Commit Graph

1002 Commits (b7d25473c67f324699ebbdbeb5aabbf67347cdee)

Author SHA1 Message Date
NGPixel dc5d8ddeb2
fix: handle page metadata parse failure
3 years ago
NGPixel 05b4053954
fix: encode filenames for assets force download
3 years ago
NGPixel a50712ea80
fix: handle links to same host but different port as external
3 years ago
Nicolas Giard a652e43ab1
fix: handle multi social auth strategies
3 years ago
Manuel 1f489a3d8e
fix: handle multiple LDAP strategies (#5116)
3 years ago
Gabriel A. Devenyi 2c83472b63
fix(ldap): typo spelling of distinguished (#5066)
3 years ago
NGPixel a3bf1f7916
fix: apply locale restrictions to page rules
3 years ago
NGPixel 411802ec2f
fix: check update page access using original page path
3 years ago
Nicolas Giard 3f5388d093
fix(logging): add default fallback for logFormat config
3 years ago
Marián Skrip de6d4beef9
feat(config): add option to specify default value to env var expansion (#5020)
3 years ago
Marián Skrip 2815f38c52
feat(logging): add option to configure JSON logging (#5022)
3 years ago
Marián Skrip 69e9ccc636
fix: remove wild log that was possibly for debugging (#5021)
3 years ago
NGPixel afafb4f4e0
fix: md task list - use same config as client
3 years ago
matthgyver 7988fa62ca
fix: use body parser limit config with fallback value (#4985)
3 years ago
Nicolas Giard 8e3af9ac15
feat: use config value for json body parser limit
3 years ago
Nicolas Giard 7b14b39de0
fix: prevent upload bypass via uppercase path
3 years ago
NGPixel a04f7bd650
fix: force uploads to use auth headers instead of cookie
3 years ago
NGPixel 92fe9d3e31
fix: view source of page version crash (#3297)
3 years ago
NGPixel e84c15b926
fix: scanSVG incorrect ext reference (#4825)
3 years ago
cybrwshl 802dbd96c3
feat: extends plausible analytics to support self hosted installations (#4824)
3 years ago
NGPixel 79bdd44093
fix: force download of unsafe extensions
3 years ago
NGPixel 57b56d3a5b
fix: validate svg file extension in addition to client mime type
3 years ago
NGPixel 5d3e81496f
fix: sanitize SVG uploads
3 years ago
NGPixel 5173c4802e
fix: use replace instead of replaceAll to support pre-Node16
3 years ago
NGPixel 414033de9d
fix: asset path traversal on windows
3 years ago
Nicolas Giard 87fcfca6d7 feat: add Plausible Analytics module
3 years ago
NGPixel 5911867b21
fix: various OAuth2 fixes
3 years ago
Artur Shaik 87084c66b0
feat: Generic OAuth2 authentication implementation (#3094)
3 years ago
broxen 12aef93cd6
fix: remove excess div wrappers (#4528)
3 years ago
mordini d93bd1ad5a
fix: git storage - 'import everything' feature restored (#4559) (#4572)
3 years ago
broxen db73b650c9
fix: issue with Custom Header IDs (#4527)
3 years ago
Beh ed3925b1c5
fix: use first email address in Rocket.Chat auth response (#3122)
3 years ago
craph 3814eef922
fix: admin email setup toLowerCase (#4516)
3 years ago
Frederic Alix 8d1f752620
feat: add possibility to set PostgreSQL schema other than public (#4161)
3 years ago
Paul Saunders 66bf914725
fix: scheduled git sync task (#4481)
3 years ago
Rainshaw 1dc974245f
fix: sftp error when dir already exists (#4024)
3 years ago
Andrew Yefanov 94aab69ba8
fix: add beacon and error beacon newrelic parameters for eu region support (#4421)
3 years ago
NGPixel d5a5820c2f fix: remove unused middleware
3 years ago
Eric Knibbe c5a45e578e
fix: git storage - handle renamed files & assets (#4307)
3 years ago
Étienne 9864be884d
fix: replace passport-slack implementation (#4369)
3 years ago
Denis ee8006892e
feat: add support of `hd` auth parameter to work with G Suite domains (#4010)
4 years ago
opalmay 9081232e7c
fix: disallow # char in file uploads (#3770)
4 years ago
LK HO a103127545
fix: graceful shutdown (#3821)
4 years ago
LK HO 71aa0c9346
fix: jobs/worker - pass through job error from worker process (#3822)
4 years ago
LK HO a20f70ed8d
fix: rendering/html-core - null checks (#3823)
4 years ago
NGPixel f55caab359 fix: convert page - handle tabsets
4 years ago
NGPixel 84b927915e fix: convert page - task list + UI fixes
