mirrors/TiddlyWiki5
1
0
Fork 0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2025-09-11 23:36:05 +00:00
Code Issues Releases Wiki Activity
8,504 Commits 121 Branches 70 Tags
30ce7ea49a49664740386b9bd3fc2d6316546ced
Commit Graph

8504 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jermolene
30ce7ea49a Switch to "dash" separated parameter names 2018-07-01 14:08:23 +01:00
Jermolene
cc2f5e0d11 Tweaks to the single tiddler static view 
Adding a simple sidebar
 2018-07-01 12:05:51 +01:00
Jermolene
0d7d1ad67e First pass at a route for serving rendered tiddlers 
cc @Drakor
 2018-06-30 14:35:37 +01:00
Jermolene
ed2546c8ff Add support for HTTPS 2018-06-27 22:07:06 +01:00
Jermolene
867488a25b Add custom request header as CSRF mitigation 
By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"

See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers
 2018-06-27 19:10:36 +01:00
Jermolene
cca73d0c85 Add readonly-styles 
We hide editing-related buttons in read only mode

I've made this part of the tiddlyweb plugin but I think a case could be made for putting it into the core.
 2018-06-27 11:16:13 +01:00
Jermolene
740a9b170e Add basic support for detecting readonly status and avoiding write errors 
We now have syncadaptors returning  readonly status and avoid attempting to write to the server if it's going to fail
 2018-06-27 11:09:42 +01:00
Jermolene
620116a0b4 Fix two code typos 2018-06-27 11:08:09 +01:00
Jermolene
adfd65dae2 Return read_only status in /status response 2018-06-27 10:24:32 +01:00
Jermolene
687eae333d Refactor authorization checks 2018-06-27 10:24:14 +01:00
Jermolene
3d77f18734 Add support for requiring authentication without restricting the username 2018-06-27 09:47:20 +01:00
Jermolene
8a91c07fa9 Remove obsolete code 2018-06-27 09:47:05 +01:00
Jermolene
bdb68fea6d Do the right thing when we have a username but no password 
With a username parameter but no password parameter we'll attribute edits to that username, but not require authentication.
 2018-06-26 15:40:29 +01:00
Jermolene
501d0a8edc Be consistent about lower case parameter names 2018-06-26 15:39:43 +01:00
Jermolene
43b64fc2ca Docs for the named command parameters 
I'd be grateful if anyone with sufficient Windows experience could confirm that the note about double quotes in "NamedCommandParameters" is correct.
 2018-06-26 13:36:13 +01:00
Jermolene
6f8711d469 Correct mistaken path.join vs. path.resolve 
See https://stackoverflow.com/a/39836259
 2018-06-25 17:19:50 +01:00
Jermolene
13f7959e63 Refactor the two authenticators into separate modules and add support for authorization 2018-06-25 17:11:41 +01:00
Jermolene
9f4c997292 Remove support for verifying optional named command parameters 
The idea was to be able to flag unknown parameter names, but requiring a command to pre-specify all the parameter names makes it harder for (say) the listen command to be extensible so that plugins can add new optional parameters that they handle. (This is particularly in the context of work in progress to encapsulate authenticators into their own modules).
 2018-06-23 16:23:04 +01:00
Jermolene
1c24b3a761 Rename "serverroute" module type to "route" 2018-06-23 09:28:59 +01:00
Jermolene
b70ebadda5 Refactor module locations 2018-06-22 22:02:57 +01:00
Jermolene
1eea89f138 Add support for multiple basic authentication credentials in a CSV file 
Beware: Passwords are stored in plain text. If that's a problem, use an authenticating proxy and the trusted header authentication approach.
 2018-06-22 21:29:56 +01:00
Jermolene
d6543cfbbf Add check for unknown parameters 2018-06-21 21:34:01 +01:00
Jermolene
d5e926d0c7 Refactor server handling 
* Introduce a new named parameter scheme for commands
* Move the SimpleServer class into it's own module
* Deprecate the --server command because of the unwieldy syntax
* Add a new --listen command using the new syntax

