1
0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2024-12-28 19:10:28 +00:00
Commit Graph

45 Commits

Author SHA1 Message Date
lin onetwo
3f763775d6
Feat: decode url-encoded user name in authenticate request header to allow CJK username in header (#7471)
* fix: CJK in header has to be urlEncoded

* refactor: use $tw.utils.decodeURIComponentSafe

* docs: about chagne in this field

* docs: update

* docs: use less "field"
2023-05-22 12:25:51 +01:00
Mario Pietsch
b61aef27d7
External-js file naming adjusted. import docs form tw5.com. make extrnal-js more visible (#7361)
* external-js file naming adjusted. import docs form tw5.com. make external-js more visible

* add comment about doc usage in server-external-js edition

* add changes suggested by cdruan

* change modifed date to start vercel rebuild process
2023-05-06 11:37:05 +01:00
jeremy@jermolene.com
02d28c100b Merge branch 'tiddlywiki-com' 2023-01-15 18:46:46 +00:00
Wincent Balin
0ee53bbc01
Use British English (#7180)
Fixed some typos too.
2023-01-12 20:59:34 +00:00
jeremy@jermolene.com
95e6168839 Fix logout triggering 404 error
See https://talk.tiddlywiki.org/t/logout-error-xmlhttprequest-error-code-404/5590/5 for details

We can't POST to the logout endpoint without triggering authentication, so we report in advance whether logout is supported.
2022-12-24 12:13:01 +00:00
Mario Pietsch
cc47bb0330
Improve readability for: Using the external JavaScript template (#7097)
* Improve readability for: Using the external JavaScript template

* remove the extra button
2022-12-10 14:10:54 +00:00
jeremy@jermolene.com
fe74a776e9 Docs: Add note for retrieving system tiddlers via HTTP under Node.js
See #6866
2022-09-09 10:02:26 +01:00
jeremy@jermolene.com
8af99878cc Add version tags for #5899 2022-02-21 09:56:05 +00:00
Joshua Fontany
d6d2bc455c
Fix server options (#5899)
* removed illegal cahracter in filename

* fixes required plugin options & updates docs

* Update dev docs

* call self.displayError

* Revert "call self.displayError"

This reverts commit 5d599aa979.

* adds path based auth (backwards compatible)

* refactor per-route auth

* get status bug

* server options

* server options

* server options, new 'server-settings' param

* reflow

* fix boot.origin

* refactor new parameters

* restore sitetitle as servername option

* Soft reset to master

* docs update

* tweak wording

* docs

* cleanup

* remove literal string

* cleanup docs

* formatting

* Remove per-path auth

* revert get-status

* fold in PR 5538

* remove server-options

* remove doc

* required-plugins a server-parameter, not option
2022-02-21 09:53:06 +00:00
jeremy@jermolene.com
fba993502d Revert some of the UI changes for downloading external-js
See https://github.com/Jermolene/TiddlyWiki5/pull/5570#issuecomment-892127428
2021-09-12 10:48:17 +01:00
Arlen22
be026aa308
Revert "Add server sent events (#5279)" (#5880)
This reverts commit 17b4f53ba2 according to Github Desktop.

git checkout that commit
revert commit in GitHub Desktop
git switch -c revert-sse
uncommit in Github Desktop
switch to master, bringing changes
resolve deletions with command line
2021-07-14 17:16:57 +01:00
cdruan
23fec9e390
Fix faulty external-js single-file wiki (#5570)
* Fix problems with building single-file wiki using external-js template

* core/templates/external-js/tiddlywiki5-external-js.html.tid,
  core/templates/external-js/save-all-external-js.tid,
  core/templates/external-js/save-offline-external-js.tid
  core/templates/external-js/load-external-js.tid:
  Fix #5343. Exclude client-server plugins in tiddler imports and to
  specify a working URL for loading tiddlywiki5.js from local disk.
  Mirror save/all and save/offline templates in the regular server
  edition.

  Fix #4717 (tiddlywiki5-external-js.html.tid)

* core/modules/saver-handler.js:
  Need the change to make single file autosave work with the external-js
  template.

* editions/server-external-js/tiddlywiki.info:
  Provide external-js related build targets.

* core/language/en-GB/Snippets/ExtJSReadme.tid:
  Temporary doc to supplement TW5.com's external-js section. Demonstrate
  that upgrade could be done on single-file wikis with an externalized
  TW core.

