Literallie
|
567f26f5b9
|
Fix MathJax config not being picked up
thanks standard
|
2017-10-22 02:48:24 +02:00 |
|
Literallie
|
04f5e3a341
|
Move CSP logic to new file, Fix boolean config examples
Not sure why I was quoting these in the first place
|
2017-10-22 02:18:45 +02:00 |
|
Literallie
|
e5f03fe135
|
Add dirty workaround for speakers view inline script
|
2017-10-22 00:03:46 +02:00 |
|
Literallie
|
2b2b8d6d1d
|
Allow any connect-src in CSP
Managing these for all the integrations seems like a lot of effort
|
2017-10-22 00:03:46 +02:00 |
|
Literallie
|
d51da8c12c
|
Don't add nonce to CSP if unsafe-inline is on
Browsers ignore unsafe-inline if a nonce is sent
|
2017-10-22 00:03:46 +02:00 |
|
Literallie
|
91101c856c
|
Change CSP config format to be more intuitive
|
2017-10-22 00:03:46 +02:00 |
|
Literallie
|
5b83deb043
|
Load js-url lib using legacy-loader
Doesn't use eval, plus no window object access
|
2017-10-22 00:03:45 +02:00 |
|
Literallie
|
996cb37991
|
CSP: Workaround for ws:// protocol
The spec allows wss:// for 'self', but not ws:// :(
|
2017-10-22 00:03:45 +02:00 |
|
Literallie
|
0cbdc852cb
|
CSP: Allow more content types
|
2017-10-22 00:03:45 +02:00 |
|
Literallie
|
4238b9b3ef
|
Fix MathJax CSP issues
|
2017-10-22 00:03:45 +02:00 |
|
Literallie
|
080436aebb
|
CSP: Add nonce to slide view inline JS
|
2017-10-22 00:03:45 +02:00 |
|
Literallie
|
5d2d3ec875
|
CSP: Upgrade insecure requests if possible
Config option; default is to only upgrade if usessl
|
2017-10-22 00:03:45 +02:00 |
|
Literallie
|
ba183ce654
|
Add basic CSP support
|
2017-10-22 00:03:44 +02:00 |
|
Sheogorath
|
a23048254d
|
Merge pull request #597 from hackmdio/fix-gist-tag-structure
Fix markdown-it gist plugin code closing tag
Fix #596
|
2017-10-21 14:30:09 +02:00 |
|
Yukai Huang
|
60b86e0250
|
Fix markdown-it gist plugin code closing tag
fix #596
|
2017-10-21 11:45:17 +08:00 |
|
Sheogorath
|
92b769fb26
|
Merge pull request #595 from geekyd/swap
Hides empty export section
|
2017-10-19 15:04:27 +02:00 |
|
Sheogorath
|
053e616be5
|
Merge pull request #586 from PeterDaveHello/jsonlint
Add jsonlint script to ensure all json files are valid
|
2017-10-18 01:18:21 +02:00 |
|
geekyd
|
80fb91976e
|
Hides empty export section
|
2017-10-18 03:34:45 +05:30 |
|
Sheogorath
|
80f1c8197a
|
Merge pull request #593 from felixonmars/patch-1
Fix a typo in README.md
|
2017-10-17 20:01:37 +02:00 |
|
Felix Yan
|
b72556b915
|
Fix a typo in README.md
|
2017-10-17 23:48:33 +08:00 |
|
Claudius Coenen
|
cc49ce55c8
|
Fix #521 by converting content fields to LONGTEXT in MySQL, to prevent truncation of data.