4 years ago
NGPixel 26f1c0f372 feat: convert page
4 years ago
NGPixel d75c5532d1 fix: handle raw mustache expressions over multiple lines
4 years ago
NGPixel c57c9d9018 fix: disable cors
4 years ago
Max 033b8e6b21
fix: S3 copyObject usage - Missing bucket name (#3745)
4 years ago
PaulD987 3f001dca2c
fix: loginRedirect doesn't work for non local strategies (#3222)
4 years ago
pylr e87d511978
fix: HSTS header max-age value (#3225)
4 years ago
NGPixel 5ffa189383 fix: add v-pre to pre tags at render time
4 years ago
Thomas Nilefalk 919d7c12a1
fix: syntax error in rebuild-tree.js (#3048)
4 years ago
Paul 806e4e8f11
fix: get syncInterval from model instead of module data (#3003)
4 years ago
Kevyn Bruyere b106018029
fix: LDAP - avoid reading empty tls cert file (#2980)
4 years ago
scienceasdf 4b80bab88e
fix: rebuilding tree error when the page number is large enough in sqlite (#2830)
4 years ago
Adrián Martínez Interactiv4 52304a8149
fix: update storage.js to match pageHelper.injectPageMetadata (#2832)
4 years ago
drewblin 063251248c
fix: set autocommit for mysql (#2638)
4 years ago
scienceasdf d7d00b44f6
fix: search engine broken when renaming or moving pages (#2815)
4 years ago
scienceasdf d89224405c
feat: set analyzer for elasticsearch (#2793)
4 years ago
Eric Knibbe d04e33eb6b
fix: use absolute URL for logo in email if path relative (#2628)
4 years ago
avioral 089b7850d9 fix: broken draw io diagram on rtl mode, improve elasticsearch config (#2647)
4 years ago
YAEGASHI Takeshi a3513b1bdf
fix: enable passport-azure-ad workaround for SameSite cookies (#2567)
4 years ago
Chris a6bf2412d7
fix: superscript typo in module definition.yml (#2577)
4 years ago
Nicolas Giard 04a1896811
fix: revert refactor in markdown-kroki and plantuml modules (#2619)
4 years ago
Jafar Akhondali 5ba36ee421
refactor: server code (#2545)
4 years ago
NGPixel 63c8a308ba fix: remove bugsnag + update deps
4 years ago
NGPixel fe890979af fix: bypass auth redirect cookie when set to homepage
4 years ago
NGPixel 0fa5b9750d fix: handle missing extra field during page render
4 years ago
NGPixel 9762bdc2ce fix: set enableArithAbort explicit value for tedious driver
4 years ago
Mirko Iannella 31a18c8a67
fix: check for email array during processProfile (#2515)
4 years ago
Aaron 23e3403054
fix: update Matomo integration client code (#2526)
4 years ago
NGPixel 084dcd69d1 fix: strip directory traversal sequences from asset paths
4 years ago
NGPixel b0f61d6605 feat: rocket.chat auth module
4 years ago
Иван 79c5b8fac2
fix: security html module removes allow attribute from iframes (#2354)
4 years ago
Riccardo Re 660b78d9e2
fix: support permissions by tags for basic db search engine (#2416)
4 years ago
NGPixel 1404d6343e fix: API key incorrectly forces token revalidation
4 years ago
NGPixel 8f6cba262f fix: draw.io svgs are no longer removed with linebreaks (#2415)
4 years ago
NGPixel 02c3c66084 fix: checkExclusiveAccess incorrectly includes root admin
4 years ago
NGPixel 7c0d6e2883 fix: prevent write:groups from self-promoting
4 years ago
NGPixel f988c5f811 fix: logout URL endpoint option for oauth2 module
4 years ago
NGPixel 9009816290 fix: 2fa qr code - handle special chars in site title
4 years ago
NGPixel aa96e97028 fix: force lowercase for email on local auth
4 years ago
NGPixel 5295e413be fix: bypass page rule check for global permission check + handle missing page extra field
4 years ago
Rus 68d31af7af
fix: discord auth module new URL. (#2390)
4 years ago
NGPixel 78417524b3 feat: ldap avatar support
4 years ago
NGPixel 794ecc6ef6 fix: new install local auth not enabled (#2375)
4 years ago
NGPixel 9f1ba0a32f fix: elastic apm rum client script
4 years ago
NGPixel af054257bd fix: 2.5.108 migration (2)
4 years ago
NGPixel 0ce63c8ef7 fix: 2.5.108 migration
4 years ago
NGPixel 60f2a2a8d9 fix: migration error for new installs
4 years ago
NGPixel ef739de970 feat: purge history utility
4 years ago
NGPixel 8490fc1267 feat: handle disabled auth strategies
4 years ago