* core/language/en-GB/Snippets/GetTiddlyWikiJS.tid:
  Documentation. Meant to be included in every wiki and to help end
  users acquire tiddlywiki5.js.

* Pre-configure save-wiki template for end-users

* Remove the newline character at the end of the file.

* Trim "template" value in saveWiki()

* Safeguard the code from extraneous whitespaces in transcluded result.

* Rename and add versioning to downloaded tiddlywiki core JS

* Rename "tiddlywiki5.js" to "twcore-VERSION.js"

* Preload $:/config/SaveWikiButton/Template tiddler with the required
  external-js template value.

* Update external-js user documentation

* Add "download tiddlywiki core JS" menu item to the "cloud" button.

* Update build's target defintions associated with external-js template.

* Move the user doc to the tw5.com edition.

* Coding style update

* Undo template name changes

* Correct text & fill colors on some disabled buttons

* Add new "export tiddlywiki core" button under page control tools

This new button can export tiddlywiki's core JS from user's wiki as
long as the wiki is served with the regular "root" template. The
button will be ineffective, thus disabled, if the core has already been
externalized by the "external-js" template.

With this button, a full standalone html wiki can obtain the matching
core JS without TiddlyWiki on node.js. Once this is done, the html wiki
can be converted to using the "external-js" template.

* Alternate version of "save tiddlywiki core for offline use"

This version will fire up a "Save File" dialogue box when clicked,
instead of directing the user to a helper doc for further instruction.
It achieves this by using the "download" attribute of the <a> html tag.
It works on most modern desktop browsers, but older browsers (e.g. IE)
may display the file instead.

* Adjust font-weight to match other menu items

* Merge two user documentations into one

* Add user-browser-cache=yes to --listen command

* Update "export tiddlywiki core" button hint

* Simpler implementation for switching btw online/offline core URL

Shave off one template by using filtered transclusion to control
online/offline core URL.

* Update user doc

Update the user doc to clarify that build index step is not needed to
initialize a new wiki.

* Rename twcore to tiddlywikicore

* Reformat the user doc

* Rework export-tiddlywikicore button

Popup an error message instead of disabling the button when export
core cannot be performed.

* Revert "Correct text & fill colors on some disabled buttons"

This reverts commit e7dbb7e712.
2021-07-06 15:02:21 +01:00
jeremy@jermolene.com
a725da2b39 Merge branch 'tiddlywiki-com' 2021-04-18 10:10:39 +01:00
jeremy@jermolene.com
7878e77e96 Update docs for PUT and DELETE APIs to mention CSRF requirements 2021-04-18 10:09:49 +01:00
Nicolas Petton
afa490a0c1
Fix a typo in WebServer Parameter_ sse-enabled.tid (#5407) 2021-01-15 12:20:22 +00:00
Nicolas Petton
17b4f53ba2
Add server sent events (#5279)
* Create server-sent-events.js

* Create sse-change-listener.js

* Implement server sent events

* Convert to ES5 and wrap in function

* Use the host string from tiddlyweb

* Improve comments in sse-server.js

* Can't use object reference as key

* Add retry timeout

* Fix a bug

* bug fix

* Fix formatting

* Fix ES5 compat

* capitalize comments

* more fixes

* Refactor tiddlywek/sse-server.js

* Extract helper functions for handling wikis and connections.
* Replace JSDoc comments.
* Fix formatting according to TW core.
* Simplify the logic for adding and removing connections.

* Fix formatting of tiddlyweb/sse-client.js

Fix formatting according to TW core.

* Fix formatting of server-sent-events.js

Fix formatting and comments following TW core guidelines.

* Extract a debounce function in sse-client.js

* Avoid using startsWith in server-sent-events.js

startsWith is part of ES2015, while TiddlyWiki uses the 5.1 dialect.

* New sse-enabled WebServer parameter

* If not set to "yes", disabled SSE request handling.
* Add documentation for the parameter in core/language/en-GB/Help/listen.tid
* Add new tiddler editions/tw5.com/tiddlers/webserver/WebServer Parameter_ sse-enabled.tid

* Disable polling for changes if SSE is enabled

* Add sse_enabled to /status JSON response
* Store syncer polling status in $:/config/SyncDisablePolling
* Handled disabling polling in core/modules/syncer.js

