jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP ( #2051 )
...
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
2020-06-16 00:11:38 -04:00
Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj
2020-06-13 21:43:21 -04:00
Regev Brody
4ffd1325bd
fix: sidebar is empty when the jwt token is expired ( #2037 )
2020-06-10 09:11:14 -04:00
Regev Brody
037822b994
fix: secure html module removes target attribute from links ( #2012 )
2020-06-07 19:23:33 -04:00
NGPixel
ca0708ea75
feat: extra options for generic S3 module
2020-06-07 18:28:16 -04:00
NGPixel
e45145986a
feat: generic S3 module
2020-06-07 18:08:33 -04:00
Regev Brody
a508a27475
fix: validate permissions when listing assets ( #1928 )
...
* fix: assets permission issues #1926
2020-06-07 16:58:12 -04:00
NGPixel
65f71d8e3b
fix: strip starting slash from path during page create
2020-06-05 14:52:36 -04:00
NGPixel
deacd80c45
fix: dashboard invalid version on load
2020-06-05 14:46:54 -04:00
NGPixel
c2a0773633
fix: site config host slice
2020-06-04 00:33:27 -04:00
NGPixel
2013ee4fa2
fix: failed auth strategy prevent local auth from initializing
2020-06-01 21:20:21 -04:00
NGPixel
3891816758
fix: setup assets location + mysql migration 2.4.13
2020-05-31 22:39:45 -04:00
NGPixel
7a946ec0f5
feat: edit comment
2020-05-31 18:15:15 -04:00
NGPixel
e74605501f
feat: comments post min delay
2020-05-31 15:54:20 -04:00
NGPixel
8a74904731
feat: comments delete + refresh on post + formatting
2020-05-31 02:13:41 -04:00
NGPixel
83f7c2867d
fix: admin security UI
2020-05-30 16:42:48 -04:00
NGPixel
1f9e5b3fd0
feat: delete user with replace target
2020-05-30 16:34:09 -04:00
daneallen
20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 ( #1963 )
...
* Open redirect vulnerabilty mitigation
* Refacted Open Redirect to user configurable and corrected incorrect security variable names.
Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
2020-05-29 18:24:20 -04:00
NGPixel
1222355046
feat: comments - default provider create (wip) + permissions
2020-05-26 22:56:24 -04:00
NGPixel
8205faca53
feat: use asar for twemoji assets
2020-05-24 18:02:05 -04:00
NGPixel
a0618ee4f6
feat: comments UI improvements
2020-05-23 18:49:10 -04:00
Regev Brody
8a1b5b1383
fix: S3 Export all trigger ( #1922 )
2020-05-22 13:20:47 -04:00
NGPixel
6b561623ee
fix: incorrect migration name 2.4.14
2020-05-21 00:20:57 -04:00
NGPixel
df246af3bb
fix: remove makefile + update nvmrc version
2020-05-21 00:20:57 -04:00
NGPixel
e1382771cf
feat: extensions check + resolver
2020-05-21 00:20:57 -04:00
NGPixel
fb6c01c538
fix: legacy page view
2020-05-21 00:20:57 -04:00
NGPixel
887e8a0f5a
feat: comments disqus + commento
2020-05-21 00:20:57 -04:00
NGPixel
f6bad765a2
feat: assets move + comments migration + admin users UI
2020-05-21 00:20:57 -04:00
NGPixel
1def5289af
feat: admin comments page
2020-05-21 00:20:57 -04:00
Robert Lanyi
a581d9837a
feat: add Kroki renderer ( #1900 )
...
* feat: Kroki integration
see https://kroki.io/
* fix: markdown-kroki def updates
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-17 18:41:29 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback ( #1888 )
2020-05-15 13:28:55 -04:00
kaziu687
66e725f426
fix: elasticsearch partial match ( #1882 )
...
Improved full text search in elastic provider
2020-05-13 19:32:28 -04:00
NGPixel
1a33a43a0d
fix: use semver for latest version check
2020-05-11 00:09:10 -04:00
NGPixel
7508d92f92
feat: redirect editor UI (wip)
2020-05-10 18:43:45 -04:00
NGPixel
134f057bb8
feat: uploads config + security admin page
2020-05-10 15:55:28 -04:00
NGPixel
53da387082
feat: plantuml in markdown preview
2020-05-08 22:51:32 -04:00
NGPixel
cc9f022051
fix: nav external blank option
2020-05-08 18:48:07 -04:00
NGPixel
98bf0d9ccb
fix: escape mustache template chars in content
2020-05-08 17:00:02 -04:00
NGPixel
2ff0e42c1d
fix: add verifySSL option to mail settings
2020-05-08 14:35:57 -04:00
NGPixel
6a4b25bc28
fix: plantuml deflate raw
2020-05-08 14:15:19 -04:00
daneallen
4aa7828a92
fix: add rel option to external links in content ( #1853 )
...
* #1853 : XSS attack fix by adding rel noferrer or rel noopen to _blank target external links
* fix: relAttributeExternalLink noopener
Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
2020-05-07 16:45:11 -04:00
NGPixel
d2b99a2032
feat: timezone + dateFOrmat + appearance profile settings
2020-05-03 00:38:02 -04:00
NGPixel
c81ba5a503
fix: markdown footnotes id incorrectly stripped
2020-05-02 15:13:58 -04:00
NGPixel
281172a9f4
feat: mathjax markdown module
2020-04-29 22:32:03 -04:00
NGPixel
954262f517
fix: tabs renderer remove switchTab handler
2020-04-26 21:18:51 -04:00
NGPixel
5d43f6ada1
feat: content tabs
2020-04-26 21:04:08 -04:00
NGPixel
bbe64ef6b6
feat: static navigation menu option
2020-04-25 17:45:59 -04:00
NGPixel
b2931471c0
fix: remove ssh port param for git module
2020-04-25 14:04:14 -04:00
NGPixel
89debd57f7
fix: path chars check typo
2020-04-25 02:58:00 -04:00
NGPixel
7306fabdba
fix: auto-trim trailing slash from paths + illegal chars check during move
2020-04-24 20:39:07 -04:00