* [Further TOC fixes] - FollowUp: fix tag macros
this fixes the tag macros when titles are used that contain quotes, especially triple quotes and more
* Update tag.tid
* correct scrolling with tc-adjust-top-of-scroll
not multiplying `offset` with t causes jumps at the first animation steps, where the offset value is bigger than `endY - scrollPosition.y`
* correct scroll offset
* changes for global keyboardshortcuts
* add keyboard.js startup module
* remove not existing "th-opening-window" hook
* correct title
* use utils.addEventListeners
* define platform lookup-names on startup
* use the startup-lookup-names array
* use the platform-specific lookupNames only
* Update keyboard.js
* move initializations to the constructor
* move initializations to the constructor
* rename hasAnyTiddlerChanged
* don't explicitely create new RegExp
* use $tw.utils.hopArray
* match strings, no regex
* remove hopArray, move to boot.js
* add $tw.utils.hopArray to boot.js
* style update
* style updates
* move more to keyboardManager module
this could probably be moved to rootwidget.js
* move more to keyboardManager module
* add event listener for shortcuts in new windows
* prevent error when opening window is blocked
* add keydown listener on document in startup.js
* delete startup/keyboard.js
* add missing this.shortcutTiddlers
* Update keyboard.js
* Update boot.js
* add exports.hopArray to utils.js
* minor codingstyle tweak
* change how lookupnames get pushed to array
* Update windows.js
* re-add shortcuts-listener for new windows
I removed this before which I think was because I misunderstood what exactly should go to a separate PR
The bug here is that incoming tiddlers (ie tiddlers that were updated on the server and synced back to the browser) will retain any fields that are currently present but deleted in the incoming tiddler
To avoid clashing with tiddlers called "login-basic" :)
We also need to revise the rout for /status for the same reason, but there are backward compatibility issues there
* Added better handling for sortByList manual placements
If manual placement specifications show up in an inconvenient order,
sortByList, will go to the trouble of processing them in that order.
* Added tests to confirm solution to (#3296)
...That custom tag ordering will not choke when tiddlers get sorted after their dependencies have been placed around them
* Corrected list-after bug when referencing external titles
* Using more error-proof $tw.utils.hop in sortByList
* minor indentation correction in test-tags.js
By almost entirely eliminating text subsitution, we can avoid the situations where special characters in tags or titles gets the macro confused.
These are quite intricate changes, and so I'd appreciate any help reviewing and testing, many thanks.
Fixes#3427
It's a bit gross that we have to change the filename used to reference the JS file. This is to make it work with the webserver.
At the moment, the webserver exposes system tiddlers as plain text renderings, and ordinary tiddlers as full HTML renderings through a view template. So we have to use a system tiddler title for the JS file.
The workaround I'm thinking of is to remove the blanket exposure of system tiddlers, and instead have a list of system tiddlers that are specifically exposed through a namespace like `127.0.0.1:8080\lib\tiddlywiki.js`. That can't clash with a tiddler title because tiddler titles are URI encoded and so can't contain slashes.
* Explore externalising TiddlyWiki's JS core into a separate file
* Fix missing newline after copyright notice
* Add an error alert if tiddlywiki.js can't be loaded
Makes things a bit easier to follow when working in multiuser environments.
@inmysocks, @danielo515, @arlen22, @pmario, @drakor does this make sense for your use cases?
* Module-ize server routes and add static file support (#2510)
* Refactor server routes to modules
New module type: serverroute
Caveats: Loading order is not deterministic but this would only matter
if two route modules attempted to use the same path regexp (that would
be silly).
* Add static assets plugin
This plugin allows the node server to fetch static assets in the /assets
directory. I felt that this was a feature that goes above the core
functionality. That is why I added it as a plugin. with the modular
route extensions this was a breeze.
