mirrors/TiddlyWiki5
1
Fork 0
mirror of https://github.com/Jermolene/TiddlyWiki5.git synced 2026-01-02 23:33:47 -08:00
Code Issues Projects Releases Packages Wiki Activity
8503 commits 141 branches 70 tags 104 MiB
Commit graph

3256 commits

Author SHA1 Message Date
Jermolene
cc2f5e0d11 Tweaks to the single tiddler static view 
Adding a simple sidebar
 2018-07-01 12:05:51 +01:00
Jermolene
0d7d1ad67e First pass at a route for serving rendered tiddlers 
cc @Drakor
 2018-06-30 14:35:37 +01:00
Jermolene
ed2546c8ff Add support for HTTPS 2018-06-27 22:07:06 +01:00
Jermolene
867488a25b Add custom request header as CSRF mitigation 
By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"

See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers
 2018-06-27 19:10:36 +01:00
Jermolene
740a9b170e Add basic support for detecting readonly status and avoiding write errors 
We now have syncadaptors returning  readonly status and avoid attempting to write to the server if it's going to fail
 2018-06-27 11:09:42 +01:00
Jermolene
620116a0b4 Fix two code typos 2018-06-27 11:08:09 +01:00
Jermolene
adfd65dae2 Return read_only status in /status response 2018-06-27 10:24:32 +01:00
Jermolene
687eae333d Refactor authorization checks 2018-06-27 10:24:14 +01:00
Jermolene
3d77f18734 Add support for requiring authentication without restricting the username 2018-06-27 09:47:20 +01:00
Jermolene
8a91c07fa9 Remove obsolete code 2018-06-27 09:47:05 +01:00
Jermolene
bdb68fea6d Do the right thing when we have a username but no password 
With a username parameter but no password parameter we'll attribute edits to that username, but not require authentication.
 2018-06-26 15:40:29 +01:00
Jermolene
501d0a8edc Be consistent about lower case parameter names 2018-06-26 15:39:43 +01:00
Jermolene
6f8711d469 Correct mistaken path.join vs. path.resolve 
See https://stackoverflow.com/a/39836259
 2018-06-25 17:19:50 +01:00
Jermolene
13f7959e63 Refactor the two authenticators into separate modules and add support for authorization 2018-06-25 17:11:41 +01:00
Jermolene
9f4c997292 Remove support for verifying optional named command parameters 
The idea was to be able to flag unknown parameter names, but requiring a command to pre-specify all the parameter names makes it harder for (say) the listen command to be extensible so that plugins can add new optional parameters that they handle. (This is particularly in the context of work in progress to encapsulate authenticators into their own modules).
 2018-06-23 16:23:04 +01:00
Jermolene
1c24b3a761 Rename "serverroute" module type to "route" 2018-06-23 09:28:59 +01:00
Jermolene
b70ebadda5 Refactor module locations 2018-06-22 22:02:57 +01:00
Jermolene
1eea89f138 Add support for multiple basic authentication credentials in a CSV file 
Beware: Passwords are stored in plain text. If that's a problem, use an authenticating proxy and the trusted header authentication approach.
 2018-06-22 21:29:56 +01:00
Jermolene
d6543cfbbf Add check for unknown parameters 2018-06-21 21:34:01 +01:00
Jermolene
d5e926d0c7 Refactor server handling 
* Introduce a new named parameter scheme for commands
* Move the SimpleServer class into it's own module
* Deprecate the --server command because of the unwieldy syntax
* Add a new --listen command using the new syntax

For example:

tiddlywiki mywiki --listen host:0.0.0.0 port:8090
 2018-06-21 20:58:42 +01:00
Jermolene
9024ab8f8e Missing "else" 2018-06-21 12:41:08 +01:00
Jermolene
db000efc9e Move support for attachments from a plugin into the core 2018-06-21 12:34:01 +01:00
Jermolene
24490984f1 Fix filename typo 2018-06-21 09:38:36 +01:00
Jermolene
7d06f75305 Coding standards tweaks 2018-06-21 09:32:15 +01:00
Jermolene
fca56add92 Merge branch 'master' into http-server 2018-06-21 08:42:32 +01:00
Jermolene
acaa07a964 First stab at a threaded commenting plugin 2018-06-21 08:36:15 +01:00
Jermolene
1ce9973bed Add optional debug logging to the server command 2018-06-20 12:43:41 +01:00
Jermolene
c29f5a1b61 Server command: map missing path to "/" 
Otherwise, the user gets a 404 if we use a path prefix and the user omits the trailing slash
 2018-06-20 12:18:35 +01:00
BurningTreeC
2a3f1b4403 Make tm-full-screen work in all windows (#3334) 
this makes tm-full-screen work in new windows, too
 2018-06-16 10:03:38 +01:00
Jermolene
7557b8b5b7 Remove extraneous debugging code from 35cbb127a3 2018-06-15 11:34:06 +01:00
Jermolene
35cbb127a3 Restrict variable substitutions to macros defined with the define pragma 
Fixes #3333
 2018-06-15 08:31:02 +01:00
Jermolene
aba9c94f5a Fix coding standards for put.js 
A few minor things, but the accidental use of "const" is serious: TW5 is intended to run on ES5.
 2018-06-13 15:50:47 +01:00
Jermolene
bacf500d50 Avoid deprecated new Buffer() usage 
See https://alexatnet.com/node-js-10-important-changes/#buffer-1

> Uses of new Buffer() and Buffer() outside of the node_modules directory will now emit a runtime deprecation warning.

