Commit graph

352 commits

Author SHA1 Message Date
Sheogorath
23c33c0c04
Rename HackMD view to CodiMD
Even when it looks a bit weird in first place to rename all internals
step by step, it makes sense to do so, because we run into confusion
afterwards.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:40:18 +02:00
Sheogorath
4b060c7dba
Rebrand HackMD to CodiMD
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 13:24:12 +02:00
Sheogorath
0ed4b50098
Move config out of statics path
Since static path is providing with a high expiration data, we provide
configs via API. This shouldn't add any noticeable load while making it
uncached and this way working again.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-24 00:07:32 +02:00
Sheogorath
ed5353d13a
Move polyfill to CDN section
We don't support it on CDN false instances, but it doesn't hurt to keep
it in for CDN-enabled instances

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-18 01:26:11 +02:00
Christoph (Sheogorath) Kern
56d78a7d6c
Merge pull request #830 from SISheogorath/feature/GDPR
GDPR compliant part 1
2018-06-17 23:33:57 +02:00
Sheogorath
56182532cb
Add korean translation
This translation was contributed via POEditor by the user Basix.

Thanks a lot for your work!

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-06-07 14:29:01 +02:00
Christoph (Sheogorath) Kern
551840ad57
Merge pull request #784 from pferreir/add-oauth2-support
Add "generic" OAuth2 support
2018-06-04 15:54:47 +02:00
Sheogorath
75f28ca7f3
Add export data UI
This adds the UI for the export feature introduced in
bcbb8c67c9

It allows to download all notes from the main page in the default user
submenu.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-26 03:20:44 +02:00
Sheogorath
70df29790a
Add token based security feature
In the current setup users could be tricked into deleting their data by
providing a malicious link like `[click me](/me/delete)`. This commit
prevents such an easy attack and need the user's deleteToken to get his
data deleted. In case someone requests his deletion by email you can
also ask him for this token.

We can add a GUI that shows it later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 18:26:06 +02:00
Sheogorath
9fd09a8dfb
Add delete user UI
This provides the UI for the delete user feature introduced in
4229084c62

Placing of the user delete button is not perfect, but can be moved to an
own user tab later on.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-25 17:11:11 +02:00
Sheogorath
41a36e2e18
Add privacy and ToS links
To be GDPR compliant we need to provide privacy statement. These should
be linked on the index page. So as soon as a document exist under
`public/docs/privacy.md` the link will show up.

Since we already add legal links, we also add Terms of Use, which will
show up as soon as `public/docs/terms-of-use.md` exists.

This should allow everyone to provide the legal documents they need for
GDPR and other privacy and business laws.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-24 18:10:36 +02:00
Sheogorath
ad69c5017b
Removing google drive integration
It's sad but it's not working. For multiple releases this should be
already broken which shows how often it's used.

As there is also a security issue related to that, it's better to
remove the feature completely. Whoever wants to rewrite it, feel free to
go.

This commit removes the Google Drive integration from HackMD's Frontend
editor and this way removes the need to provide any API key and Client
ID in the frontend.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-16 01:34:55 +02:00
Christoph (Sheogorath) Kern
6d44ded269
Revert "Workaround Google API problems" 2018-05-16 01:31:50 +02:00
Sheogorath
2cc3058a44
Remove Google Upload from UI
This temporarily removes the Upload from the UI as it's broken right
now.

Needs a refactoring and can be added in again later on by undoing this
commit.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-05-01 23:22:53 +02:00
Sheogorath
95f46520e3
Add matrix.org / Riot link
As an active part of the community prefers Matrix.org over Gitter, we
should link Matrix.org as a place to meet us.

As the matrix and gitter channels are interconnected. We don't loose any
message if a person decides to go for one or another.

We use an more universal way of translation to make it easier to provide
a link to various platforms.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-04-05 11:58:54 +02:00
Sheogorath
d939de17df
Fix CSP for disqus and Google Analytics
This commit should fix existing problems with Disqus and Google
Analytics enabled in the meta-yaml section of a note.

Before this commit they were blocked by the strict CSP. It's still
possible to disable the added directives using `addDisqus` and
`addGoogleAnalytics` in the `csp` config section.

