liz/wikijs-fork
liz/wikijs-fork
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
2,007 Commits 1 Branch 0 Tags 31 MiB
91221e73eb
Commit Graph

311 Commits

Author SHA1 Message Date
Иван
79c5b8fac2
fix: security html module removes allow attribute from iframes (#2354) 
* fix: secure html module removes allowfullscreen, allow and frameborder attributes from iframes
* Apply suggestions from code review
fix: remove deprecated attributes for iframe in secure html module

Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-09-13 13:55:32 -04:00
Riccardo Re
660b78d9e2
fix: support permissions by tags for basic db search engine (#2416) 
This code will allow the "search" component to correctly filter pages by usergroup permissions based on tags instead of paths

Co-authored-by: Riccardo Re <riccardo.re@clevermind.cloud>
 2020-09-13 13:53:31 -04:00
NGPixel
8f6cba262f fix: draw.io svgs are no longer removed with linebreaks (#2415) 2020-09-12 14:05:24 -04:00
NGPixel
f988c5f811 fix: logout URL endpoint option for oauth2 module 2020-09-09 20:20:55 -04:00
NGPixel
aa96e97028 fix: force lowercase for email on local auth 2020-09-09 19:59:46 -04:00
Rus
68d31af7af
fix: discord auth module new URL. (#2390) 
Change "discordapp.com" to "discord.com"
 2020-09-07 20:04:19 -04:00
NGPixel
78417524b3 feat: ldap avatar support 2020-09-07 20:02:33 -04:00
NGPixel
9f1ba0a32f fix: elastic apm rum client script 2020-09-06 16:57:45 -04:00
NGPixel
17f8071abe fix: LDAP missing reqToCallback 2020-09-05 15:19:18 -04:00
NGPixel
062a0b7979 feat: logout by auth strategy + keycloak implementation 2020-09-01 20:01:39 -04:00
jaljo
cda1f1e805
feat: export creation date in dumped content (#2345) 
* Export creation date in dumped content

* date_creation -> dateCreated

Co-authored-by: Joris Langlois <joris.langlois@knplabs.com>
 2020-08-31 11:28:55 -04:00
NGPixel
4dcf664040 fix: handle removed auth strategies 2020-08-30 16:33:52 -04:00
NGPixel
32d67adee1 feat: social login providers with dynamic instances 2020-08-30 01:36:37 -04:00
Dan Nicholson
d5d368cd33
feat: fix + enable OIDC auth method (#2282) 
* fix: pass userinfo URL in oidc strategy

The userinfo URL from the definition was not being provided to the
passport strategy, which resulted in a type error trying to resolve the
user's profile. Furthermore, the name of the defined URL was
inconsistent with all other authentication method URLs.

* fix: pass all necessary scopes to oidc auth method

When no scopes are provided, passport-openidconnect uses only `openid`,
which does not contain the username or email address. Include `profile`
and `email` to ensure the necessary claims are included.

* fix: update oidc method to call processProfile correctly

Now the profile object and providerKey are passed to processProfile. The
usernameClaim no longer has any use as the email address is the
username.

* fix: mark oidc authentication method as available
 2020-08-15 13:32:58 -04:00
NGPixel
26af63a80b fix: login input hints 2020-07-20 00:22:29 -04:00
NGPixel
be499e5795 fix: auth strategy dependent username label 2020-07-19 13:20:43 -04:00
NGPixel
52d0af19b4 feat: diagram rendering + post-processor (wip) 2020-07-12 15:58:45 -04:00
Regev Brody
b2ff064d34
fix: stream assets from storage local locations (#2087) 2020-07-12 12:19:01 -04:00
Nicolas Giard
c009cc1392
feat: new login experience (#2139) 
* feat: multiple auth instances

* fix: auth setup + strategy initialization

* feat: admin auth - add strategy

* feat: redirect on login - group setting

* feat: oauth2 generic - props definitions

* feat: new login UI (wip)

* feat: new login UI (wip)

