Commit Graph

887 Commits (504f1725a2d497bf5a62416f0ae2cc890359c500)

Author SHA1 Message Date
Nicolas Giard 7b14b39de0
fix: prevent upload bypass via uppercase path
3 years ago
NGPixel a04f7bd650
fix: force uploads to use auth headers instead of cookie
3 years ago
NGPixel 92fe9d3e31
fix: view source of page version crash (#3297)
3 years ago
NGPixel e84c15b926
fix: scanSVG incorrect ext reference (#4825)
3 years ago
cybrwshl 802dbd96c3
feat: extends plausible analytics to support self hosted installations (#4824)
3 years ago
NGPixel 79bdd44093
fix: force download of unsafe extensions
3 years ago
NGPixel 57b56d3a5b
fix: validate svg file extension in addition to client mime type
3 years ago
NGPixel 5d3e81496f
fix: sanitize SVG uploads
3 years ago
NGPixel 5173c4802e
fix: use replace instead of replaceAll to support pre-Node16
3 years ago
NGPixel 414033de9d
fix: asset path traversal on windows
3 years ago
Nicolas Giard 87fcfca6d7 feat: add Plausible Analytics module
3 years ago
NGPixel 5911867b21
fix: various OAuth2 fixes
3 years ago
Artur Shaik 87084c66b0
feat: Generic OAuth2 authentication implementation (#3094)
3 years ago
broxen 12aef93cd6
fix: remove excess div wrappers (#4528)
3 years ago
mordini d93bd1ad5a
fix: git storage - 'import everything' feature restored (#4559) (#4572)
3 years ago
broxen db73b650c9
fix: issue with Custom Header IDs (#4527)
3 years ago
Beh ed3925b1c5
fix: use first email address in Rocket.Chat auth response (#3122)
3 years ago
craph 3814eef922
fix: admin email setup toLowerCase (#4516)
3 years ago
Frederic Alix 8d1f752620
feat: add possibility to set PostgreSQL schema other than public (#4161)
3 years ago
Paul Saunders 66bf914725
fix: scheduled git sync task (#4481)
3 years ago
Rainshaw 1dc974245f
fix: sftp error when dir already exists (#4024)
3 years ago
Andrew Yefanov 94aab69ba8
fix: add beacon and error beacon newrelic parameters for eu region support (#4421)
3 years ago
NGPixel d5a5820c2f fix: remove unused middleware
3 years ago
Eric Knibbe c5a45e578e
fix: git storage - handle renamed files & assets (#4307)
3 years ago
Étienne 9864be884d
fix: replace passport-slack implementation (#4369)
3 years ago
Denis ee8006892e
feat: add support of `hd` auth parameter to work with G Suite domains (#4010)
4 years ago
opalmay 9081232e7c
fix: disallow # char in file uploads (#3770)
4 years ago
LK HO a103127545
fix: graceful shutdown (#3821)
4 years ago
LK HO 71aa0c9346
fix: jobs/worker - pass through job error from worker process (#3822)
4 years ago
LK HO a20f70ed8d
fix: rendering/html-core - null checks (#3823)
4 years ago
NGPixel f55caab359 fix: convert page - handle tabsets
4 years ago
NGPixel 84b927915e fix: convert page - task list + UI fixes
4 years ago
NGPixel 26f1c0f372 feat: convert page
4 years ago
NGPixel d75c5532d1 fix: handle raw mustache expressions over multiple lines
4 years ago
NGPixel c57c9d9018 fix: disable cors
4 years ago
Max 033b8e6b21
fix: S3 copyObject usage - Missing bucket name (#3745)
4 years ago
PaulD987 3f001dca2c
fix: loginRedirect doesn't work for non local strategies (#3222)
4 years ago
pylr e87d511978
fix: HSTS header max-age value (#3225)
4 years ago
NGPixel 5ffa189383 fix: add v-pre to pre tags at render time
4 years ago
Thomas Nilefalk 919d7c12a1
fix: syntax error in rebuild-tree.js (#3048)
4 years ago
Paul 806e4e8f11
fix: get syncInterval from model instead of module data (#3003)
4 years ago
Kevyn Bruyere b106018029
fix: LDAP - avoid reading empty tls cert file (#2980)
4 years ago
scienceasdf 4b80bab88e
fix: rebuilding tree error when the page number is large enough in sqlite (#2830)
4 years ago
Adrián Martínez Interactiv4 52304a8149
fix: update storage.js to match pageHelper.injectPageMetadata (#2832)
4 years ago
drewblin 063251248c
fix: set autocommit for mysql (#2638)
4 years ago
scienceasdf d7d00b44f6
fix: search engine broken when renaming or moving pages (#2815)
4 years ago
scienceasdf d89224405c
feat: set analyzer for elasticsearch (#2793)
4 years ago
Eric Knibbe d04e33eb6b
fix: use absolute URL for logo in email if path relative (#2628)
4 years ago
