Commit graph

582 commits

Author SHA1 Message Date
Sheogorath
93b91163cd
Prevent XSS vul by srcdoc in iframe 2017-11-24 10:10:50 +01:00
Literallie
3a752fde51
Revert "Load js-url lib using legacy-loader"
Didn't work in Firefox for some reason.

`[Script Loader] ReferenceError: module is not defined`

This reverts commit 5b83deb043.
2017-11-02 17:57:44 +01:00
Sheogorath
e807f1b783
Fix mermaid error handling 2017-10-30 12:26:28 +01:00
Sheogorath
09d2ba41cf
Use mermaidAPI in mermaid scope
Introduced by a5b7145527 (diff-67ae90c5144c55348a3cbdb078240454L532)

Fixes #600

Parse only throws error: 167368d508 (diff-67ae90c5144c55348a3cbdb078240454)
2017-10-30 07:11:14 +01:00
Oliver Herrmann
7d0ef1276c
Corrected some grammatical issues
Obviously caught up in a bad translation and didn't particularly make sense for native english speakers.
2017-10-30 11:25:44 +11:00
Sheogorath
c794412714 Merge pull request #591 from Rwing/master
support Simplified Chinese and rename original zh to Traditional Chinese
2017-10-23 11:53:31 +02:00
Rwing
362a7eaf65 support Simplified Chinese and rename original zh to Traditional Chinese 2017-10-23 17:38:04 +08:00
Literallie
567f26f5b9
Fix MathJax config not being picked up
thanks standard
2017-10-22 02:48:24 +02:00
Literallie
04f5e3a341
Move CSP logic to new file, Fix boolean config examples
Not sure why I was quoting these in the first place
2017-10-22 02:18:45 +02:00
Literallie
5b83deb043
Load js-url lib using legacy-loader
Doesn't use eval, plus no window object access
2017-10-22 00:03:45 +02:00
Literallie
4238b9b3ef
Fix MathJax CSP issues 2017-10-22 00:03:45 +02:00
Yukai Huang
60b86e0250 Fix markdown-it gist plugin code closing tag
fix #596
2017-10-21 11:45:17 +08:00
Wu Cheng-Han
d96385eafd Fix to filter @import CSS syntax in style tag to prevent XSS [Security Issue] 2017-10-05 10:17:26 +08:00
Wu Cheng-Han
b0b417cefc Fix unescape > symbol inside the style tags to make the CSS works 2017-10-05 09:59:57 +08:00
Wu Cheng-Han
8979f215ab Fix blockquote not parse correctly in slide mode 2017-10-05 09:59:07 +08:00
Wu Cheng-Han
2bdccd3996 Fix home and end keys behavior for windows 2017-09-27 21:27:33 +08:00
Wu Cheng-Han
fe384d80bf Fix the < and > symbols are doubly escaped which affected by executing preventXSS twice 2017-09-27 18:22:49 +08:00
Wu Cheng-Han
f2743ff8f8 Fix slide mode contains unclosed tags might cause XSS [Security Issue] 2017-09-27 18:21:28 +08:00
Wu Cheng-Han
9b00afb863 Fix unclosed tags might cause XSS [Security Issue] 2017-09-27 18:20:04 +08:00
Max Wu
a645f28b33 Fix slide mode might hide scrollbar on some linux 2017-06-14 12:12:28 +08:00
Wu Cheng-Han
48f8378335 Fix speaker note separator regex should only take effect on the line start 2017-06-05 01:20:21 +08:00
Max Wu
c37b666915 Merge branch 'master' into BackendRefactor 2017-05-14 17:42:14 +08:00
BoHong Li
8c2b00b05a style: Fixed variable already declared 2017-05-08 19:29:07 +08:00
Yukai Huang
4839838d0c Manage syncscroll / currentMode in appState 2017-05-07 20:38:22 +08:00
Yukai Huang
0e9afde5fa Move syncsroll under lib 2017-05-07 20:38:22 +08:00
Yukai Huang
d9221f6011 Remove CodeMirror-other-cursors dom creation
Since it’s done via hackmdio/CodeMirror#1
2017-05-07 20:38:22 +08:00
Yukai Huang
88c0c68856 Change more global var to global 2017-05-07 20:38:22 +08:00
Yukai Huang
68ccee20b3 Extract modeType 2017-05-07 20:37:27 +08:00
Yukai Huang
18a6f9063e Change some global variables to local 2017-05-07 20:37:27 +08:00
Yukai Huang