* feat: admin security login settings

* feat: tabset editor indicators + print view improvements

* fix: code styling
 2020-07-03 19:36:33 -04:00
Regev Brody
41327dd1e8
feat: support MultiMarkdown tables (#2126) 2020-07-03 17:46:07 -04:00
TakeruDMC
cf3a48a6fa
fix: "undefined" error on deletePage by git storage (#2132) 2020-07-03 17:44:42 -04:00
Maho Hiyajo
ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117) 2020-06-27 17:01:00 -04:00
Nicolas Giard
2409b286da
fix: matomo module siteId 2020-06-26 15:34:53 -04:00
NGPixel
b723d7d626 fix: markdown core props + styles/scripts permissions 2020-06-18 22:49:26 -04:00
Regev Brody
77086a6e0a
feat: optional kroki/plantuml svg caching (#2047) 
* feat: Caching kroki svgs #2020
 2020-06-18 18:39:25 -04:00
Regev Brody
e03a80dccc
feat: underline markdown support (#2073) 
* fix: no markdown support for underline #2072
 2020-06-18 18:37:24 -04:00
jonasjoest
3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051) 
Signed-off-by: Jonas Jöst <jonas@gpplanet.de>
 2020-06-16 00:11:38 -04:00
Nicolas Giard
9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj 2020-06-13 21:43:21 -04:00
Regev Brody
037822b994
fix: secure html module removes target attribute from links (#2012) 2020-06-07 19:23:33 -04:00
NGPixel
ca0708ea75 feat: extra options for generic S3 module 2020-06-07 18:28:16 -04:00
NGPixel
e45145986a feat: generic S3 module 2020-06-07 18:08:33 -04:00
NGPixel
7a946ec0f5 feat: edit comment 2020-05-31 18:15:15 -04:00
NGPixel
e74605501f feat: comments post min delay 2020-05-31 15:54:20 -04:00
NGPixel
8a74904731 feat: comments delete + refresh on post + formatting 2020-05-31 02:13:41 -04:00
NGPixel
1f9e5b3fd0 feat: delete user with replace target 2020-05-30 16:34:09 -04:00
NGPixel
1222355046 feat: comments - default provider create (wip) + permissions 2020-05-26 22:56:24 -04:00
NGPixel
e1382771cf feat: extensions check + resolver 2020-05-21 00:20:57 -04:00
NGPixel
887e8a0f5a feat: comments disqus + commento 2020-05-21 00:20:57 -04:00
NGPixel
f6bad765a2 feat: assets move + comments migration + admin users UI 2020-05-21 00:20:57 -04:00
NGPixel
1def5289af feat: admin comments page 2020-05-21 00:20:57 -04:00
Robert Lanyi
a581d9837a feat: add Kroki renderer (#1900) 
* feat: Kroki integration

see https://kroki.io/

* fix: markdown-kroki def updates

Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-05-17 18:41:29 -04:00
Simon Lichtinghagen
764d98fa1d
fix: use fullname from keycloak profile info with username as fallback (#1888) 2020-05-15 13:28:55 -04:00
kaziu687
66e725f426
fix: elasticsearch partial match (#1882) 
Improved full text search in elastic provider
 2020-05-13 19:32:28 -04:00
NGPixel
1a33a43a0d fix: use semver for latest version check 2020-05-11 00:09:10 -04:00
NGPixel
7508d92f92 feat: redirect editor UI (wip) 2020-05-10 18:43:45 -04:00
NGPixel
53da387082 feat: plantuml in markdown preview 2020-05-08 22:51:32 -04:00
NGPixel
98bf0d9ccb fix: escape mustache template chars in content 2020-05-08 17:00:02 -04:00
NGPixel
6a4b25bc28 fix: plantuml deflate raw 2020-05-08 14:15:19 -04:00
daneallen
4aa7828a92
fix: add rel option to external links in content (#1853) 
* #1853: XSS attack fix by adding rel noferrer or rel noopen to _blank target external links

* fix: relAttributeExternalLink noopener

Co-authored-by: danallendds <daniel.allen@friends.dds.mil>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-05-07 16:45:11 -04:00
NGPixel
c81ba5a503 fix: markdown footnotes id incorrectly stripped 2020-05-02 15:13:58 -04:00
NGPixel
281172a9f4 feat: mathjax markdown module 2020-04-29 22:32:03 -04:00
NGPixel
954262f517 fix: tabs renderer remove switchTab handler 2020-04-26 21:18:51 -04:00
NGPixel
5d43f6ada1 feat: content tabs 2020-04-26 21:04:08 -04:00
NGPixel
b2931471c0 fix: remove ssh port param for git module 2020-04-25 14:04:14 -04:00
NGPixel
566043ec43 fix: perform git move manually to prevent bad source 2020-04-24 20:30:08 -04:00
NGPixel
d1dd1f195b fix: ldap allow disable cert check + icon 2020-04-24 00:29:49 -04:00
NGPixel
4308152a08 fix: uriencode git user/pass for http remote 2020-04-21 23:35:49 -04:00
NGPixel
2213ba2c81 fix: git custom ssh port not handled 2020-04-21 19:45:25 -04:00
NGPixel
6a00a5dbce fix: git ssh port incorrect default value 2020-04-19 22:47:02 -04:00
NGPixel
514d31a46d feat: hide sidebar option 2020-04-18 18:33:22 -04:00
NGPixel
17f833509f fix: html sanitizer - whitelist start prop for ol tag 2020-04-17 13:09:08 -04:00
NGPixel
2ff3abe0d8 fix: html sanitizer - whitelist i tag 2020-04-17 13:04:56 -04:00
NGPixel
76ade8df53 feat: link autocomplete + insert link modal (markdown) 2020-04-11 00:19:23 -04:00
NGPixel
5229390d87 fix: plantuml default markers 2020-03-29 21:14:44 -04:00
NGPixel
5f382f21cf fix: enable mermaid by default 2020-03-29 20:59:35 -04:00
NGPixel
1d16a3fc71 feat: mermaid support for markdown 2020-03-29 20:54:39 -04:00
NGPixel
44a0f69a78 feat: katex chemical equations support 2020-03-29 17:06:32 -04:00
NGPixel
58b08e54b4 fix: missing footnote module in markdown editor preview 2020-03-28 14:28:08 -04:00
NGPixel
bacbe4f543 fix: whitelist task list checkboxes 2020-03-21 12:49:25 -04:00
NGPixel
b529ad21c9 fix: code blocks incorrect escaping + deps update 2020-03-20 23:23:13 -04:00
NGPixel
2810f7b5af feat: use local assets for twemoji 2020-03-15 22:34:42 -04:00
Lucas
a5297f8c6e
feat: option to restrict Discord auth to a specific server (#1548) 
* Optionally restrict discord authentication to members of a specific server