* Simply boolean logic in syncer.js

* Delete trailing whitespaces in syncer.js

Co-authored-by: Arlen22 <arlenbee@gmail.com>
2021-01-15 10:37:55 +00:00
jeremy@jermolene.com
36fe519eff Merge branch 'tiddlywiki-com' 2020-12-06 13:56:43 +00:00
Florian Kohrt
706fc3e06e
Fix typo; closes #4815 (#4844) 2020-11-30 21:33:16 +00:00
jeremy@jermolene.com
0d434583ec Merge branch 'tiddlywiki-com' 2020-11-19 10:01:23 +00:00
jeremy@jermolene.com
9eec6ff915 Update path-prefix docs
Addressing @OblivionSY's comment https://github.com/Jermolene/TiddlyWiki5/issues/4898#issuecomment-717207456
2020-10-27 12:32:06 +00:00
jeremy@jermolene.com
f74c49f393 Fix syncing issues with external JS template
Fixes #4808
2020-08-14 11:06:08 +01:00
Jeremy Ruston
28fe82feff Merge branch 'tiddlywiki-com' 2020-04-15 16:03:38 +01:00
scott willeke
4873e9447a
fix the example path (#4419) 2020-04-14 17:47:46 +01:00
Jeremy Ruston
b95723a022
Fix syncer to handler errors properly (#4373)
* First commit

* Add throttling of saves

Now we refuse to save a tiddler more often than once per second.

* Wait for a timeout before trying again after an error

* Modest optimisations of isDirty() method

* Synchronise system tiddlers and deletions from the server

Fixes two long-standing issues:

* Changes to system tiddlers are not synchronised from the server to the browser
* Deletions of tiddlers on the server are not propagated to browser clients

* Make sure we update the dirty status even if there isn't a task to perform

* Replace save-wiki button with popup sync menu

* Remove the "Server" control panel tab

We don't need it with the enhanced sync dropdown

* Add indentation to the save-wiki button

* Fix spacing in dropdown menu items

* Switch between cloud icons according to dirty status

* Add a menu item to copy syncer logs to the clipboard

* Improve animated icon

* Remove indentation from save-wiki button

@pmario the annoying thing is that using `\trim whitespace` trims significant whitespace too, so it means we have to use <$text text=" "/> when we need a space that won't be trimmed. For the moment, I've removed the indentation but will keep thinking about it.

* Further icon, UI and copy text tweaks

Move the icons and styles from the core into the TiddlyWeb plugin

* Clean up PR diff

* Tweak animation durations

* Break the actions from the syncer dropdown into separate tiddlers

@pmario I think this makes things a bit easier to follow

* Refactor syncadaptor creation and logging

The goal is for the syncadaptor to be able to log to the same logger as the syncer, so that the "copy syncer logs to clipboard" data is more useful.

* Don't transition the dirty indicator container colour, just the SVG's colour

* Only trigger a sync for changes to tiddlers we're interested in

Otherwise it is triggered by the creation of the alert tiddlers used to display errors.

* Restore deleting local tiddlers removed from the server

(I had commented it out for some testing and accidentally commited it).

* Guard against missing adaptor info

* We still need to trigger a timeout when there was no task to process

* Avoid repeatedly polling for changes

Instead we only trigger a timeout call at if there is a pending task (ie a tiddler that has changed but isn't yet old enough to save).

* Lazy loading: include skinny versions of lazily loaded tiddlers in the index.html

* Introduce _is_skinny field for indicating that a tiddler is subject to lazy loading

* Remove savetrail plugin from prerelease

It doesn't yet work with the new syncer

* Make the savetrail plugin work again

* Clear outstanding alerts when synchronisation is restored

* Logger: only remove alerts from the same component

Missed off 9f5c0de07

* Make the saving throttle interval configurable (#4385)

After switching Bob to use the core syncer the throttle interval makes saving feel very sluggish compared to the message queue setup that I had before.
The editing lock that I use to prevent conflicts with multiple users doesn't go away until the save is completed, and with the 1 second delay it means that if you edit a tiddler and save it than you have to wait one second before you can edit it again.

* Tweaks to appearance of alerts

* Exclude temp tiddlers from offline snapshots

Otherwise alerts will persist

* Tweak appearance of status line in dropdown

* Update release note

* Web server: Don't include full path in error messages

Fixes #3724

* In change event handler check for deletions

* Disable the official plugin library when the tiddlyweb plugin is loaded

* Hide error details from browser for /files/ route

See https://github.com/Jermolene/TiddlyWiki5/issues/3724#issuecomment-565702492 -- thanks @pmario

* Revert all the changes to the relationship between the syncer and the syncadaptor

Previously we had some major rearrangements to make it possible for the syncadaptor to route it's logging to the logger used by the syncer. The motivation is so that the "copy logs to clipboard" button is more useful.

