1
0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2024-11-16 06:44:50 +00:00
Commit Graph

277 Commits

Author SHA1 Message Date
snlhnk
c05c0d3df6 Module-ize server routes, add static file support and other enhancements(#2679)
* Module-ize server routes and add static file support (#2510)

* Refactor server routes to modules

New module type: serverroute

Caveats: Loading order is not deterministic but this would only matter
if two route modules attempted to use the same path regexp (that would
be silly).

* Add static assets plugin

This plugin allows the node server to fetch static assets in the /assets
directory. I felt that this was a feature that goes above the core
functionality. That is why I added it as a plugin. with the modular
route extensions this was a breeze.

* Add serverroute description to ModuleTypes

* Coding standards tweaks

* Fix filename typo

* Move support for attachments from a plugin into the core

* Missing "else"

* Refactor server handling

* Introduce a new named parameter scheme for commands
* Move the SimpleServer class into it's own module
* Deprecate the --server command because of the unwieldy syntax
* Add a new --listen command using the new syntax

For example:

tiddlywiki mywiki --listen host:0.0.0.0 port:8090

* Add check for unknown parameters

* Add support for multiple basic authentication credentials in a CSV file

Beware: Passwords are stored in plain text. If that's a problem, use an authenticating proxy and the trusted header authentication approach.

* Refactor module locations

* Rename "serverroute" module type to "route"

* Remove support for verifying optional named command parameters

The idea was to be able to flag unknown parameter names, but requiring a command to pre-specify all the parameter names makes it harder for (say) the listen command to be extensible so that plugins can add new optional parameters that they handle. (This is particularly in the context of work in progress to encapsulate authenticators into their own modules).

* Refactor the two authenticators into separate modules and add support for authorization

* Correct mistaken path.join vs. path.resolve

See https://stackoverflow.com/a/39836259

* Docs for the named command parameters

I'd be grateful if anyone with sufficient Windows experience could confirm that the note about double quotes in "NamedCommandParameters" is correct.

* Be consistent about lower case parameter names

* Do the right thing when we have a username but no password

With a username parameter but no password parameter we'll attribute edits to that username, but not require authentication.

* Remove obsolete code

* Add support for requiring authentication without restricting the username

* Refactor authorization checks

* Return read_only status in /status response

* Fix two code typos

* Add basic support for detecting readonly status and avoiding write errors

We now have syncadaptors returning  readonly status and avoid attempting to write to the server if it's going to fail

* Add readonly-styles

We hide editing-related buttons in read only mode

I've made this part of the tiddlyweb plugin but I think a case could be made for putting it into the core.

* Add custom request header as CSRF mitigation

By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"

See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers

* Add support for HTTPS

* First pass at a route for serving rendered tiddlers

cc @Drakor

* Tweaks to the single tiddler static view

Adding a simple sidebar

* Switch to "dash" separated parameter names

* Typo

* Docs: Update ServerCommand and ListenCommand

* First pass at docs for the new web server stuff

Writing the docs is turning out to be quite an undertaking, much harder than writing the code!

* Get rid of extraneous paragraphs in static renderings

* Rejig anonymous user handling

Now we can support wikis that are read-only for anonymous access, but allow a user to login for read/write access.

* More docs

Slowly getting there...

* Static tiddler rendering: Fix HTML content in page title

* Docs updates

* Fix server command parameter names

Missed off 30ce7ea

* Docs: Missing quotes

* Avoid inadvertent dependency on Node.js > v9.6.0

The listenOptions parameter of the plain HTTP version of CreateServer was only introduced in v9.6.0

cc @Drakor @pmario

* Typo
2018-07-18 16:54:43 +01:00
Jermolene
bacf500d50 Avoid deprecated new Buffer() usage
See https://alexatnet.com/node-js-10-important-changes/#buffer-1

> Uses of new Buffer() and Buffer() outside of the node_modules directory will now emit a runtime deprecation warning.

