icon" href="{{{url}}}/apple-touch-icon.png">
|
||||
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/prism/1.5.1/themes/prism.min.css" integrity="sha256-vtR0hSWRc3Tb26iuN2oZHt3KRUomwTufNIf5/4oeCyg=" crossorigin="anonymous" />
|
||||
|
@ -49,7 +49,7 @@
|
|||
{{{ui-toc-affix}}}
|
||||
</div>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/gist-embed/2.6.0/gist-embed.min.js" integrity="sha256-KyF2D6xPIJUW5sUDSs93vWyZm+1RzIpKCexxElmxl8g=" crossorigin="anonymous" defer></script>
|
||||
<script>
|
||||
var markdown = $(".markdown-body");
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<% if(useCDN) { %>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/list.pagination.js/0.1.1/list.pagination.min.js" integrity="sha256-WwTza96H3BgcQTfEfxX7MFaFc/dZA0QrPRKDRLdFHJo=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.2/select2.min.js" integrity="sha256-HzzZFiY4t0PIv02Tm8/R3CVvLpcjHhO1z/YAUCp4oQ4=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||
|
|
|
@ -10,7 +10,7 @@
|
|||
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
||||
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
||||
<% if(useCDN) { %>
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-social/4.9.0/bootstrap-social.min.css" integrity="sha256-02JtFTurpwBjQJ6q13iJe82/NF0RbZlJroDegK5g87Y=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/select2/3.5.4/select2.min.css" integrity="sha256-ijlUKKj3hJCiiT2HWo1kqkI79NTEYpzOsw5Rs3k42dI=" crossorigin="anonymous" />
|
||||
|
|
|
@ -18,7 +18,7 @@
|
|||
<link rel="icon" type="image/png" href="<%- serverURL %>/favicon.png">
|
||||
<link rel="apple-touch-icon" href="<%- serverURL %>/apple-touch-icon.png">
|
||||
<% if(useCDN) { %>
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha256-916EbMg70RQy9LHiGkXzG8hSg9EdNy97GazNG/aiY1w=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/css/bootstrap.min.css" integrity="sha256-H0KfTigpUV+0/5tn2HXC0CPwhhDhWgSawJdnFd0CGCo=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fork-awesome/1.1.3/css/fork-awesome.min.css" integrity="sha256-ZhApazu+kejqTYhMF+1DzNKjIzP7KXu6AzyXcC1gMus=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/ionicons/2.0.1/css/ionicons.min.css" integrity="sha256-3iu9jgsy9TpTwXKb7bNQzqWekRX7pPK+2OLj3R922fo=" crossorigin="anonymous" />
|
||||
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/css/basic/emojify.min.css" integrity="sha256-UOrvMOsSDSrW6szVLe8ZDZezBxh5IoIfgTwdNDgTjiU=" crossorigin="anonymous" />
|
||||
|
@ -75,11 +75,12 @@
|
|||
<% if(useCDN) { %>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.1/jquery.min.js" integrity="sha256-hVVnYaiADRTO2PzUGmuLJr8BLUSjGIZsDYGmIJLv2b8=" crossorigin="anonymous"></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/velocity/1.4.0/velocity.min.js" integrity="sha256-bhm0lgEt6ITaZCDzZpkr/VXVrLa5RP4u9v2AYsbzSUk=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha256-U5ZEeKfGNOja007MMD3YBI0A3OSZOQbeG6z2f2Y0hu8=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.4.0/js/bootstrap.min.js" integrity="sha256-kJrlY+s09+QoWjpkOrXXwhxeaoDz9FW5SaxF8I0DibQ=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/jquery-mousewheel/3.1.13/jquery.mousewheel.min.js" integrity="sha256-jnOjDTXIPqall8M0MyTSt98JetJuZ7Yu+1Jm7hLTF7U=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
||||
|
@ -92,6 +93,7 @@
|
|||
<% } else { %>
|
||||
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
||||
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
||||
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
|
||||
<%- include build/pretty-pack-scripts %>
|
||||
<% } %>
|
||||
<%- include shared/ga %>
|
||||
|
|
|
@ -5,7 +5,7 @@ var disqus_config = function () {
|
|||
};
|
||||
(function() {
|
||||
var d = document, s = d.createElement('script');
|
||||
s.src = 'https://<%= disqus %>.disqus.com/embed.js';
|
||||
s.src = 'https://<%= disqus.replace(/[^A-Za-z0-9]+/g, '') %>.disqus.com/embed.js';
|
||||
s.setAttribute('data-timestamp', +new Date());
|
||||
(d.head || d.body).appendChild(s);
|
||||
})();
|
||||
|
|
|
@ -96,6 +96,7 @@
|
|||