432f215a45 Fix indentation 2017-05-07 20:37:27 +08:00
Yukai Huang
c6c11c54ef Expose internal editor config variable 2017-05-07 20:37:27 +08:00
Yukai Huang
db06a51299 Load statusbar template by string-loader 2017-05-07 20:37:26 +08:00
Wu Cheng-Han
e32dd547b4 Update to support code block syntax highlighting of gherkin 2017-05-05 18:03:23 +08:00
Wu Cheng-Han
48df250491 Fix link regex should filter protocol with case insensitive flag [Security Issue] 2017-04-11 22:25:14 +08:00
Yukai Huang
a938cac42a Fix indentations 2017-03-28 20:38:31 +08:00
Yukai Huang
b711ecfadb Drop global variable ui exposing 2017-03-28 19:30:06 +08:00
Yukai Huang
ba1bef015f Update to es6 module import style 2017-03-28 18:31:36 +08:00
Yukai Huang
7637a6a8a6 Update cm instance in changes event argument 2017-03-28 17:32:42 +08:00
Yukai Huang
f5b95c5d36 Move updateStatusBar method into editor class 2017-03-28 17:16:32 +08:00
Yukai Huang
df743ab902 Fix listener “this” context 2017-03-28 17:11:20 +08:00
Yukai Huang
46ed658d8b Promisify getStatusBarTemplate method 2017-03-28 15:24:52 +08:00
Yukai Huang
af5ef52f4b Add cm instance to cursorActivity argument 2017-03-28 12:15:56 +08:00
Yukai Huang
579dda9515 Update focus argument with cm instance 2017-03-28 12:11:05 +08:00
Yukai Huang
d7c068cbfd Rewrite cursorActivity with multi listener style
- adjust function order to prevent standard lint failure
2017-03-28 12:10:35 +08:00
Yukai Huang
b86ecb1342 Extract selection update from updateStatusbar 2017-03-28 11:57:44 +08:00
Yukai Huang
81666a726c Impl multiple codemirror event listener 2017-03-28 11:18:36 +08:00
Yukai Huang
fff7ebd1b5 Change minor TODO to FIXME 2017-03-28 11:17:30 +08:00
Wu Cheng-Han
b2985085d0 Update to change makefile syntax highlighting to Prism 2017-03-26 23:09:13 +08:00
Wu Cheng-Han
a3cdc5ba80 Update to add abc in support charts of textcomplete 2017-03-26 20:46:05 +08:00
Wu Cheng-Han
961d3fab1c Fix code style 2017-03-26 20:45:23 +08:00
Wu Cheng-Han
61dc6dbc15 Add support of abcjs 2017-03-26 20:39:07 +08:00
Wu Cheng-Han
3156c38598 Fix text complete of extra tags for list not triggered properly 2017-03-23 20:49:31 +08:00
Wu Cheng-Han
890f7089bf Fix google drive file picker not initialize properly 2017-03-23 20:17:50 +08:00
Wu Cheng-Han
e629800457 Fix XSS vulnerability in link regex [Security Issue] 2017-03-22 18:26:35 +08:00
Wu Cheng-Han
0f3b028ed6 Fix render.js code styles 2017-03-22 18:26:30 +08:00
Wu Cheng-Han
cac618eca8 Fix front-end index.js code styles 2017-03-22 17:48:26 +08:00
Wu Cheng-Han
802ed406e6 Fix todo list item class might add in wrong element 2017-03-22 15:42:38 +08:00
Wu Cheng-Han
9ff3649025 Fix unnecessary global calling of ownerui 2017-03-22 15:42:11 +08:00
Wu Cheng-Han
b17c2404b1 Fix duplicated loading of reveal markdown plugin 2017-03-21 20:44:12 +08:00
Wu Cheng-Han
afc4f269bc Update to make removeDOMEvents only process once in slide mode 2017-03-20 11:28:50 +08:00
Wu Cheng-Han
448b006194 Update to generate front-end constants on server startup
To avoid extra webpacking on changing configs and follow the 12 factor app
2017-03-20 01:39:09 +08:00
Max Wu
f6bd238b0f Merge pull request #387 from hackmdio/cm-refactor
Extract CodeMirror instance
2017-03-14 23:11:56 +08:00
Wu Cheng-Han
f55a4b8497 Update to fix pagination error in list.js over v1.5.0 2017-03-14 23:08:15 +08:00
Wu Cheng-Han
2fa51fb4ba Fix export html to replace fallen cdn tortue.me to cdnjs 2017-03-14 16:37:38 +08:00
Wu Cheng-Han
f491cdabc1 Fix rendering might result XSS attribute on self closing tag [Security Issue] 2017-03-14 16:27:55 +08:00