* fix: discord auth module code linting

Co-authored-by: Lucas Neves <lneves@modusgames.com>
Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-03-07 17:59:10 -05:00
gh0stalker
a6dd93746e
fix: resolve Twitch OAuth API (#1561) 2020-03-07 17:57:09 -05:00
NGPixel
830f51664c feat: katex in markdown preview + xss fix for svg 2020-03-06 14:31:05 -05:00
Nicolas Giard
fba9e0058f
fix: allow figcaption in xss module 2020-02-27 01:17:24 -05:00
NGPixel
c5a22f6d13 fix: editor - show save button as saved when no modif 2020-02-23 12:49:34 -05:00
NGPixel
2d06a1d9df fix: set open external link in new tab as an option 2020-02-22 20:21:26 -05:00
Lukáš Hrdlička
fc79d92423
feat: open external link in new tab (#1453) 2020-02-22 20:15:41 -05:00
NGPixel
09554c8528 fix: add missing html tags to whitelist 2020-02-09 22:54:14 -05:00
NGPixel
90fbc62917 fix: kbd xss whitelist 2020-02-08 16:11:35 -05:00
NGPixel
e68932aa40 feat: purge local repo action for git module 2020-02-03 23:39:00 -05:00
wallrick
b1c7edac90
feat: add ssh port override option for git module (#1432) 
* Adding an override for the ssh port

* fix: git module - ssh custom port

Co-authored-by: Nicolas Giard <github@ngpixel.com>
 2020-02-02 23:21:14 -05:00
NGPixel
f4e3fd0954 feat: tags autocomplete in page properties 2020-02-02 16:24:27 -05:00
NGPixel
9f16d3e3fa fix: code linting 2020-01-31 22:41:14 -05:00
alancnet
73da73a595 fix: allow highlight color (#1365) 2020-01-10 19:48:16 -05:00
NGPixel
6920a35d80 feat: visualize pages (dendograms) 2020-01-05 15:04:16 -05:00
NGPixel
0755c538ed fix: html rendering order param + decodeEntities 2020-01-03 01:07:29 -05:00
NGPixel
edd11cd73f feat: make relative links root absolute option 2020-01-02 20:30:48 -05:00
NGPixel
82376c19b9 fix: render system link detection resets on each find 2020-01-02 13:33:27 -05:00
Scott Simontis
bb03aed1c8 fix: exclude tel: links from parsing #1318 (#1344) 
Telephone links will no longer be incorrectly parsed as web links.

Signed-off-by: Scott Simontis <yo@scottsimontis.io>
 2019-12-31 14:41:05 -05:00
NGPixel
0d6676c19b feat: SFTP storage module + sensitive field option 2019-12-25 01:47:19 -05:00
NGPixel
4a2f1d045b feat: azure blob storage provider + s3 rename fix 2019-12-23 00:12:19 -05:00
NGPixel
f09f1f4f1e feat: delete a user 2019-12-22 16:08:18 -05:00
NGPixel
3b347f262c feat: save rendering configuration 2019-12-21 16:41:03 -05:00
NGPixel
aa5368b2a1 feat: katex + admin SSL UI (wip) + dev warning 2019-12-18 23:45:33 -05:00
Artem S Vybornov
243840c5eb fix: postgres engine to query using configured locale (#1269) 
* fix: Postgres Engine to query using right locale
* fix: postgres search dictLanguage parameter binding
 2019-12-15 17:52:42 -05:00
NGPixel
278cd7173d feat: rendering security module 2019-12-11 23:36:19 -05:00
NGPixel
5d7509acdf feat: api docs editor (wip) + deps update 2019-12-01 22:45:37 -05:00
NGPixel
3183014b25 fix: postgreSQL search engine error during page move (#1181) 2019-11-23 16:21:10 -05:00
NGPixel
e35e68d764 fix: exclude assets from internal link detection (#1189) 2019-11-23 16:13:41 -05:00