<script src="https://cdnjs.cloudflare.com/ajax/libs/js-yaml/3.7.0/js-yaml.min.js" integrity="sha256-8PanqYAVOGlOct+i65R+HqibK3KPsXINnrSfxN+Y/J0=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/MathJax.js" integrity="sha256-yYfngbEKv4RENfGDvNUqJTqGFcKf31NJEe9OTnnMH3Y=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/TeX-AMS-MML_HTMLorMML.js" integrity="sha256-immzXfCGLhnx3Zfi9F/dUcqxEM8K3o3oTFy9Bh6HCwg=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mathjax/2.7.0/config/Safe.js" integrity="sha256-0ygBUDksNDXZS4vm5HMNH1a33KUu6QT1cdNTN+ZLF+4=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.17.1/moment-with-locales.min.js" integrity="sha256-vvT7Ok9u6GbfnBPXnbM6FVDEO8E1kTdgHOFZOAXrktA=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/mermaid/7.1.0/mermaid.min.js" integrity="sha256-M3OC0Q6g4/+Q4j73OvnsnA+lMkdAE5KgupRHqTiPbnI=" crossorigin="anonymous" defer></script>
|
||||
<script src="https://cdnjs.cloudflare.com/ajax/libs/emojify.js/1.1.0/js/emojify.min.js" integrity="sha256-VAB5tAlKBvgaxw8oJ1crWMVbdmBVl4mP/2M8MNRl+4E=" crossorigin="anonymous" defer></script>
|
||||
|
@ -108,6 +109,7 @@
|
|||
<% } else { %>
|
||||
<script src="<%- serverURL %>/build/MathJax/MathJax.js" defer></script>
|
||||
<script src="<%- serverURL %>/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js" defer></script>
|
||||
<script src="<%- serverURL %>/build/MathJax/config/Safe.js" defer></script>
|
||||
<%- include build/slide-pack-scripts %>
|
||||
<% } %>
|
||||
</body>
|
||||
|
|
124
test/csp.js
Normal file
124
test/csp.js
Normal file
|
@ -0,0 +1,124 @@
|
|||
/* eslint-env node, mocha */
|
||||
'use strict'
|
||||
|
||||
const assert = require('assert')
|
||||
const crypto = require('crypto')
|
||||
const fs = require('fs')
|
||||
const path = require('path')
|
||||
const mock = require('mock-require')
|
||||
|
||||
describe('Content security policies', function () {
|
||||
let defaultConfig, csp
|
||||
|
||||
before(function () {
|
||||
csp = require('../lib/csp')
|
||||
})
|
||||
|
||||
beforeEach(function () {
|
||||
// Reset config to make sure we don't influence other tests
|
||||
defaultConfig = {
|
||||
csp: {
|
||||
enable: true,
|
||||
directives: {
|
||||
},
|
||||
addDefaults: true,
|
||||
addDisqus: true,
|
||||
addGoogleAnalytics: true,
|
||||
upgradeInsecureRequests: 'auto',
|
||||
reportURI: undefined
|
||||
},
|
||||
useCDN: true
|
||||
}
|
||||
})
|
||||
|
||||
afterEach(function () {
|
||||
mock.stop('../lib/config')
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
})
|
||||
|
||||
after(function () {
|
||||
mock.stopAll()
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
})
|
||||
|
||||
// beginnging Tests
|
||||
it('Disable CDN', function () {
|
||||
let testconfig = defaultConfig
|
||||
testconfig.useCDN = false
|
||||
mock('../lib/config', testconfig)
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
|
||||
assert(!csp.computeDirectives().scriptSrc.includes('https://cdnjs.cloudflare.com'))
|
||||
assert(!csp.computeDirectives().scriptSrc.includes('https://cdn.mathjax.org'))
|
||||
assert(!csp.computeDirectives().styleSrc.includes('https://cdnjs.cloudflare.com'))
|
||||
assert(!csp.computeDirectives().styleSrc.includes('https://fonts.googleapis.com'))
|
||||
assert(!csp.computeDirectives().fontSrc.includes('https://cdnjs.cloudflare.com'))
|
||||
assert(!csp.computeDirectives().fontSrc.includes('https://fonts.gstatic.com'))
|
||||
})
|
||||
|
||||
it('Disable Google Analytics', function () {
|
||||
let testconfig = defaultConfig
|
||||
testconfig.csp.addGoogleAnalytics = false
|
||||
mock('../lib/config', testconfig)
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
|
||||
assert(!csp.computeDirectives().scriptSrc.includes('https://www.google-analytics.com'))
|
||||
})
|
||||
|
||||
it('Disable Disqus', function () {
|
||||
let testconfig = defaultConfig
|
||||
testconfig.csp.addDisqus = false
|
||||
mock('../lib/config', testconfig)
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
|
||||
assert(!csp.computeDirectives().scriptSrc.includes('https://disqus.com'))
|
||||
assert(!csp.computeDirectives().scriptSrc.includes('https://*.disqus.com'))
|
||||
assert(!csp.computeDirectives().scriptSrc.includes('https://*.disquscdn.com'))
|
||||
assert(!csp.computeDirectives().styleSrc.includes('https://*.disquscdn.com'))
|
||||
assert(!csp.computeDirectives().fontSrc.includes('https://*.disquscdn.com'))
|
||||
})