More details: https://nodejs.org/api/buffer.html#buffer_buffer_from_buffer_alloc_and_buffer_allocunsafe
 2018-06-13 11:22:17 +01:00
Jermolene
2e51f08bef Add support for rebasing headings at render time 
Fixes #3330
 2018-06-10 15:54:23 +01:00
Jermolene
29606c6d24 Refactor new journal actions 
Using contained actions, as we were, meant that the actions (and in this case the wikify widget) were being rendered at render time, but might have been out of date by the time the actions were triggered. Using the action attribute ensures the actions are rendered when they are executed.

Fixes #3326
 2018-06-06 19:41:02 +01:00
Jermolene
6b14969cf6 Display a warning for binary tiddlers in view mode 
The base64 data is currently parsed as wikitext, which is slow and unhelpful

We already display the same warning for binary tiddlers in edit mode.
 2018-05-18 17:53:07 +01:00
Jermolene
33453039fc Fix broken import previews 
All three were inadvertently showing the existing tiddler (if any), not the imported tiddler.
 2018-05-16 17:40:15 +01:00
Jermolene
6e2b4ebf3e Remove print-tiddler-window button for v5.1.17 
We'll reconsider it for v5.1.18
 2018-05-12 11:20:43 +01:00
Jermolene
737e9ae4cb Revert multiple suboperator functionality from the "is" operator 
See the discussion here: https://github.com/Jermolene/TiddlyWiki5/pull/3240#issuecomment-388035466
 2018-05-10 13:15:49 +01:00
Jermolene
e11282cc08 Fix name of print tiddler button 2018-05-10 11:36:57 +01:00
Jermolene
2beae0db2e Tweaks for the new print tiddler toolbar button 2018-05-10 11:35:18 +01:00
Jermolene
523060e823 Add new "print tiddler" button for the view toolbar 
It works by opening the tiddler in a new window and then triggering the browser print dialogue.
 2018-05-10 11:33:23 +01:00
Jermolene
b95aa6ec6a Fix problem with repeated "new journal" with text set 
Fixes problem whereby a repeated "new journal" would replace the text of the existing journal tiddler if the control panel new journal text was set.

Fixes #3028 and #3265
 2018-05-10 11:28:07 +01:00
Jermolene
e6466b2c32 Fix problem with extraneous space in new journal titles 2018-05-10 08:52:02 +01:00
Matt Lauber
0ab9ec1ad3 Refactored the is operator for simplicity and efficiency. (#3240) 
* Refactored the is operator for simplicity and efficiency.

* Improve `is` filter documentation.

* Update is.js

* extracted `subops.length` to `num_of_subops`
* renamed `subop` to `operator` for clarity/differentiation from `subops`
* refactored to avoid using a `Set` object.

* Update is.js
 2018-05-09 18:07:08 +01:00
Devin Weaver
230c13129a Fix undefined xhr bug (#3262) 
Closes #3261

Bug introduced in commit f9be41720 ("Minor tweak for RetrieveETag
(#3257)", 2018-05-05)
 2018-05-09 18:04:52 +01:00
Daniel Rodríguez Rivero
4c89bbabbe Retain $:/status/UserName when logged out (#2893) 
The user name tiddler should not be removed just because we are not logged in
 2018-05-09 14:22:55 +01:00
Bram Chen
f9be417204 Minor tweak for RetrieveETag (#3257) 
Need to check if the server responses a null value for ETag.
(In the case testing with build-in webdav server of CarotDAV on Windows 10)
 2018-05-05 11:40:41 +01:00
Sebastian Silva
46e8e4343a Fix WebDAV by requesting new ETag. (#3230) 
* Fix WebDAV by requesting new ETag conditionally

For me. this was saving only the first time and subsequently failing.
Having revised the requests, I noticed it didn't get a new ETag after saving.
Seems not all WebDAV implementations return a new ETag in PUT requests.

In my WebDAV service (WsgiDAV) - ETag is only served from a HEAD
request.

So if no ETag is found with PUT - we request one with HEAD.

This patch fixes error handling and should also work with servers that
provide ETag directly upon PUT.

* Add tweak from PMario
 2018-05-04 11:48:38 +01:00
Jermolene
ab5e5795e8 Fix issue with lazy loading temporary tiddlers 
Fixes #3235
 2018-05-03 18:27:17 +01:00