Commit Graph

934 Commits (55a63a3c5aadc4b3c9d2049d60e08dbeb413792c)

Author SHA1 Message Date
NGPixel e84c15b926
fix: scanSVG incorrect ext reference (#4825)
3 years ago
cybrwshl 802dbd96c3
feat: extends plausible analytics to support self hosted installations (#4824)
3 years ago
NGPixel 79bdd44093
fix: force download of unsafe extensions
3 years ago
NGPixel 57b56d3a5b
fix: validate svg file extension in addition to client mime type
3 years ago
NGPixel 5d3e81496f
fix: sanitize SVG uploads
3 years ago
NGPixel 5173c4802e
fix: use replace instead of replaceAll to support pre-Node16
3 years ago
NGPixel 414033de9d
fix: asset path traversal on windows
3 years ago
Nicolas Giard 87fcfca6d7 feat: add Plausible Analytics module
3 years ago
NGPixel 5911867b21
fix: various OAuth2 fixes
3 years ago
Artur Shaik 87084c66b0
feat: Generic OAuth2 authentication implementation (#3094)
3 years ago
broxen 12aef93cd6
fix: remove excess div wrappers (#4528)
3 years ago
mordini d93bd1ad5a
fix: git storage - 'import everything' feature restored (#4559) (#4572)
3 years ago
broxen db73b650c9
fix: issue with Custom Header IDs (#4527)
3 years ago
Beh ed3925b1c5
fix: use first email address in Rocket.Chat auth response (#3122)
3 years ago
craph 3814eef922
fix: admin email setup toLowerCase (#4516)
3 years ago
Frederic Alix 8d1f752620
feat: add possibility to set PostgreSQL schema other than public (#4161)
3 years ago
Paul Saunders 66bf914725
fix: scheduled git sync task (#4481)
3 years ago
Rainshaw 1dc974245f
fix: sftp error when dir already exists (#4024)
3 years ago
Andrew Yefanov 94aab69ba8
fix: add beacon and error beacon newrelic parameters for eu region support (#4421)
3 years ago
NGPixel d5a5820c2f fix: remove unused middleware
3 years ago
Eric Knibbe c5a45e578e
fix: git storage - handle renamed files & assets (#4307)
3 years ago
Étienne 9864be884d
fix: replace passport-slack implementation (#4369)
3 years ago
Denis ee8006892e
feat: add support of `hd` auth parameter to work with G Suite domains (#4010)
4 years ago
opalmay 9081232e7c
fix: disallow # char in file uploads (#3770)
4 years ago
LK HO a103127545
fix: graceful shutdown (#3821)
4 years ago
LK HO 71aa0c9346
fix: jobs/worker - pass through job error from worker process (#3822)
4 years ago
LK HO a20f70ed8d
fix: rendering/html-core - null checks (#3823)
4 years ago
NGPixel f55caab359 fix: convert page - handle tabsets
4 years ago
NGPixel 84b927915e fix: convert page - task list + UI fixes
4 years ago
NGPixel 26f1c0f372 feat: convert page
4 years ago
NGPixel d75c5532d1 fix: handle raw mustache expressions over multiple lines
4 years ago
NGPixel c57c9d9018 fix: disable cors
4 years ago
Max 033b8e6b21
fix: S3 copyObject usage - Missing bucket name (#3745)
4 years ago
PaulD987 3f001dca2c
fix: loginRedirect doesn't work for non local strategies (#3222)
4 years ago
pylr e87d511978
fix: HSTS header max-age value (#3225)
4 years ago
NGPixel 5ffa189383 fix: add v-pre to pre tags at render time
4 years ago
Thomas Nilefalk 919d7c12a1
fix: syntax error in rebuild-tree.js (#3048)
4 years ago
Paul 806e4e8f11
fix: get syncInterval from model instead of module data (#3003)
4 years ago
Kevyn Bruyere b106018029
fix: LDAP - avoid reading empty tls cert file (#2980)
4 years ago
scienceasdf 4b80bab88e
fix: rebuilding tree error when the page number is large enough in sqlite (#2830)
4 years ago
Adrián Martínez Interactiv4 52304a8149
fix: update storage.js to match pageHelper.injectPageMetadata (#2832)
4 years ago
drewblin 063251248c
fix: set autocommit for mysql (#2638)
4 years ago
scienceasdf d7d00b44f6
fix: search engine broken when renaming or moving pages (#2815)
4 years ago
scienceasdf d89224405c
feat: set analyzer for elasticsearch (#2793)
4 years ago
Eric Knibbe d04e33eb6b
fix: use absolute URL for logo in email if path relative (#2628)
4 years ago
avioral 089b7850d9 fix: broken draw io diagram on rtl mode, improve elasticsearch config (#2647)
4 years ago
YAEGASHI Takeshi a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies (#2567)