They are enabled by default to prevent breaking changes.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-30 16:33:52 +02:00
Pedro Ferreira
40b3855702 Add support for generic OAuth2 providers
Signed-off-by: Pedro Ferreira <pedro.ferreira@cern.ch>
2018-03-26 15:55:39 +02:00
Sheogorath
2411dffa2c
Change config to camel case with backwards compatibility
This refactors the configs a bit to now use camel case everywhere.
This change should help to clean up the config interface and make it
better understandable.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-03-25 19:08:14 +02:00
Sheogorath
a01b4a843c
Update socket.io to version 2.0.4
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-30 19:44:32 +01:00
Christoph (Sheogorath) Kern
adc781f7e3
Merge pull request #704 from SISheogorath/fix/ldapProviderName
Fix ldap provider name in template
2018-01-29 15:59:27 +01:00
Wu Cheng-Han
3c473e60a6 Upgrade reveal.js to 3.6.0 and useCDN option for CSS include 2018-01-29 13:09:52 +08:00
Sheogorath
e44751b3f1
Fix ldap provider name in template
Before this fix it's impossible to set the provider name in the
sign-model since `ldap` is a boolean there and this way not able
to have an attribute like `ldap.providerName`.

Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-26 10:46:22 +01:00
Christoph (Sheogorath) Kern
e52d7db96c
Merge pull request #694 from SISheogorath/refactor/socialmedia
Reorganize social media links and footer
2018-01-25 17:40:11 +01:00
Sheogorath
16892cd827
Reorganize social media links and footer
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-24 14:09:36 +01:00
Christoph (Sheogorath) Kern
7de6e3211f
Merge pull request #598 from xxyy/feature/csp
Implement basic CSP support
2018-01-22 20:43:46 +01:00
Christoph (Sheogorath) Kern
5d9a2c3569
Merge pull request #688 from hackmdio/add-ce-text-on-index
Add CE text on index title
2018-01-20 18:56:39 +01:00
Christoph (Sheogorath) Kern
b7e227e9d5
Merge pull request #690 from Nebukadneza/add_allow_anonymous_edits
Add option to enable `freely` permission in closed instance
2018-01-20 18:56:09 +01:00
Sheogorath
dc10ec60fb
Remove/update contact details
Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>
2018-01-20 17:40:00 +01:00
Dario Ernst
6ae4b8bf13 Add option to enable freely permission in closed instance
Before, closed disallowed guest edits completely, by removing
the `freely` permission. This makes it possible to explicitely bring
back guest-editing, but not guest-note-creation, to closed instances.