On reflection, changing the interface this drastically is undesirable from a backwards compatibility perspective, so I'm going to investigate other ways to achieve the logger sharing

* Make the tiddlyweb adaptor use the syncer's logger

So that both are availavble when copying the syncer logs to the clipboard

* Update release note

* Support setting port=0 to get an OS assigned port

Quite useful

* Update code comment

* UI: Use "Get latest changes from server" instead of "Refresh"

* Add getUpdatedTiddlers() method to syncadaptor API

See https://github.com/Jermolene/TiddlyWiki5/pull/4373#issuecomment-573579495

* Refactor revision handling within the syncer

Thanks @pmario

* Fix typo in tiddlywebadaptor

* Improve presentation of errors

See https://github.com/Jermolene/TiddlyWiki5/pull/4373#issuecomment-573695267

* Add docs for getTiddlerRevision()

* Remove unused error animation

* Update comment for GET /recipes/default/tiddlers/tiddlers.json

* Optimise SVG cloud image

* Add optional list of allowed filters for get all tiddlers route

An attempt to address @Arlen22's concern here:

https://github.com/Jermolene/TiddlyWiki5/pull/4373#pullrequestreview-342146190

* Fix network error alert text translatability

* Fix error code and logging for GET /recipes/default/tiddlers/tiddlers.json

Thanks @Arlen22

* Flip GET /recipes/default/tiddlers/tiddlers.json allowed filter handling to be secure by default

* Validate updates received from getUpdatedTiddlers()

* Add syncer method to force loading of a tiddler from the server

* Remove the release note update to remove the merge conflict

* Fix crash when there's no config section in the tiddlywiki.info file

* Use config tiddler title to check filter query (merge into fix-syncer) (#4478)

* Use config tiddler title to check filter query

* Create config-tiddlers-filter.tid

* Add config switch to enable all filters on GET /recipes/default/tiddlers/tiddlers.json

And update docs

* Fix bug when deleting a tiddler with a shadow

Reported by @kookma at https://github.com/Jermolene/TiddlyWiki5/pull/4373#issuecomment-604027528

Co-authored-by: jed <inmysocks@fastmail.com>
Co-authored-by: Arlen22 <arlenbee@gmail.com>
2020-03-30 15:24:05 +01:00
Jeremy Ruston
cab9fd11dc Clarify docs on the path-prefix subcommand of the listen command 2020-03-11 17:19:21 +00:00
Jeremy Ruston
6496107a32 Docs: Clarify that webserver API get all tiddlers only returns non-system tiddlers
Fixes #4212
2019-09-03 09:47:55 +01:00
Jeremy Ruston
067e8a9f94 Merge branch 'tiddlywiki-com' 2019-08-09 10:29:46 +01:00
Jeremy Ruston
02b141f97f Docs: typo in "Using the external JavaScript template" 2019-07-02 15:35:11 +01:00
Jermolene
4401e71498 Docs: Update WebServer Parameter: csrf-disable 2019-04-23 17:53:19 +01:00
Jeremy Ruston
fc3227831f Docs: fix HTTPS command typos
Fixes #3713
2019-01-27 14:35:58 +00:00
Johannes Löthberg
1f829dd5a8 Fix typo password -> username (#3686) 2019-01-14 09:42:09 +00:00
Dr. Donald Lund
3827feee3f Update WebServer "port" variable docs (#3651)
The colon (:) separator needs to be replaced with an equals sign (=). This kept throwing me off while I was trying to set this up.
2018-12-17 19:36:31 +00:00
Jermolene
42cf077639 Fix basic authentication forced login
Fixes #3647
2018-12-16 18:20:33 +00:00
Andreas Hahn
2bf6203cf5 Improvements to the static single tiddler view as well as documentation. (#3386)
* Improvements to the static single tiddler view as well as documentation.

* Fixed tabs

* Fixed tabs

* Revert static view path

* Documentation updates
2018-12-01 13:30:00 +00:00
Marxsal
9268a8c3ca Info about using 0.0.0.0, plus warning about using it. (#3519)
* Info about using 0.0.0.0, plus warning about using it.

* Moved information to WebServer. Incls listen.