4 years ago
Chris a6bf2412d7
fix: superscript typo in module definition.yml (#2577)
4 years ago
Nicolas Giard 04a1896811
fix: revert refactor in markdown-kroki and plantuml modules (#2619)
4 years ago
Jafar Akhondali 5ba36ee421
refactor: server code (#2545)
4 years ago
NGPixel 63c8a308ba fix: remove bugsnag + update deps
4 years ago
NGPixel fe890979af fix: bypass auth redirect cookie when set to homepage
4 years ago
NGPixel 0fa5b9750d fix: handle missing extra field during page render
4 years ago
NGPixel 9762bdc2ce fix: set enableArithAbort explicit value for tedious driver
4 years ago
Mirko Iannella 31a18c8a67
fix: check for email array during processProfile (#2515)
4 years ago
Aaron 23e3403054
fix: update Matomo integration client code (#2526)
4 years ago
NGPixel 084dcd69d1 fix: strip directory traversal sequences from asset paths
4 years ago
NGPixel b0f61d6605 feat: rocket.chat auth module
4 years ago
Иван 79c5b8fac2
fix: security html module removes allow attribute from iframes (#2354)
4 years ago
Riccardo Re 660b78d9e2
fix: support permissions by tags for basic db search engine (#2416)
4 years ago
NGPixel 1404d6343e fix: API key incorrectly forces token revalidation
4 years ago
NGPixel 8f6cba262f fix: draw.io svgs are no longer removed with linebreaks (#2415)
4 years ago
NGPixel 02c3c66084 fix: checkExclusiveAccess incorrectly includes root admin
4 years ago
NGPixel 7c0d6e2883 fix: prevent write:groups from self-promoting
4 years ago
NGPixel f988c5f811 fix: logout URL endpoint option for oauth2 module
4 years ago
NGPixel 9009816290 fix: 2fa qr code - handle special chars in site title
4 years ago
NGPixel aa96e97028 fix: force lowercase for email on local auth
4 years ago
NGPixel 5295e413be fix: bypass page rule check for global permission check + handle missing page extra field
4 years ago
Rus 68d31af7af
fix: discord auth module new URL. (#2390)
4 years ago
NGPixel 78417524b3 feat: ldap avatar support
4 years ago
NGPixel 794ecc6ef6 fix: new install local auth not enabled (#2375)
4 years ago
NGPixel 9f1ba0a32f fix: elastic apm rum client script
4 years ago
NGPixel af054257bd fix: 2.5.108 migration (2)
4 years ago
NGPixel 0ce63c8ef7 fix: 2.5.108 migration
4 years ago
NGPixel 60f2a2a8d9 fix: migration error for new installs
4 years ago
NGPixel ef739de970 feat: purge history utility
4 years ago
NGPixel 8490fc1267 feat: handle disabled auth strategies
4 years ago
NGPixel 17f8071abe fix: LDAP missing reqToCallback
4 years ago
NGPixel 062a0b7979 feat: logout by auth strategy + keycloak implementation
4 years ago
jaljo cda1f1e805
feat: export creation date in dumped content (#2345)
4 years ago
NGPixel ae733392f3 feat: password reset
4 years ago
NGPixel 4dcf664040 fix: handle removed auth strategies
4 years ago
NGPixel e319355017 feat: enable/disable TFA per user
4 years ago
NGPixel 32d67adee1 feat: social login providers with dynamic instances
4 years ago
moonkey124 a7ddafd4aa
fix: incorrect error name for 1017 (#2331)
4 years ago
NGPixel 8c205b6950 fix: site title check + UI fixes + 2FA setup on account verify
4 years ago
NGPixel f72530bf84 refactor: deps update + 2FA setup + verify
4 years ago
Dan Nicholson d5d368cd33
feat: fix + enable OIDC auth method (#2282)
4 years ago
Marks Polakovs 95b6a7ad82
fix: resolve tags on pages in GraphQL (#2247)
4 years ago
Seyed Sajad Kahani 15bca54bdf
fix: change language in edit, history and source pages (#2194)
4 years ago
Higor Tavares 06c372d53f
fix: foreign key constraint when page have comments (#2199)
4 years ago
NGPixel 26af63a80b fix: login input hints
4 years ago
NGPixel 4cd6fe8a56 fix: unauthorized admin should receive 403 code
4 years ago
NGPixel 4f16dd0c81 fix: admin permissions + restrict nav settings
4 years ago
NGPixel 10f17c5712 feat: redirect on login based on group
4 years ago
NGPixel be499e5795 fix: auth strategy dependent username label
4 years ago
NGPixel 52d0af19b4 feat: diagram rendering + post-processor (wip)
4 years ago
Regev Brody b2ff064d34
fix: stream assets from storage local locations (#2087)
4 years ago
