Commit graph

17 commits

Author SHA1 Message Date
Max Wu
b89a35196a
Fix to sanitize disqus shortnames to remove slashes [Security Issue]
Signed-off-by: Max Wu <jackymaxj@gmail.com>
2018-12-28 16:39:13 +08:00
Claudius
44ffc564da removing global site layout vars from individual routers, putting them into app.local
Signed-off-by: Claudius <opensource@amenthes.de>
2018-11-03 00:52:48 +01:00
Sheogorath
7d5abadcf7
Remove Gitter from codebase
We no longer use Gitter for development talk and similar. So we might
want to remove it?

This patch removes Gitter from README, help page and features page. And
replaces it in the help modal with POEditor, our translation platform.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-17 02:28:19 +02:00
Sheogorath
9f9c4089be
Add OpenID to CodiMD
With OpenID every OpenID capable provider can provide authentication for
users of a CodiMD instance. This means we have federated
authentication.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-05 22:43:32 +02:00
Sheogorath
75a23fe2c9
Add rel="noopener" to target="_blank" links
The noopener construct protects from some nasty clickjacking attacks. We
can apply them savely to all our links since we don't rely on the
previously used page.

Some more details: https://mathiasbynens.github.io/rel-noopener/

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-10-04 01:49:36 +02:00
Sheogorath
4b060c7dba
Rebrand HackMD to CodiMD
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:24:12 +02:00
Christoph (Sheogorath) Kern
551840ad57
Merge pull request #784 from pferreir/add-oauth2-support
Add "generic" OAuth2 support
2018-06-04 15:54:47 +02:00
Sheogorath
95f46520e3
Add matrix.org / Riot link
As an active part of the community prefers Matrix.org over Gitter, we
should link Matrix.org as a place to meet us.

As the matrix and gitter channels are interconnected. We don't loose any
message if a person decides to go for one or another.

We use an more universal way of translation to make it easier to provide
a link to various platforms.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-05 11:58:54 +02:00
Sheogorath
d939de17df
Fix CSP for disqus and Google Analytics
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.

Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.

They are enabled by default to prevent breaking changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 16:33:52 +02:00
Pedro Ferreira
40b3855702 Add support for generic OAuth2 providers
Signed-off-by: Pedro Ferreira <pedro.ferreira@cern.ch>
2018-03-26 15:55:39 +02:00
Sheogorath
2411dffa2c
Change config to camel case with backwards compatibility
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 19:08:14 +02:00
Sheogorath
e44751b3f1
Fix ldap provider name in template
Before this fix it's impossible to set the provider name in the
sign-model since `ldap` is a boolean there and this way not able
to have an attribute like `ldap.providerName`.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-26 10:46:22 +01:00
Sheogorath
dc10ec60fb
Remove/update contact details
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 17:40:00 +01:00
Norihito Nakae
4a4ae9d332 Initial support for SAML authentication 2017-11-28 18:52:24 +09:00
Christoph Witzany
5cda55086a Add mattermost authentication 2017-10-31 10:34:51 +01:00
Peter Dave Hello
5f3fe5c62c Fix indent in views, shouldn't mix tabs with spaces 2017-04-18 05:24:04 +08:00
Wu Cheng-Han
09a7bcbdef Refactor templates and rearrange its path 2017-01-21 13:08:29 +08:00