|
2017-10-16 10:13:11 +02:00 |
|
Sheogorath
|
5ce8f40eac
|
Merge pull request #585 from xxyy/feature/hsts-cfg
Make HSTS Behaviour Configurable (Fixes #584)
|
2017-10-14 18:02:41 +02:00 |
|
James
|
76ffd398af
|
Update en.json
|
2017-10-13 20:35:57 -04:00 |
|
James
|
2550541b69
|
Update en.json
|
2017-10-13 20:35:00 -04:00 |
|
Sheogorath
|
ec8936a9f1
|
Merge pull request #569 from SISheogorath/feature/extendedPermissionDocs
Provide table for permissions
|
2017-10-14 01:51:29 +02:00 |
|
Peter Dave Hello
|
f70d2df1be
|
Add jsonlint script to ensure all json files are valid
|
2017-10-14 00:19:32 +08:00 |
|
Peter Dave Hello
|
0864b06e0c
|
Integrate npm package "doctoc" to update README.md
|
2017-10-13 16:21:25 +08:00 |
|
Peter Dave Hello
|
6fadd9126e
|
Add "Table of Contents" in README.md
|
2017-10-13 15:59:57 +08:00 |
|
Peter Dave Hello
|
4ebda60165
|
Reorganize README.md structure, cc #574
|
2017-10-13 15:57:58 +08:00 |
|
Literallie
|
6bdc90d6ff
|
Add env vars for extra HSTS options
|
2017-10-13 01:42:05 +02:00 |
|
Literallie
|
1634d5c567
|
Add on/off env var for HSTS
|
2017-10-13 01:42:05 +02:00 |
|
Literallie
|
56411ca0e1
|
Make HSTS behaviour configurable; Fixes #584
|
2017-10-13 01:42:05 +02:00 |
|
Wu Cheng-Han
|
bee5e2a558
|
Update license field in package.json
|
2017-10-13 01:56:13 +08:00 |
|
Sheogorath
|
f93a14e3e1
|
Fix LDAP problem about missing uidNumber
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
2017-10-12 14:52:28 +02:00 |
|
Sheogorath
|
a16bde70be
|
Provide table for permissions
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
2017-10-12 11:05:22 +02:00 |
|
Sheogorath
|
53c2d0b5ca
|
Merge pull request #581 from SISheogorath/fix/HMD_URL_ADDPORT
Fix missing boolean setting for HMD_URL_ADDPORT
|
2017-10-12 00:01:27 +02:00 |
|
Sheogorath
|
89c60d1331
|
Fix missing boolean setting for HMD_URL_ADDPORT
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
|
2017-10-11 23:13:22 +02:00 |
|
Wu Cheng-Han
|
da5026859d
|
Update contributing guide for signed-off and DCO
|
2017-10-12 02:07:03 +08:00 |
|
Wu Cheng-Han
|
45717da98d
|
Fix typo
|
2017-10-12 02:06:08 +08:00 |
|
Wu Cheng-Han
|
8086cdb749
|
Change license from MIT to AGPLv3
|
2017-10-12 01:45:57 +08:00 |
|
Wu Cheng-Han
|
81af737ce6
|
Update authors list and add contributors file
|
2017-10-12 01:45:17 +08:00 |
|
Wu Cheng-Han
|
4e94f44a12
|
Add sign you work section in contributing and DCO
|
2017-10-12 01:44:55 +08:00 |
|
Sheogorath
|
8b65d7df1a
|
Merge pull request #575 from PeterDaveHello/fix.travis.yml
Remove duplicated nodejs version in .travis.yml
|
2017-10-11 10:23:30 +02:00 |
|
Sheogorath
|
4dd60cee50
|
Merge pull request #566 from ccoenen/fix-mysql-revision-order
createdAt DESC with quotation marks did not work with MySQL fixes #565
|
2017-10-11 01:08:16 +02:00 |
|
Claudius Coenen
|
87ac05738f
|
Merge pull request #573 from PeterDaveHello/add-version-badge
Add version badge in README.md
|
2017-10-10 23:45:50 +02:00 |
|
Sheogorath
|
11133c3cec
|
Merge pull request #571 from SISheogorath/fix/shellcheck
Prevent argument breaking by spaces
|
2017-10-10 23:28:16 +02:00 |
|
Peter Dave Hello
|
711c38403d
|
Remove duplicated nodejs version in .travis.yml
lts/boron is v6
|
2017-10-11 00:16:11 +08:00 |
|
Peter Dave Hello
|
121b089d96
|
Add version badge in README.md
|
2017-10-10 21:54:13 +08:00 |
|
Sheogorath
|
6ed44f0864
|
Prevent argument breaking by spaces
|
2017-10-10 13:36:37 +02:00 |
|
Claudius Coenen
|
724a6bc26f
|
createdAt DESC with quotation marks did not work with MySQL fixes #565
|
2017-10-09 14:03:33 +02:00 |
|