avioral 089b7850d9 fix: broken draw io diagram on rtl mode, improve elasticsearch config (#2647)
4 years ago
YAEGASHI Takeshi a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies (#2567)
4 years ago
Chris a6bf2412d7
fix: superscript typo in module definition.yml (#2577)
4 years ago
Nicolas Giard 04a1896811
fix: revert refactor in markdown-kroki and plantuml modules (#2619)
4 years ago
Jafar Akhondali 5ba36ee421
refactor: server code (#2545)
4 years ago
NGPixel 63c8a308ba fix: remove bugsnag + update deps
4 years ago
NGPixel fe890979af fix: bypass auth redirect cookie when set to homepage
4 years ago
NGPixel 0fa5b9750d fix: handle missing extra field during page render
4 years ago
NGPixel 9762bdc2ce fix: set enableArithAbort explicit value for tedious driver
4 years ago
Mirko Iannella 31a18c8a67
fix: check for email array during processProfile (#2515)
4 years ago
Aaron 23e3403054
fix: update Matomo integration client code (#2526)
4 years ago
NGPixel 084dcd69d1 fix: strip directory traversal sequences from asset paths
4 years ago
NGPixel b0f61d6605 feat: rocket.chat auth module
4 years ago
Иван 79c5b8fac2
fix: security html module removes allow attribute from iframes (#2354)
4 years ago
Riccardo Re 660b78d9e2
fix: support permissions by tags for basic db search engine (#2416)
4 years ago
NGPixel 1404d6343e fix: API key incorrectly forces token revalidation
4 years ago
NGPixel 8f6cba262f fix: draw.io svgs are no longer removed with linebreaks (#2415)
4 years ago
NGPixel 02c3c66084 fix: checkExclusiveAccess incorrectly includes root admin
4 years ago
NGPixel 7c0d6e2883 fix: prevent write:groups from self-promoting
4 years ago
NGPixel f988c5f811 fix: logout URL endpoint option for oauth2 module
4 years ago
NGPixel 9009816290 fix: 2fa qr code - handle special chars in site title
4 years ago
NGPixel aa96e97028 fix: force lowercase for email on local auth
4 years ago
NGPixel 5295e413be fix: bypass page rule check for global permission check + handle missing page extra field
4 years ago
Rus 68d31af7af
fix: discord auth module new URL. (#2390)
4 years ago
NGPixel 78417524b3 feat: ldap avatar support
4 years ago
NGPixel 794ecc6ef6 fix: new install local auth not enabled (#2375)
4 years ago
NGPixel 9f1ba0a32f fix: elastic apm rum client script
4 years ago
NGPixel af054257bd fix: 2.5.108 migration (2)
4 years ago
NGPixel 0ce63c8ef7 fix: 2.5.108 migration
4 years ago
NGPixel 60f2a2a8d9 fix: migration error for new installs
4 years ago
NGPixel ef739de970 feat: purge history utility
4 years ago
NGPixel 8490fc1267 feat: handle disabled auth strategies
4 years ago
NGPixel 17f8071abe fix: LDAP missing reqToCallback
4 years ago
NGPixel 062a0b7979 feat: logout by auth strategy + keycloak implementation
4 years ago
jaljo cda1f1e805
feat: export creation date in dumped content (#2345)
4 years ago
NGPixel ae733392f3 feat: password reset
4 years ago
NGPixel 4dcf664040 fix: handle removed auth strategies
4 years ago
NGPixel e319355017 feat: enable/disable TFA per user
4 years ago
NGPixel 32d67adee1 feat: social login providers with dynamic instances
4 years ago
moonkey124 a7ddafd4aa
fix: incorrect error name for 1017 (#2331)
4 years ago
NGPixel 8c205b6950 fix: site title check + UI fixes + 2FA setup on account verify
4 years ago
NGPixel f72530bf84 refactor: deps update + 2FA setup + verify
4 years ago
Dan Nicholson d5d368cd33
feat: fix + enable OIDC auth method (#2282)
4 years ago
Marks Polakovs 95b6a7ad82
fix: resolve tags on pages in GraphQL (#2247)
4 years ago
Seyed Sajad Kahani 15bca54bdf
fix: change language in edit, history and source pages (#2194)
4 years ago
Higor Tavares 06c372d53f
fix: foreign key constraint when page have comments (#2199)
4 years ago
NGPixel 26af63a80b fix: login input hints
4 years ago
NGPixel 4cd6fe8a56 fix: unauthorized admin should receive 403 code
4 years ago
NGPixel 4f16dd0c81 fix: admin permissions + restrict nav settings
4 years ago
NGPixel 10f17c5712 feat: redirect on login based on group
4 years ago
NGPixel be499e5795 fix: auth strategy dependent username label
4 years ago
NGPixel 52d0af19b4 feat: diagram rendering + post-processor (wip)
4 years ago