More details: https://nodejs.org/api/buffer.html#buffer_buffer_from_buffer_alloc_and_buffer_allocunsafe
2018-06-13 11:22:17 +01:00
BurningTreeC
afe14b47b5 draggable widget: actions on drag-start and drag-end (#3203)
* pass drag-start end drag-end actions to draggable

* Update dragndrop.js

* Update dragndrop.js

* Update dragndrop.js

* Update dragndrop.js

* Update dragndrop.js

* renaming dragstart/dragend -> start/end

* renaming dragstart/dragend -> start/end

* adding docs
2018-04-08 10:29:17 +01:00
Skeeve
6401b5c886 Now fixing bug mentioned in groups (#3188)
* fixed the "0 is not a number bug" in listops and x-listops

* Fixed one comment

* "default" is not a good name for a variable

* Following code styles.
Moving getInt to utils.

* Removing unwanted spaces introduced by me
2018-04-02 19:40:47 +01:00
Jeremy Ruston
aa7b18427f
Incorporate “diff” engine to show visual differences (#3112) 2018-03-16 20:38:35 +00:00
Jermolene
1c8170463c Simplify page scrolling behaviour
Fixes #2180
2018-01-30 11:29:07 +00:00
Jermolene
327fed30c8 Mitigate problem with microscropic editor in zoomin view
See #3098
2018-01-23 16:22:35 +00:00
BurningTreeC
42660b05a7 check if dataTransfer is undefined (#3093)
this prevents an error when dragging elements not by mouse where dataTransfer can be undefined
2018-01-20 17:28:10 +00:00
Jermolene
ca43a28d0e Fix copy to clipboard for iOS 10/11 2017-12-17 21:37:29 +00:00
Jermolene
d2ff164c07 Add support for tm-copy-to-clipboard message 2017-12-15 15:08:18 +00:00
Jermolene
b4ec32ca70 Export transliteration pairs
Just in case plugins want to use them
2017-11-10 14:37:31 +00:00
Jermolene
d7a6816307 Add jsonstringify operator 2017-10-29 15:53:53 +00:00
Jermolene
05a3d9a302 Syncer: allow logging to be disabled
We don't want the syncer used by the savetrail plugin to be logging
2017-09-26 17:10:57 +01:00
Jermolene
1dcc8c99e5 Ensure we don't colour browser logs under nw.js
Under nw.js $tw.browser and $tw.node are both true...
2017-09-22 15:18:11 +01:00
Jermolene
1b7d9d65f4 Only use colour output if we're on a terminal
And not if we’re running on AWS Lambda, for instance
2017-09-07 15:47:36 +01:00
Jermolene
51b1ead5c9 Add more colour to command line output 2017-09-04 14:55:12 +01:00
Jermolene
90c1c6242e Fix typo 2017-08-28 10:29:36 +01:00
Jermolene
5cdf86b307 Add more transliterate pairs
Should help avoid me accidentally committing files with accents in
their titles
2017-08-26 23:17:53 +01:00
Jermolene
d3a2cfb2bc Move $tw.utils.transliterate() into its own file 2017-08-26 23:11:22 +01:00
Marxsal
4db950cc45 Add ability to now macro to return same UTC string used in date fields (#2884)
* Add ability to now macro to return same UTC string used in the modified and created fields.

* Revert "Add ability to now macro to return same UTC string used in the modified and created fields."

This reverts commit 7b6ad7db4a.

* Mods to formatDateString to adjust displayed date to UTC for [UTC]
format. Corresponding doc changes, and optimization for special
case.
2017-07-01 18:09:16 +01:00
Jermolene
432542bbcc Don't throw errors when hitting limits of the fakedom 2017-06-09 15:20:45 +01:00
Jermolene
1e106a8f3d Better handling of dropeffect 2017-03-28 15:09:36 +01:00
Jermolene
f3cab3753e Don't set draggable property for links 2017-03-28 13:05:00 +01:00
Jermolene
d3fe4f600a Partially fix drag and drop on IE11
These changes allow drag and drop to work with one issue: <a> links are
not draggable; draggable divs, spans, buttons etc. seem to work fine.
There’s some issue with IE11 that I don’t understand.