Signed-off-by: Dario Ernst <dario@kanojo.de>
2018-01-20 15:14:56 +01:00
Max Wu
05cc3a73a2
Update body.ejs
Add CE text on index title
2018-01-20 10:12:38 +08:00
Sheogorath
a0fdfccb22
It's 2018! 🎉 2018-01-19 14:08:16 +01:00
Edoardo Odorico
6fc2c39eda Implemented dark theme.
Signed-off-by: Edoardo Odorico <edoubuntu@gmail.com>
2018-01-05 00:15:13 +01:00
Christoph (Sheogorath) Kern
0957f5963b
Merge pull request #633 from nakaeeee/saml-auth
Support SAML authentication
2017-12-04 18:57:57 +01:00
Thomas De Backer
c60030b205 close open tags 2017-12-01 20:56:39 +01:00
Thomas De Backer
4eef4875ed Add untranslated sentences to locale 2017-11-30 19:02:40 +01:00
Norihito Nakae
4a4ae9d332 Initial support for SAML authentication 2017-11-28 18:52:24 +09:00
Sheogorath
16b3e015ab
Merge pull request #606 from DoubleMalt/feature/MattermostAuth
Add Mattermost authentication strategy
2017-10-31 12:11:41 +01:00
Christoph Witzany
5cda55086a Add mattermost authentication 2017-10-31 10:34:51 +01:00
Sheogorath
ef49b72442
Fix allowpdfexport handling on error page 2017-10-31 01:57:32 +01:00
Peter Dave Hello
f896432250 Upgrade mermaid to v7.1.0, fix #600 2017-10-30 00:18:53 +08:00
Sheogorath
abbc43f9b6 Merge pull request #599 from xxyy/fix/inline-styles
Externalise some trivial inline styles from slide.ejs
2017-10-27 13:24:26 +02:00
geekyd
d63e6780eb Adds PDF export via config 2017-10-25 19:19:37 +05:30
Literallie
af935e46fc
Externalise trivial inline styles from slide.ejs
Dynamic background images need some further work
2017-10-23 23:39:18 +02:00
Sheogorath
c794412714 Merge pull request #591 from Rwing/master
support Simplified Chinese and rename original zh to Traditional Chinese
2017-10-23 11:53:31 +02:00
Rwing
362a7eaf65 support Simplified Chinese and rename original zh to Traditional Chinese 2017-10-23 17:38:04 +08:00
Literallie
4238b9b3ef
Fix MathJax CSP issues 2017-10-22 00:03:45 +02:00
Literallie
080436aebb
CSP: Add nonce to slide view inline JS 2017-10-22 00:03:45 +02:00
geekyd
80fb91976e Hides empty export section 2017-10-18 03:34:45 +05:30
geekyd
c6a1b65a91 Adds color to new note button 2017-10-07 23:23:03 +05:30
Wu Cheng-Han
c8d3951d32 Add support of Danish locale 2017-06-11 15:52:04 +08:00
butlerx
e5834c077f
add the ability to set slide theme in slide options 2017-05-31 23:28:43 +01:00
Max Wu
f85d1d8801 Merge pull request #429 from hackmdio/refactor-part-3
Refactor frontend part 3
2017-05-13 19:54:43 +08:00
Wu Cheng-Han
be99350655 Fix to implement toggle of TOC in HTML template 2017-05-09 22:11:57 +08:00
Yukai Huang
db06a51299 Load statusbar template by string-loader 2017-05-07 20:37:26 +08:00
Max Wu
450159a462 Merge pull request #427 from PeterDaveHello/fix-indent
Fix indent in views, shouldn't mix tabs with spaces
2017-04-18 10:41:58 +08:00
Peter Dave Hello
5f3fe5c62c Fix indent in views, shouldn't mix tabs with spaces 2017-04-18 05:24:04 +08:00
Peter Dave Hello
08c0a0392c Use abcjs on cdnjs, cc @jackycute 2017-04-18 05:19:19 +08:00
Max Wu
5ecea7e118 Merge pull request #417 from hackmdio/refactor
Refactor editor cont.
2017-04-10 11:41:33 +08:00
Ian Dees
3aaf1bbe24 Update body.ejs 2017-04-05 11:07:18 -04:00
Ian Dees
138170704a Clarify permission language
See https://github.com/hackmdio/hackmd/issues/415
2017-04-05 10:16:15 -04:00
Yukai Huang
b86ecb1342 Extract selection update from updateStatusbar 2017-03-28 11:57:44 +08:00
Wu Cheng-Han
10a7a9b37e Update to use CDN css for emojify.js when applicable 2017-03-21 00:27:58 +08:00
Wu Cheng-Han
7989b89591 Add support of Catalan locale 2017-03-20 14:52:25 +08:00
Wu Cheng-Han
448b006194 Update to generate front-end constants on server startup
To avoid extra webpacking on changing configs and follow the 12 factor app
2017-03-20 01:39:09 +08:00
Wu Cheng-Han
506a381eca Add config option for gitlab api scope and auto adapt gitlab snippet feature on it 2017-03-14 18:04:23 +08:00
Wu Cheng-Han
6c87262bd9 Fix to use minified CDN file source in mermaid 2017-02-02 23:40:55 +08:00
Wu Cheng-Han
d5008b7aeb Update viz.js and mermaid CDN links 2017-02-02 23:37:20 +08:00
Wu Cheng-Han
fc00fa7434 Add link to features on profile dropdown 2017-01-21 14:24:51 +08:00
Wu Cheng-Han
a669c201be Fix template partial path 2017-01-21 14:04:54 +08:00
Wu Cheng-Han
09a7bcbdef Refactor templates and rearrange its path 2017-01-21 13:08:29 +08:00
Wu Cheng-Han
5e1d022e13 Add screenshot on index page 2017-01-21 12:52:26 +08:00
Wu Cheng-Han
53223b5e2c Update index layout to add profile on navbar 2017-01-16 12:06:04 +08:00
Max Wu
4851098477 Merge pull request #317 from SISheogorath/master+allowEmailRegister
Add `allowemailregister` option
2017-01-12 23:37:28 +08:00
Wu Cheng-Han
8b378d7847 Update to use shorter wording in limited and protected permissions 2017-01-12 23:36:23 +08:00
Sheogorath
747629e549 Add allowemailregister option 2017-01-12 13:54:45 +01:00
Wu Cheng-Han
5f65795e79 Fix permission order and keep wording consistency 2017-01-12 19:04:17 +08:00
Max Wu
a8068d38d5 Merge pull request #313 from elct9620/feature/disable_anonymous_view
WIP: Add options to limit anonymous view note
2017-01-10 20:23:47 +08:00
蒼時弦也
d6be0cf755 Update limite icon to fa-id-card 2017-01-10 20:22:06 +08:00
蒼時弦也
a9fe43ac3a Update limited/protected permission icon 2017-01-10 17:22:57 +08:00
蒼時弦也
7b02c48d93 Adjust permission order to more clarly 2017-01-10 14:13:30 +08:00
蒼時弦也
89b8ddeaba Add limited and protected permission 2017-01-10 10:02:37 +08:00
neopostmodern
ff545b2688 Allow displaying LDAP provider name on sign-in modal 2017-01-09 12:49:23 +01:00
Max Wu
b13635aac9 Merge pull request #279 from alecdwm/ldap-auth
Support for LDAP server authentication
2017-01-09 00:49:40 +08:00
Wu Cheng-Han
ac2b100d35 Add back missing release-note link on index 2017-01-02 12:26:10 +08:00
Wu Cheng-Han
d74fea1d10 Update year to 2017 2017-01-02 11:14:25 +08:00
James Stephenson
ec1ae8c6b5 Added Esperanto translation
Translation by Jonathan Powell and James Stephenson
2016-12-30 22:02:57 -05:00
Florian Rhiem
fdea226159 Fixed typo: anonmyous 2016-12-21 14:36:54 +01:00
Wu Cheng-Han
276d500406 Upgrade dependencies 2016-12-19 16:20:27 +08:00
Wu Cheng-Han
5c7eb48319 Add support of allow anonymous config option with correspond modifications 2016-12-15 14:11:23 +08:00
alecdwm
72a0e90f7d LDAP signin form moved to main signin-modal
- previously was a separate modal
- now is located on main modal, like email auth
2016-12-14 12:56:26 +01:00
alecdwm
02e9927714 Initial support for LDAP server authentication
Limitations as of this commit:

- tlsOptions can only be specified in config.json, not as env vars
- authentication failures are not yet gracefully handled by the UI
  - instead the error message is shown on a blank page (/auth/ldap)
- no email address is associated with the LDAP user's account
- no picture/profile URL is associated with the LDAP user's account
- we might have to generate our own access + refresh tokens,
  because we aren't using oauth. The currently generated
  tokens are just a placeholder.
- 'LDAP Sign in' needs to be translated to each locale
2016-12-13 22:41:07 +01:00
Wu Cheng-Han
00e284584e Switch email register and signin button order to make form default action as signin 2016-12-14 03:08:35 +08:00
Wu Cheng-Han
62c703baa1 Fix the generate template not including base url variable 2016-12-12 12:19:12 +08:00
Wu Cheng-Han
ecb956f515 Fix index signin and signout button might not shown if only email enabled 2016-12-07 21:19:06 +08:00
Wu Cheng-Han
4bd5598568 Fix Facebook page link name 2016-12-06 22:15:34 +08:00
Wu Cheng-Han
da46a3696b Add preferences to editor status bar and make allow override browser keymap option 2016-12-04 00:56:14 +08:00
Wu Cheng-Han
a73d9ce39e Update to support optional email register and signin 2016-12-02 01:58:14 +08:00
Wu Cheng-Han
c59b4cb883 Update webpack and slide resource loading to reduce pack size 2016-11-29 00:44:29 +08:00
Wu Cheng-Han
47d5efb29e Fix slide resource path and style load orders to avoid conflicts 2016-11-29 00:44:15 +08:00
Wu Cheng-Han
76a6190dac Update dependency gist-embed to 2.6.0 2016-11-26 23:25:29 +08:00