* More warnings about n.n.n.n
2018-11-29 09:47:37 +00:00
Jermolene
1700eb4ba7 Docs update 2018-11-25 10:37:33 +00:00
Jermolene
9c849eb10a WebServer - change /login-basic route to /login/basic
To avoid clashing with tiddlers called "login-basic" :)

We also need to revise the rout for /status for the same reason, but there are backward compatibility issues there
2018-10-13 17:22:21 +01:00
Jermolene
240bd7bec4 Docs typo 2018-10-03 21:42:34 +01:00
Jermolene
eeb453d471 Docs update 2018-10-02 14:54:46 +01:00
Jermolene
f0c6a09ea7 Docs update 2018-10-02 14:19:06 +01:00
Jermolene
c208c55a22 Finish web server API docs 2018-10-02 14:16:58 +01:00
Jermolene
806df86434 Move the system tag documentation into individual tiddlers 2018-09-26 18:24:08 +01:00
Jermolene
8321d2e6fc Docs: webserver and read-only mode 2018-09-05 08:38:47 +01:00
Jermolene
bb9e2de861 Docs improvements 2018-08-08 10:47:10 +01:00
snlhnk
c05c0d3df6 Module-ize server routes, add static file support and other enhancements(#2679)
* Module-ize server routes and add static file support (#2510)

* Refactor server routes to modules

New module type: serverroute

Caveats: Loading order is not deterministic but this would only matter
if two route modules attempted to use the same path regexp (that would
be silly).

* Add static assets plugin

This plugin allows the node server to fetch static assets in the /assets
directory. I felt that this was a feature that goes above the core
functionality. That is why I added it as a plugin. with the modular
route extensions this was a breeze.

* Add serverroute description to ModuleTypes

* Coding standards tweaks

* Fix filename typo

* Move support for attachments from a plugin into the core

* Missing "else"

* Refactor server handling

* Introduce a new named parameter scheme for commands
* Move the SimpleServer class into it's own module
* Deprecate the --server command because of the unwieldy syntax
* Add a new --listen command using the new syntax

For example:

tiddlywiki mywiki --listen host:0.0.0.0 port:8090

* Add check for unknown parameters

* Add support for multiple basic authentication credentials in a CSV file

Beware: Passwords are stored in plain text. If that's a problem, use an authenticating proxy and the trusted header authentication approach.

* Refactor module locations

* Rename "serverroute" module type to "route"

* Remove support for verifying optional named command parameters

The idea was to be able to flag unknown parameter names, but requiring a command to pre-specify all the parameter names makes it harder for (say) the listen command to be extensible so that plugins can add new optional parameters that they handle. (This is particularly in the context of work in progress to encapsulate authenticators into their own modules).

* Refactor the two authenticators into separate modules and add support for authorization

* Correct mistaken path.join vs. path.resolve

See https://stackoverflow.com/a/39836259

* Docs for the named command parameters

I'd be grateful if anyone with sufficient Windows experience could confirm that the note about double quotes in "NamedCommandParameters" is correct.

* Be consistent about lower case parameter names

* Do the right thing when we have a username but no password

With a username parameter but no password parameter we'll attribute edits to that username, but not require authentication.

* Remove obsolete code

* Add support for requiring authentication without restricting the username

* Refactor authorization checks

* Return read_only status in /status response

* Fix two code typos

* Add basic support for detecting readonly status and avoiding write errors

We now have syncadaptors returning  readonly status and avoid attempting to write to the server if it's going to fail

* Add readonly-styles

We hide editing-related buttons in read only mode

I've made this part of the tiddlyweb plugin but I think a case could be made for putting it into the core.

* Add custom request header as CSRF mitigation

By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"

See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers

* Add support for HTTPS

* First pass at a route for serving rendered tiddlers

cc @Drakor

* Tweaks to the single tiddler static view

Adding a simple sidebar

* Switch to "dash" separated parameter names

* Typo

* Docs: Update ServerCommand and ListenCommand

* First pass at docs for the new web server stuff

Writing the docs is turning out to be quite an undertaking, much harder than writing the code!

* Get rid of extraneous paragraphs in static renderings

* Rejig anonymous user handling

Now we can support wikis that are read-only for anonymous access, but allow a user to login for read/write access.

* More docs

Slowly getting there...

* Static tiddler rendering: Fix HTML content in page title

* Docs updates

* Fix server command parameter names

Missed off 30ce7ea

* Docs: Missing quotes

* Avoid inadvertent dependency on Node.js > v9.6.0

The listenOptions parameter of the plain HTTP version of CreateServer was only introduced in v9.6.0

cc @Drakor @pmario

* Typo
2018-07-18 16:54:43 +01:00