For testing, you can force links to become spans by changing line 64 of
$:/core/modules/widgets/link.js to:

	var domNode = this.document.createElement("span");
2017-03-27 09:59:40 +01:00
Jermolene
1f860bd04e Fix problem with dragging links 2017-03-23 17:52:15 +00:00
Jermolene
b1ed77d6b8 Switch drag image to use draggable DOM node
We’ll still support dragging pills, but dragging the DOM node image
seems to look better in most situations.
2017-03-23 17:02:26 +00:00
Jermolene
8f1114960a Refactor draggable stuff for easier reuse
And in the process, make the button widget draggable.

Unfortunately, Firefox has a bug that prevents buttons from being
dragged (see https://bugzilla.mozilla.org/show_bug.cgi?id=568313 and
https://bugzilla.mozilla.org/show_bug.cgi?id=646823). So we have to use
the “tag” attribute to make it use a different element.
2017-03-23 14:23:33 +00:00
Jermolene
bea33efd63 Fix problem with dragging text snippets 2017-03-20 22:03:28 +00:00
Jermolene
eba1c3c160 Improve support for drag and drop
Documentation TBD
2017-03-19 19:33:56 +00:00
Jermolene
b9fbe12118 More defensive deepFreeze()
IE11 chokes on Object.freeze(undefined)
2017-03-17 14:20:04 +00:00
Jermolene
73e1724fdf Extend $tw.utils.httpRequest() to cope with binary data
The problem was that `this.responseText` crashes for non-text data. We
fix it by letting the client specify which property should be returned.

@ericshulman does this work for you?
2017-03-17 13:41:17 +00:00
Jermolene
b1ecf81b0c Tentative improvements to highlight plugin problems
We now use highlight.js in raw HTML mode on the server, rather than
trying to use it with the fakedom. This causes problems with fakedoms
inability to get textContent for a node that has been created by
assigning innerHTML. So we extend the fakedom to allow the original
text content to be saved.

See #2778 for discussion.
2017-02-21 13:09:32 +00:00
Jermolene
3708f6c8e4 Major refactoring of filesystemadaptor
The code here had got a bit broken by some PRs that I should have
checked more carefully. I’ve done a major refactoring which will
hopefully make it easier to understand, and fixes a number of problems:

* Problem with eg .md tiddlers not being deleted correctly
* Problem with Windows path separators not being usable within
$:/config/FileSystemPaths on Windows
* Problem with filename clashes not being detected correctly when
saving to a different directory via $:/config/FileSystemPaths
* Enables slashes within tiddler titles to be mapped into folders
* Enables plain text files like .md and .css to be saved with .meta
files instead of as .tid files (see #2558)
* No longer replaces spaces with underscores

As this is such a major update, I’d be grateful if Node.js users could
give it a careful run through — in particular, you’ll need to try
creating new tiddlers of various types and ensure that the expected
files are created.
2017-02-11 12:56:42 +00:00
Mario Pietsch
b43b89f44a fix for 2634 problems with week calculation 2016-11-29 17:31:54 +01:00
Jermolene
b759d82f4c @pmario's fix for #2635
This got reverted due to my git inabilities
2016-11-28 13:43:43 +00:00
Mario Pietsch
766bc7acee Fix for #2634 problem with week calculations (#2635) 2016-11-27 17:33:19 +00:00
Jermolene
c8f7573a23 Make fakedom more resilient to non-string data 2016-11-22 20:24:59 +00:00
Jermolene
8e02bde938 Refinements to 87fa7f972c 2016-10-18 16:39:18 +01:00
Devin Weaver
f1090d749e Fix str.length strEndsWith bug (#2572)
This was some how missed in dev testing I guess. @buggyj suggested this.

Should fix #2571
2016-10-08 14:06:30 +01:00
Jermolene
08cfa88249 Fix problem with unsafe use of String.prototype.replace()
We were using `String.prototype.replace()` without addressing the
wrinkle that dollar signs in the replacement string have special
handling. This caused problems in situations where the replacement
string is derived from user input and contains dollar signs.