For example:

tiddlywiki mywiki --listen host:0.0.0.0 port:8090
 2018-06-21 20:58:42 +01:00
Jermolene
9024ab8f8e Missing "else" 2018-06-21 12:41:08 +01:00
Jermolene
db000efc9e Move support for attachments from a plugin into the core 2018-06-21 12:34:01 +01:00
Jermolene
24490984f1 Fix filename typo 2018-06-21 09:38:36 +01:00
Jermolene
7d06f75305 Coding standards tweaks 2018-06-21 09:32:15 +01:00
Jermolene
fca56add92 Merge branch 'master' into http-server 2018-06-21 08:42:32 +01:00
Jermolene
acaa07a964 First stab at a threaded commenting plugin 2018-06-21 08:36:15 +01:00
Bram Chen
23797b05a1 Add chinese help text of debuglevel for the server command (#3337) 2018-06-20 17:16:30 +01:00
Jermolene
1ce9973bed Add optional debug logging to the server command 2018-06-20 12:43:41 +01:00
Jermolene
c29f5a1b61 Server command: map missing path to "/" 
Otherwise, the user gets a 404 if we use a path prefix and the user omits the trailing slash
 2018-06-20 12:18:35 +01:00
BurningTreeC
2a3f1b4403 Make tm-full-screen work in all windows (#3334) 
this makes tm-full-screen work in new windows, too
 2018-06-16 10:03:38 +01:00
Jermolene
7557b8b5b7 Remove extraneous debugging code from 35cbb127a3 2018-06-15 11:34:06 +01:00
Jermolene
35cbb127a3 Restrict variable substitutions to macros defined with the define pragma 
Fixes #3333
 2018-06-15 08:31:02 +01:00
Jermolene
aba9c94f5a Fix coding standards for put.js 
A few minor things, but the accidental use of "const" is serious: TW5 is intended to run on ES5.
 2018-06-13 15:50:47 +01:00
Jermolene
bacf500d50 Avoid deprecated new Buffer() usage 
See https://alexatnet.com/node-js-10-important-changes/#buffer-1

> Uses of new Buffer() and Buffer() outside of the node_modules directory will now emit a runtime deprecation warning.

More details: https://nodejs.org/api/buffer.html#buffer_buffer_from_buffer_alloc_and_buffer_allocunsafe
 2018-06-13 11:22:17 +01:00
Jermolene
2e51f08bef Add support for rebasing headings at render time 
Fixes #3330
 2018-06-10 15:54:23 +01:00
Jermolene
29606c6d24 Refactor new journal actions 
Using contained actions, as we were, meant that the actions (and in this case the wikify widget) were being rendered at render time, but might have been out of date by the time the actions were triggered. Using the action attribute ensures the actions are rendered when they are executed.

Fixes #3326
 2018-06-06 19:41:02 +01:00
Jermolene
17e73befde Docs: Update IIS setup instructions 
Reference to the wiki folder was incorrect
 2018-06-01 10:30:46 +01:00
Jermolene
89f99151b3 Correction to the IIS installation instructions 2018-05-30 18:25:30 +01:00
Jermolene
d2682b71ff DynaView: Only apply minimum height to tiddlers that are not yet visible 2018-05-25 11:08:27 +01:00
Jermolene
121e868ca4 Merge branch 'master' of https://github.com/Jermolene/TiddlyWiki5 2018-05-23 14:18:28 +01:00
Jermolene
4b42173962 DynaView: refactor checkVisibility for performance and readability 2018-05-23 14:17:49 +01:00
Jermolene
01bdaff005 Separate the two reveal-on-scroll examples 
Making them easier to understand and copy
 2018-05-23 14:17:23 +01:00
AnthonyMuscio
edcf1b1d41 Update cla-individual.md (#3305) 2018-05-21 10:40:16 +01:00
BurningTreeC
05af050cbf CodeMirror plugin: tweak for font-size (#3294) 2018-05-19 08:50:18 +01:00
Jermolene
6b14969cf6 Display a warning for binary tiddlers in view mode 
The base64 data is currently parsed as wikitext, which is slow and unhelpful

We already display the same warning for binary tiddlers in edit mode.
 2018-05-18 17:53:07 +01:00
Jermolene
f0b7c9a3d5 TextSlicer: Fix external links 2018-05-17 18:30:21 +01:00
Jermolene
33453039fc Fix broken import previews 
All three were inadvertently showing the existing tiddler (if any), not the imported tiddler.
 2018-05-16 17:40:15 +01:00