NGPixel 17f8071abe fix: LDAP missing reqToCallback
4 years ago
NGPixel 062a0b7979 feat: logout by auth strategy + keycloak implementation
4 years ago
jaljo cda1f1e805
feat: export creation date in dumped content (#2345)
4 years ago
NGPixel ae733392f3 feat: password reset
4 years ago
NGPixel 4dcf664040 fix: handle removed auth strategies
4 years ago
NGPixel e319355017 feat: enable/disable TFA per user
4 years ago
NGPixel 32d67adee1 feat: social login providers with dynamic instances
4 years ago
moonkey124 a7ddafd4aa
fix: incorrect error name for 1017 (#2331)
4 years ago
NGPixel 8c205b6950 fix: site title check + UI fixes + 2FA setup on account verify
4 years ago
NGPixel f72530bf84 refactor: deps update + 2FA setup + verify
4 years ago
Dan Nicholson d5d368cd33
feat: fix + enable OIDC auth method (#2282)
4 years ago
Marks Polakovs 95b6a7ad82
fix: resolve tags on pages in GraphQL (#2247)
4 years ago
Seyed Sajad Kahani 15bca54bdf
fix: change language in edit, history and source pages (#2194)
4 years ago
Higor Tavares 06c372d53f
fix: foreign key constraint when page have comments (#2199)
4 years ago
NGPixel 26af63a80b fix: login input hints
4 years ago
NGPixel 4cd6fe8a56 fix: unauthorized admin should receive 403 code
4 years ago
NGPixel 4f16dd0c81 fix: admin permissions + restrict nav settings
4 years ago
NGPixel 10f17c5712 feat: redirect on login based on group
4 years ago
NGPixel be499e5795 fix: auth strategy dependent username label
4 years ago
NGPixel 52d0af19b4 feat: diagram rendering + post-processor (wip)
4 years ago
Regev Brody b2ff064d34
fix: stream assets from storage local locations (#2087)
4 years ago
NGPixel 57f5cbd5b6 misc: knex update for mssql constraint bug
4 years ago
NGPixel 1ced9649c7 feat: enforce 2fa admin setting + hide local on login screen
4 years ago
NGPixel b2f292cc39 fix: MSSQL migration 2.5.1
4 years ago
NGPixel 31661b2cb3 fix: token renewal date
4 years ago
NGPixel b475795595 feat: login bg + bypass + hide local option
4 years ago
NGPixel 5282a82afe fix: wait for sideload locales before server start (#1248)
4 years ago
Nicolas Giard c009cc1392
feat: new login experience (#2139)
4 years ago
Regev Brody 1c4829f70f
fix: tags filtered by access (#2100)
4 years ago
Regev Brody 41327dd1e8
feat: support MultiMarkdown tables (#2126)
4 years ago
TakeruDMC cf3a48a6fa
fix: "undefined" error on deletePage by git storage (#2132)
4 years ago
Seyed Sajad Kahani 3c5352fb53
fix: change reconnectLink behavior for page move (#1991)
4 years ago
Maho Hiyajo ea3962d143
fix: change discord module ‘discordapp.com’ to ‘discord.com’ (#2117)
4 years ago
Nicolas Giard 2409b286da
fix: matomo module siteId
4 years ago
NGPixel 1c18f3a4c2 fix: revoke typo
4 years ago
NGPixel 98f21b9f6a fix: revalidate tokens created prior to server startup
4 years ago
NGPixel 92b29d1f06 fix: check revalidation timestamp
4 years ago
NGPixel c37b0ad1d7 fix: remove console log from authenticate func
4 years ago
NGPixel a25431bcf8 fix: token revocation incorrect TTL
4 years ago
NGPixel a690e5597f fix: revocation token list for users + groups
4 years ago
Regev Brody 33a9d5774c
fix: GraphQL error with MySQL and FULL OUTER JOIN (#2104)
4 years ago
Regev Brody 6ef7b0f130
fix: deactivated users can still refresh their token (#2105)
4 years ago
Regev Brody 4bc284b06e
fix: page schema validation for extra field (#2097)
4 years ago
NGPixel 4cb7f33dcf feat: visual editor code + sub/sup + table props
5 years ago
NGPixel 4855051d87 feat: page published state + comments localization
5 years ago
NGPixel 83b83a7510 feat: page css + scripts
5 years ago
NGPixel 53ddb50b51 feat: save page scripts + styles
5 years ago
NGPixel 718c14dd74 feat: editor props scripts + styles code editor
5 years ago
Regev Brody 0a16929a57
fix: editing buttons showing up even if no action is allowed (#2043)
5 years ago
NGPixel b723d7d626 fix: markdown core props + styles/scripts permissions
5 years ago
Regev Brody 77086a6e0a
feat: optional kroki/plantuml svg caching (#2047)
5 years ago
Regev Brody e03a80dccc