|
||||
|
||||
it('Set ReportURI', function () {
|
||||
let testconfig = defaultConfig
|
||||
testconfig.csp.reportURI = 'https://example.com/reportURI'
|
||||
mock('../lib/config', testconfig)
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
|
||||
assert.strictEqual(csp.computeDirectives().reportUri, 'https://example.com/reportURI')
|
||||
})
|
||||
|
||||
it('Set own directives', function () {
|
||||
let testconfig = defaultConfig
|
||||
mock('../lib/config', defaultConfig)
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
const unextendedCSP = csp.computeDirectives()
|
||||
testconfig.csp.directives = {
|
||||
defaultSrc: ['https://default.example.com'],
|
||||
scriptSrc: ['https://script.example.com'],
|
||||
imgSrc: ['https://img.example.com'],
|
||||
styleSrc: ['https://style.example.com'],
|
||||
fontSrc: ['https://font.example.com'],
|
||||
objectSrc: ['https://object.example.com'],
|
||||
mediaSrc: ['https://media.example.com'],
|
||||
childSrc: ['https://child.example.com'],
|
||||
connectSrc: ['https://connect.example.com']
|
||||
}
|
||||
mock('../lib/config', testconfig)
|
||||
csp = mock.reRequire('../lib/csp')
|
||||
|
||||
const variations = ['default', 'script', 'img', 'style', 'font', 'object', 'media', 'child', 'connect']
|
||||
|
||||
for (let i = 0; i < variations.length; i++) {
|
||||
assert.strictEqual(csp.computeDirectives()[variations[i] + 'Src'].toString(), ['https://' + variations[i] + '.example.com'].concat(unextendedCSP[variations[i] + 'Src']).toString())
|
||||
}
|
||||
})
|
||||
|
||||
/*
|
||||
* This test reminds us to update the CSP hash for the speaker notes
|
||||
*/
|
||||
it('Unchanged hash for reveal.js speaker notes plugin', function () {
|
||||
const hash = crypto.createHash('sha1')
|
||||
hash.update(fs.readFileSync(path.resolve(__dirname, '../node_modules/reveal.js/plugin/notes/notes.html'), 'utf8'), 'utf8')
|
||||
assert.strictEqual(hash.digest('hex'), '471f3826880fac884a4a14faabc492bc854ae994')
|
||||
})
|
||||
})
|
52
test/letter-avatars.js
Normal file
52
test/letter-avatars.js
Normal file
|
@ -0,0 +1,52 @@
|
|||
/* eslint-env node, mocha */
|
||||
|
||||
'use strict'
|
||||
|
||||
const assert = require('assert')
|
||||
const mock = require('mock-require')
|
||||
|
||||
describe('generateAvatarURL() gravatar enabled', function () {
|
||||
let avatars
|
||||
beforeEach(function () {
|
||||
// Reset config to make sure we don't influence other tests
|
||||
let testconfig = {
|
||||
allowGravatar: true,
|
||||
serverURL: 'http://localhost:3000',
|
||||
port: 3000
|
||||
}
|
||||
mock('../lib/config', testconfig)
|
||||
avatars = mock.reRequire('../lib/letter-avatars')
|
||||
})
|
||||
|
||||
it('should return correct urls', function () {
|
||||
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', true), 'https://www.gravatar.com/avatar/d41b5f3508cc3f31865566a47dd0336b?s=400')
|
||||
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', false), 'https://www.gravatar.com/avatar/d41b5f3508cc3f31865566a47dd0336b?s=96')
|
||||
})
|
||||
|
||||
it('should return correct urls for names with spaces', function () {
|
||||
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels'), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||
})
|
||||
})
|
||||
|
||||
describe('generateAvatarURL() gravatar disabled', function () {
|
||||
let avatars
|
||||
beforeEach(function () {
|
||||
// Reset config to make sure we don't influence other tests
|
||||
let testconfig = {
|
||||
allowGravatar: false,
|
||||
serverURL: 'http://localhost:3000',
|
||||
port: 3000
|
||||
}
|
||||
mock('../lib/config', testconfig)
|
||||
avatars = mock.reRequire('../lib/letter-avatars')
|
||||
})
|
||||
|
||||
it('should return correct urls', function () {
|
||||
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', true), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels', 'hello@dsprenkels.com', false), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||
})
|
||||
|
||||
it('should return correct urls for names with spaces', function () {
|
||||
assert.strictEqual(avatars.generateAvatarURL('Daan Sprenkels'), 'http://localhost:3000/user/Daan%20Sprenkels/avatar.svg')
|
||||
})
|
||||
})
|
Loading…
Reference in a new issue