Yukai Huang
cc30d370f7 Fix variable exporting error 2017-03-13 22:00:20 +08:00
Yukai Huang
93e41f3a40 Merge branch 'master' into cm-refactor 2017-03-13 21:32:50 +08:00
Yukai Huang
9b513f619f Use JavaScript standard style 2017-03-09 15:39:42 +08:00
BoHong Li
5bc642d02e Use JavaScript Standard Style (part 2)
Fixed all fail on frontend code.
2017-03-09 02:41:05 +08:00
Yukai Huang
6556c284e5 Extract editor related code
- in public/js/lib/editor/index.js
2017-03-08 21:43:32 +08:00
Yukai Huang
121d84863a Extract UI jquery node 2017-03-07 21:59:18 +08:00
Wu Cheng-Han
0aaa598130 Fix not determine OT have pending operations properly 2017-02-18 20:11:18 +08:00
Wu Cheng-Han
f7149f5a83 Fix to keep selections on save and restore info 2017-02-18 20:10:34 +08:00
Wu Cheng-Han
1ca39d9c8e Update to allow li tag specify value number 2017-02-17 21:56:35 +08:00
Max Wu
99a2cbc604 Update google drive picker to enable setOwnedByMe to show shared files and folders 2017-02-11 00:11:21 +08:00
Wu Cheng-Han
1a617ddf2e Fix duplicated headers anchor link not been updated properly 2017-02-03 22:02:12 +08:00
Wu Cheng-Han
7863eec366 Fix "[object HTMLCollection] is not iterable!" error in some browsers 2017-02-03 22:01:30 +08:00
Wu Cheng-Han
0a3baec5b6 Fix missing type declaration in text complete strategy 2017-02-03 21:59:26 +08:00
Max Wu
a261c8e812 Merge pull request #341 from nvsofts/fix_bom_utf8
Removed UTF-8 BOM in download function
2017-02-03 18:28:05 +08:00
NV
5a212b9335 Removed UTF-8 BOM in download function 2017-02-03 17:35:49 +09:00
Wu Cheng-Han
e67a6ad368 Fix missing type declaration 2017-02-03 00:07:08 +08:00
Wu Cheng-Han
3df5507589 Upgrade viz.js to fix manual workaround and get smaller file size 2017-02-02 23:27:34 +08:00
Yukai Huang
74b04d08b5 Merge branch 'master' into es6-integration 2017-01-21 12:55:45 +08:00
Wu Cheng-Han
e98278492e Fix meta error not clear on before rendering 2017-01-21 12:50:02 +08:00
Yukai Huang
26d8942852 Revert experimental vue for now 2017-01-21 12:30:55 +08:00
Yukai Huang
4bbe035beb Merge branch 'master' into frontend-next 2017-01-21 12:08:52 +08:00
Wu Cheng-Han
e00daee6c0 Update to prevent all empty link change hash 2017-01-16 12:42:21 +08:00
Wu Cheng-Han
091e7271e0 Fix pagination should hide on refresh history 2017-01-16 12:24:40 +08:00
Wu Cheng-Han
f2ee897699 Fix to prevent hash change on click nav item on index 2017-01-16 12:04:11 +08:00
Wu Cheng-Han
5751578275 Update to remove history pagination animation on refresh 2017-01-15 17:23:33 +08:00
Wu Cheng-Han
f2a441061b Fix checkLoginStateChanged might fall into infinite loop while calling loginStateChangeEvent 2017-01-15 17:23:19 +08:00
Yukai Huang
c0e8306961 Merge branch 'frontend-next' into t216-refactor-common 2017-01-15 11:33:22 +08:00
Yukai Huang
04292240d6 Minor style update 2017-01-14 15:47:13 +08:00
Yukai Huang
a541569d7e Remove old config.js.example 2017-01-13 23:12:27 +08:00
Yukai Huang
2408ff4ba9 Add default value for config 2017-01-13 23:12:17 +08:00
Yukai Huang
0fca629c34 Rename common.js to login.js 2017-01-13 23:06:31 +08:00
Yukai Huang
3d6b319216 Merge branch 'master' into frontend-next 2017-01-13 22:53:33 +08:00
Yukai Huang
c2a8911b9c Move config variable to lib/config 2017-01-13 22:46:38 +08:00
Wu Cheng-Han
8b378d7847 Update to use shorter wording in limited and protected permissions 2017-01-12 23:36:23 +08:00
Wu Cheng-Han
5f65795e79 Fix permission order and keep wording consistency 2017-01-12 19:04:17 +08:00