NGPixel 57f5cbd5b6 misc: knex update for mssql constraint bug
4 years ago
NGPixel 1ced9649c7 feat: enforce 2fa admin setting + hide local on login screen
4 years ago
NGPixel b2f292cc39 fix: MSSQL migration 2.5.1
4 years ago
NGPixel 31661b2cb3 fix: token renewal date
4 years ago
NGPixel b475795595 feat: login bg + bypass + hide local option
4 years ago
NGPixel 5282a82afe fix: wait for sideload locales before server start (#1248)
4 years ago
Nicolas Giard c009cc1392
feat: new login experience (#2139)
4 years ago
Regev Brody 1c4829f70f
fix: tags filtered by access (#2100)
4 years ago
Regev Brody 41327dd1e8
feat: support MultiMarkdown tables (#2126)
4 years ago
TakeruDMC cf3a48a6fa
fix: "undefined" error on deletePage by git storage (#2132)
4 years ago
Seyed Sajad Kahani 3c5352fb53
fix: change reconnectLink behavior for page move (#1991)
4 years ago
Maho Hiyajo ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117)
4 years ago
Nicolas Giard 2409b286da
fix: matomo module siteId
4 years ago
NGPixel 1c18f3a4c2 fix: revoke typo
4 years ago
NGPixel 98f21b9f6a fix: revalidate tokens created prior to server startup
4 years ago
NGPixel 92b29d1f06 fix: check revalidation timestamp
4 years ago
NGPixel c37b0ad1d7 fix: remove console log from authenticate func
4 years ago
NGPixel a25431bcf8 fix: token revocation incorrect TTL
4 years ago
NGPixel a690e5597f fix: revocation token list for users + groups
4 years ago
Regev Brody 33a9d5774c
fix: GraphQL error with MySQL and FULL OUTER JOIN (#2104)
4 years ago
Regev Brody 6ef7b0f130
fix: deactivated users can still refresh their token (#2105)
4 years ago
Regev Brody 4bc284b06e
fix: page schema validation for extra field (#2097)
4 years ago
NGPixel 4cb7f33dcf feat: visual editor code + sub/sup + table props
4 years ago
NGPixel 4855051d87 feat: page published state + comments localization
4 years ago
NGPixel 83b83a7510 feat: page css + scripts
4 years ago
NGPixel 53ddb50b51 feat: save page scripts + styles
4 years ago
NGPixel 718c14dd74 feat: editor props scripts + styles code editor
4 years ago
Regev Brody 0a16929a57
fix: editing buttons showing up even if no action is allowed (#2043)
4 years ago
NGPixel b723d7d626 fix: markdown core props + styles/scripts permissions
4 years ago
Regev Brody 77086a6e0a
feat: optional kroki/plantuml svg caching (#2047)
4 years ago
Regev Brody e03a80dccc
feat: underline markdown support (#2073)
4 years ago
Regev Brody 0e6340f51e
fix: use config value for tokenRenewal expiration (#2042)
4 years ago
jonasjoest 3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051)
4 years ago
Nicolas Giard 9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj
4 years ago
Regev Brody 4ffd1325bd
fix: sidebar is empty when the jwt token is expired (#2037)
5 years ago
Regev Brody 037822b994
fix: secure html module removes target attribute from links (#2012)
5 years ago
NGPixel ca0708ea75 feat: extra options for generic S3 module
5 years ago
NGPixel e45145986a feat: generic S3 module
5 years ago
Regev Brody a508a27475
fix: validate permissions when listing assets (#1928)
5 years ago
NGPixel 65f71d8e3b fix: strip starting slash from path during page create
5 years ago
NGPixel deacd80c45 fix: dashboard invalid version on load
5 years ago
NGPixel c2a0773633 fix: site config host slice
5 years ago
NGPixel 2013ee4fa2 fix: failed auth strategy prevent local auth from initializing
5 years ago
NGPixel 3891816758 fix: setup assets location + mysql migration 2.4.13
5 years ago
NGPixel 7a946ec0f5 feat: edit comment
5 years ago
NGPixel e74605501f feat: comments post min delay
5 years ago
NGPixel 8a74904731 feat: comments delete + refresh on post + formatting
5 years ago
NGPixel 83f7c2867d fix: admin security UI
5 years ago
NGPixel 1f9e5b3fd0 feat: delete user with replace target
5 years ago
daneallen 20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963)
5 years ago
NGPixel 1222355046 feat: comments - default provider create (wip) + permissions
5 years ago
NGPixel 8205faca53 feat: use asar for twemoji assets
5 years ago