feat: underline markdown support (#2073)
5 years ago
Regev Brody 0e6340f51e
fix: use config value for tokenRenewal expiration (#2042)
5 years ago
jonasjoest 3b055f2ed5
fix: use first email address when retrieving multiple from LDAP (#2051)
5 years ago
Nicolas Giard 9e08718ee9
Merge pull request from GHSA-9jgg-4xj2-vjjj
5 years ago
Regev Brody 4ffd1325bd
fix: sidebar is empty when the jwt token is expired (#2037)
5 years ago
Regev Brody 037822b994
fix: secure html module removes target attribute from links (#2012)
5 years ago
NGPixel ca0708ea75 feat: extra options for generic S3 module
5 years ago
NGPixel e45145986a feat: generic S3 module
5 years ago
Regev Brody a508a27475
fix: validate permissions when listing assets (#1928)
5 years ago
NGPixel 65f71d8e3b fix: strip starting slash from path during page create
5 years ago
NGPixel deacd80c45 fix: dashboard invalid version on load
5 years ago
NGPixel c2a0773633 fix: site config host slice
5 years ago
NGPixel 2013ee4fa2 fix: failed auth strategy prevent local auth from initializing
5 years ago
NGPixel 3891816758 fix: setup assets location + mysql migration 2.4.13
5 years ago
NGPixel 7a946ec0f5 feat: edit comment
5 years ago
NGPixel e74605501f feat: comments post min delay
5 years ago
NGPixel 8a74904731 feat: comments delete + refresh on post + formatting
5 years ago
NGPixel 83f7c2867d fix: admin security UI
5 years ago
NGPixel 1f9e5b3fd0 feat: delete user with replace target
5 years ago
daneallen 20e6bc1a70
fix: Open Redirect Vulnerability Mitigation - CWE 601 (#1963)
5 years ago
NGPixel 1222355046 feat: comments - default provider create (wip) + permissions
5 years ago
NGPixel 8205faca53 feat: use asar for twemoji assets
5 years ago
NGPixel a0618ee4f6 feat: comments UI improvements
5 years ago
Regev Brody 8a1b5b1383
fix: S3 Export all trigger (#1922)
5 years ago
NGPixel 6b561623ee fix: incorrect migration name 2.4.14
5 years ago
NGPixel df246af3bb fix: remove makefile + update nvmrc version
5 years ago
NGPixel e1382771cf feat: extensions check + resolver
5 years ago
NGPixel fb6c01c538 fix: legacy page view
5 years ago
NGPixel 887e8a0f5a feat: comments disqus + commento
5 years ago
NGPixel f6bad765a2 feat: assets move + comments migration + admin users UI
5 years ago
NGPixel 1def5289af feat: admin comments page
5 years ago
Robert Lanyi a581d9837a feat: add Kroki renderer (#1900)
5 years ago
Simon Lichtinghagen 764d98fa1d
fix: use fullname from keycloak profile info with username as fallback (#1888)
5 years ago
kaziu687 66e725f426
fix: elasticsearch partial match (#1882)
5 years ago
NGPixel 1a33a43a0d fix: use semver for latest version check
5 years ago
NGPixel 7508d92f92 feat: redirect editor UI (wip)
5 years ago
NGPixel 134f057bb8 feat: uploads config + security admin page
5 years ago
NGPixel 53da387082 feat: plantuml in markdown preview
5 years ago
NGPixel cc9f022051 fix: nav external blank option
5 years ago
NGPixel 98bf0d9ccb fix: escape mustache template chars in content
5 years ago
NGPixel 2ff0e42c1d fix: add verifySSL option to mail settings
5 years ago
NGPixel 6a4b25bc28 fix: plantuml deflate raw
5 years ago
daneallen 4aa7828a92
fix: add rel option to external links in content (#1853)
5 years ago
NGPixel d2b99a2032 feat: timezone + dateFOrmat + appearance profile settings
5 years ago
NGPixel c81ba5a503 fix: markdown footnotes id incorrectly stripped
5 years ago
NGPixel 281172a9f4 feat: mathjax markdown module
5 years ago
NGPixel 954262f517 fix: tabs renderer remove switchTab handler
5 years ago
NGPixel 5d43f6ada1 feat: content tabs
5 years ago
NGPixel bbe64ef6b6 feat: static navigation menu option
5 years ago
NGPixel b2931471c0 fix: remove ssh port param for git module
5 years ago
NGPixel 89debd57f7 fix: path chars check typo
5 years ago
NGPixel 7306fabdba fix: auto-trim trailing slash from paths + illegal chars check during move
5 years ago
NGPixel 566043ec43 fix: perform git move manually to prevent bad source
5 years ago
NGPixel bade9430f2 fix: storage internalSchedule typo
5 years ago