* Add serverroute description to ModuleTypes
* Coding standards tweaks
* Fix filename typo
* Move support for attachments from a plugin into the core
* Missing "else"
* Refactor server handling
* Introduce a new named parameter scheme for commands
* Move the SimpleServer class into it's own module
* Deprecate the --server command because of the unwieldy syntax
* Add a new --listen command using the new syntax
For example:
tiddlywiki mywiki --listen host:0.0.0.0 port:8090
* Add check for unknown parameters
* Add support for multiple basic authentication credentials in a CSV file
Beware: Passwords are stored in plain text. If that's a problem, use an authenticating proxy and the trusted header authentication approach.
* Refactor module locations
* Rename "serverroute" module type to "route"
* Remove support for verifying optional named command parameters
The idea was to be able to flag unknown parameter names, but requiring a command to pre-specify all the parameter names makes it harder for (say) the listen command to be extensible so that plugins can add new optional parameters that they handle. (This is particularly in the context of work in progress to encapsulate authenticators into their own modules).
* Refactor the two authenticators into separate modules and add support for authorization
* Correct mistaken path.join vs. path.resolve
See https://stackoverflow.com/a/39836259
* Docs for the named command parameters
I'd be grateful if anyone with sufficient Windows experience could confirm that the note about double quotes in "NamedCommandParameters" is correct.
* Be consistent about lower case parameter names
* Do the right thing when we have a username but no password
With a username parameter but no password parameter we'll attribute edits to that username, but not require authentication.
* Remove obsolete code
* Add support for requiring authentication without restricting the username
* Refactor authorization checks
* Return read_only status in /status response
* Fix two code typos
* Add basic support for detecting readonly status and avoiding write errors
We now have syncadaptors returning readonly status and avoid attempting to write to the server if it's going to fail
* Add readonly-styles
We hide editing-related buttons in read only mode
I've made this part of the tiddlyweb plugin but I think a case could be made for putting it into the core.
* Add custom request header as CSRF mitigation
By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"
See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers
* Add support for HTTPS
* First pass at a route for serving rendered tiddlers
cc @Drakor
* Tweaks to the single tiddler static view
Adding a simple sidebar
* Switch to "dash" separated parameter names
* Typo
* Docs: Update ServerCommand and ListenCommand
* First pass at docs for the new web server stuff
Writing the docs is turning out to be quite an undertaking, much harder than writing the code!
* Get rid of extraneous paragraphs in static renderings
* Rejig anonymous user handling
Now we can support wikis that are read-only for anonymous access, but allow a user to login for read/write access.
* More docs
Slowly getting there...
* Static tiddler rendering: Fix HTML content in page title
* Docs updates
* Fix server command parameter names
Missed off 30ce7ea
* Docs: Missing quotes
* Avoid inadvertent dependency on Node.js > v9.6.0
The listenOptions parameter of the plain HTTP version of CreateServer was only introduced in v9.6.0
cc @Drakor @pmario
* Typo
Using contained actions, as we were, meant that the actions (and in this case the wikify widget) were being rendered at render time, but might have been out of date by the time the actions were triggered. Using the action attribute ensures the actions are rendered when they are executed.
Fixes#3326
Fixes problem whereby a repeated "new journal" would replace the text of the existing journal tiddler if the control panel new journal text was set.
Fixes#3028 and #3265
* Refactored the is operator for simplicity and efficiency.
* Improve `is` filter documentation.
* Update is.js
* extracted `subops.length` to `num_of_subops`
* renamed `subop` to `operator` for clarity/differentiation from `subops`
* refactored to avoid using a `Set` object.
* Update is.js
* Fix WebDAV by requesting new ETag conditionally
For me. this was saving only the first time and subsequently failing.
Having revised the requests, I noticed it didn't get a new ETag after saving.
Seems not all WebDAV implementations return a new ETag in PUT requests.
In my WebDAV service (WsgiDAV) - ETag is only served from a HEAD
request.
So if no ETag is found with PUT - we request one with HEAD.
This patch fixes error handling and should also work with servers that
provide ETag directly upon PUT.
* Add tweak from PMario
