Commit Graph

726 Commits

Author SHA1 Message Date
Seyed Sajad Kahani
3c5352fb53
fix: change reconnectLink behavior for page move (#1991) 2020-06-28 21:08:17 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117) 2020-06-27 17:01:00 -04:00
Nicolas Giard
2409b286da
fix: matomo module siteId 2020-06-26 15:34:53 -04:00
NGPixel
1c18f3a4c2 fix: revoke typo 2020-06-25 23:48:16 -04:00
NGPixel
98f21b9f6a fix: revalidate tokens created prior to server startup 2020-06-25 22:04:21 -04:00
NGPixel
92b29d1f06 fix: check revalidation timestamp 2020-06-25 19:25:08 -04:00
NGPixel
c37b0ad1d7 fix: remove console log from authenticate func 2020-06-25 00:04:08 -04:00
NGPixel
a25431bcf8 fix: token revocation incorrect TTL 2020-06-25 00:02:39 -04:00
NGPixel
a690e5597f fix: revocation token list for users + groups 2020-06-24 23:57:35 -04:00
Regev Brody
33a9d5774c
fix: GraphQL error with MySQL and FULL OUTER JOIN (#2104)
* fix: GraphQL error with MySQL and FULL OUTER JOIN #2071
2020-06-24 18:51:21 -04:00
Regev Brody
6ef7b0f130
fix: deactivated users can still refresh their token (#2105) 2020-06-24 18:15:36 -04:00
Regev Brody
4bc284b06e
fix: page schema validation for extra field (#2097) 2020-06-23 18:26:29 -04:00
NGPixel
4cb7f33dcf feat: visual editor code + sub/sup + table props 2020-06-21 14:47:11 -04:00
NGPixel
4855051d87 feat: page published state + comments localization 2020-06-20 22:08:59 -04:00
NGPixel
83b83a7510 feat: page css + scripts 2020-06-20 16:39:36 -04:00
NGPixel
53ddb50b51 feat: save page scripts + styles 2020-06-20 01:11:05 -04:00
NGPixel
718c14dd74 feat: editor props scripts + styles code editor 2020-06-19 21:00:44 -04:00
Regev Brody
0a16929a57
fix: editing buttons showing up even if no action is allowed (#2043)
* feat: Edit / Page Create Buttons showing up even if no action is allowed #1780
2020-06-19 18:54:05 -04:00
NGPixel
b723d7d626 fix: markdown core props + styles/scripts permissions 2020-06-18 22:49:26 -04:00
Regev Brody
77086a6e0a
feat: optional kroki/plantuml svg caching (#2047)
* feat: Caching kroki svgs #2020
2020-06-18 18:39:25 -04:00
Regev Brody
e03a80dccc
feat: underline markdown support (#2073)
* fix: no markdown support for underline #2072
2020-06-18 18:37:24 -04:00
Regev Brody
0e6340f51e
fix: use config value for tokenRenewal expiration (#2042)
* fix: tokenRenewal seems to be hard coded #1540
2020-06-18 13:08:57 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051)
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
2020-06-16 00:11:38 -04:00
Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj 2020-06-13 21:43:21 -04:00
Regev Brody
4ffd1325bd
fix: sidebar is empty when the jwt token is expired (#2037) 2020-06-10 09:11:14 -04:00
Regev Brody
037822b994
fix: secure html module removes target attribute from links (#2012) 2020-06-07 19:23:33 -04:00
NGPixel
ca0708ea75 feat: extra options for generic S3 module 2020-06-07 18:28:16 -04:00
NGPixel
e45145986a feat: generic S3 module 2020-06-07 18:08:33 -04:00
Regev Brody
a508a27475
fix: validate permissions when listing assets (#1928)
* fix: assets permission issues #1926
2020-06-07 16:58:12 -04:00
NGPixel
65f71d8e3b fix: strip starting slash from path during page create 2020-06-05 14:52:36 -04:00
NGPixel
deacd80c45 fix: dashboard invalid version on load 2020-06-05 14:46:54 -04:00
NGPixel
c2a0773633 fix: site config host slice 2020-06-04 00:33:27 -04:00
NGPixel
2013ee4fa2 fix: failed auth strategy prevent local auth from initializing 2020-06-01 21:20:21 -04:00
NGPixel
3891816758 fix: setup assets location + mysql migration 2.4.13 2020-05-31 22:39:45 -04:00
NGPixel
7a946ec0f5 feat: edit comment 2020-05-31 18:15:15 -04:00
NGPixel
e74605501f feat: comments post min delay 2020-05-31 15:54:20 -04:00
NGPixel
8a74904731 feat: comments delete + refresh on post + formatting 2020-05-31 02:13:41 -04:00
NGPixel
83f7c2867d fix: admin security UI 2020-05-30 16:42:48 -04:00
NGPixel
1f9e5b3fd0 feat: delete user with replace target 2020-05-30 16:34:09 -04:00
daneallen
20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963)
* Open redirect vulnerabilty mitigation

* Refacted Open Redirect to user configurable and corrected incorrect security variable names.

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
2020-05-29 18:24:20 -04:00
NGPixel
1222355046 feat: comments - default provider create (wip) + permissions 2020-05-26 22:56:24 -04:00
NGPixel
8205faca53 feat: use asar for twemoji assets 2020-05-24 18:02:05 -04:00
NGPixel
a0618ee4f6 feat: comments UI improvements 2020-05-23 18:49:10 -04:00
Regev Brody
8a1b5b1383
fix: S3 Export all trigger (#1922) 2020-05-22 13:20:47 -04:00
NGPixel
6b561623ee fix: incorrect migration name 2.4.14 2020-05-21 00:20:57 -04:00
NGPixel
df246af3bb fix: remove makefile + update nvmrc version 2020-05-21 00:20:57 -04:00
NGPixel
e1382771cf feat: extensions check + resolver 2020-05-21 00:20:57 -04:00
NGPixel
fb6c01c538 fix: legacy page view 2020-05-21 00:20:57 -04:00
NGPixel
887e8a0f5a feat: comments disqus + commento 2020-05-21 00:20:57 -04:00
NGPixel
f6bad765a2 feat: assets move + comments migration + admin users UI 2020-05-21 00:20:57 -04:00