HackMD

History

Sheogorath ef86bf5cba Use API key instead of clientSecret As recently discovered we send the clientSecret to the webclient which is potentionally dangerous. This patch should fix the problem and replace the clientSecret with the originally intended and correct way to implement it using the API key. Signed-off-by: Sheogorath <sheogorath@shivering-isles.com>		2018-04-13 09:38:59 +02:00
..
config	Use API key instead of clientSecret	2018-04-13 09:38:59 +02:00
migrations	Add missing migration for permissions	2018-03-06 16:31:41 +01:00
models	Change config to camel case with backwards compatibility	2018-03-25 19:08:14 +02:00
ot	Change config to camel case with backwards compatibility	2018-03-25 19:08:14 +02:00
web	Change config to camel case with backwards compatibility	2018-03-25 19:08:14 +02:00
workers	refactor: Remove `require` extension filename	2017-05-08 19:29:06 +08:00
csp.js	Fix CSP for disqus and Google Analytics	2018-03-30 16:33:52 +02:00
history.js	Improve history migration performance	2018-03-10 16:51:00 +08:00
letter-avatars.js	Use strict mode in all backend files	2017-03-14 13:02:43 +08:00
logger.js	refactor(logger): Refactor logger.js	2017-05-08 19:24:37 +08:00
realtime.js	Change config to camel case with backwards compatibility	2018-03-25 19:08:14 +02:00
response.js	Fix CSP for disqus and Google Analytics	2018-03-30 16:33:52 +02:00
utils.js	switch to __dirname	2017-06-02 11:34:35 +01:00