Fixes #2517
2016-08-06 14:45:33 +01:00
Jermolene
e49d310ea9 Relax external link matching to ignore illegal characters
Fixes #2501, and rolls back some of #2324
2016-07-20 11:37:44 +01:00
Jermolene
782553eb62 Remove tilde from characters not allowed in external URLs 2016-07-13 14:06:47 +01:00
Jermolene
dca9e008ce Remove single quote from illegal characters in URLs
Fixes #2493
2016-07-12 17:22:20 +01:00
Devin Weaver
bf74d13df5 Handle binary files better when saving on Node.JS (#2420)
* Save binary tiddlers with meta file

The filesystemadaptor plugin was a little simplistic in its
understanding of a binary file. It was using the typeInfo dictionary to
choose what tiddler types were binary (and hence needed a meta file when
saving).

I looked as if it was trying to be smart by looking for the hasMetaFile
*OR* had the encoding of base64. Unfortunately the typeInfo only defined
image/jpeg and so any other base64 encoded tiddler was assumed to be of
type text/vnd.tiddlywiki.

The net effect was only JPG images got a meta file and everything else
were saved as .tid files with base64 encoding. It all still worked but
made working with binary data in a Git repo a bit daunting.

There is enough information in the $tw.config.contentTypeInfo to
determine if a tiddler type is encoded with base64 or not. A better list
is available from boot/boot.js who registers all the types thorough the
registerFileType and marks then with base64 were appropriate.

This commit uses the typeInfo dictionary first for any filesystem
specific overrides, then the contentTypeInfo, and finally defaults to
the typeInfo["text/vnd.tiddlywiki"]. It also eliminates the now
unnecessary override for image/jpeg.

I think this might have been the original intent from commit 10b192e7.
From my limited testing all files described in boot/boot.js (lines
1832-1856) with an encoding of base64 now save as the original binary
and a meta file. Meaning that when you start the node server and then
drag-n-drop a binary file (i.e. image/png) it will PUT to the server
and then save it on the filesystem as-is allowing the file to be managed
as a binary file and not a text file. (Binary diffs are better and
GitHub supports them as well).

* Prevent duplicate file extensions

A side effects of using the $tw.config.contentFileInfo in the previous
commit is that it will always append a file extension to the tiddler
title when saving. In most cases this is the correct course of action.
However, sometimes that title is already a proper filename with an
extension (for example importing 'foobar.png' would save a file named
'foobar.png.png') which seemed silly.

This commit simply checks to make sure the title does not already end
with the file extension before appending it to the filename. A little
convenience really.

Since IE apparently doesn't have the String endsWith method I took the
liberty to add a helper method to $tw.utils trying to follow the other
polyfill patterns. I figured this was more generic and readable then
attempting to use a one-off solution inline. I got the polyfill code
from MDN.
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/endsWith#Polyfill

Is strEndsWith the best method name?
2016-07-11 11:18:19 +01:00
Richard Smith
b326ba5b2c Fixed: Titles containing a URL are interpreted as external links (#2324) 2016-06-05 20:03:04 +01:00
Jermolene
f846a004b6 Partial fix for copyStyles problem under Chrome
There’s still a problem: in Chrome, the styling of the textarea
placeholder isn’t correct.
2016-05-17 15:45:10 -06:00
Myeongjin
6388f859d1 Add localisable strings for error (#2447)
* Add localisable strings for error

* Update tiddler Transclusion Basic Usage in fr-FR
2016-05-17 21:58:47 +01:00
Myeongjin
8afc1e9354 Add localisable strings (#2438)
* Add localisable string for recursive transclusion error

* Add localisable string for count

* Add localisable strings for syncer
2016-05-12 08:44:28 -06:00
Jermolene
e54cc7b211 Fix copyStyles() not working in Firefox
Yet more browser incompatibilities to weep over…
2016-05-09 14:11:08 -06:00
Jermolene
3a3754aebb Add rel="noopener noreferrer" to external links
Background:
https://medium.com/@jitbit/target-blank-the-most-underestimated-vulnerab
ility-ever-96e328301f4c#.hduwdbjlb
2016-05-05 11:49:40 +01:00