mirrors/TiddlyWiki5
1
0
Fork 0
mirror of https://github.com/Jermolene/TiddlyWiki5 synced 2026-05-17 10:52:18 +00:00
Code Issues Releases Wiki Activity
8,503 Commits 152 Branches 71 Tags
cc2f5e0d115a22ec400a557ca7a1c751debfece7
Commit Graph

8503 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Jermolene cc2f5e0d11 Tweaks to the single tiddler static view 
Adding a simple sidebar
 2018-07-01 12:05:51 +01:00
Jermolene 0d7d1ad67e First pass at a route for serving rendered tiddlers 
cc @Drakor
 2018-06-30 14:35:37 +01:00
Jermolene ed2546c8ff Add support for HTTPS 2018-06-27 22:07:06 +01:00
Jermolene 867488a25b Add custom request header as CSRF mitigation 
By default we require the header X-Requested-With to be set to TiddlyWiki. Can be overriden by setting csrfdisable to "yes"

See https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF)_Prevention_Cheat_Sheet#Protecting_REST_Services:_Use_of_Custom_Request_Headers
 2018-06-27 19:10:36 +01:00
Jermolene cca73d0c85 Add readonly-styles 
We hide editing-related buttons in read only mode

I've made this part of the tiddlyweb plugin but I think a case could be made for putting it into the core.
 2018-06-27 11:16:13 +01:00
Jermolene 740a9b170e Add basic support for detecting readonly status and avoiding write errors 
We now have syncadaptors returning  readonly status and avoid attempting to write to the server if it's going to fail
 2018-06-27 11:09:42 +01:00
Jermolene 620116a0b4 Fix two code typos 2018-06-27 11:08:09 +01:00
Jermolene adfd65dae2 Return read_only status in /status response 2018-06-27 10:24:32 +01:00
Jermolene 687eae333d Refactor authorization checks 2018-06-27 10:24:14 +01:00
Jermolene 3d77f18734 Add support for requiring authentication without restricting the username 2018-06-27 09:47:20 +01:00
Jermolene 8a91c07fa9 Remove obsolete code 2018-06-27 09:47:05 +01:00
Jermolene bdb68fea6d Do the right thing when we have a username but no password 
With a username parameter but no password parameter we'll attribute edits to that username, but not require authentication.
 2018-06-26 15:40:29 +01:00
Jermolene 501d0a8edc Be consistent about lower case parameter names 2018-06-26 15:39:43 +01:00
Jermolene 43b64fc2ca Docs for the named command parameters 
I'd be grateful if anyone with sufficient Windows experience could confirm that the note about double quotes in "NamedCommandParameters" is correct.
 2018-06-26 13:36:13 +01:00
Jermolene 6f8711d469 Correct mistaken path.join vs. path.resolve 
See https://stackoverflow.com/a/39836259
 2018-06-25 17:19:50 +01:00
Jermolene 13f7959e63 Refactor the two authenticators into separate modules and add support for authorization 2018-06-25 17:11:41 +01:00
Jermolene 9f4c997292 Remove support for verifying optional named command parameters 
The idea was to be able to flag unknown parameter names, but requiring a command to pre-specify all the parameter names makes it harder for (say) the listen command to be extensible so that plugins can add new optional parameters that they handle. (This is particularly in the context of work in progress to encapsulate authenticators into their own modules).
 2018-06-23 16:23:04 +01:00
Jermolene 1c24b3a761 Rename "serverroute" module type to "route" 2018-06-23 09:28:59 +01:00
Jermolene b70ebadda5 Refactor module locations 2018-06-22 22:02:57 +01:00
Jermolene 1eea89f138 Add support for multiple basic authentication credentials in a CSV file 
Beware: Passwords are stored in plain text. If that's a problem, use an authenticating proxy and the trusted header authentication approach.
 2018-06-22 21:29:56 +01:00
Jermolene d6543cfbbf Add check for unknown parameters 2018-06-21 21:34:01 +01:00
Jermolene d5e926d0c7 Refactor server handling 
* Introduce a new named parameter scheme for commands
* Move the SimpleServer class into it's own module
* Deprecate the --server command because of the unwieldy syntax
* Add a new --listen command using the new syntax

For example:

tiddlywiki mywiki --listen host:0.0.0.0 port:8090
 2018-06-21 20:58:42 +01:00
Jermolene 9024ab8f8e Missing "else" 2018-06-21 12:41:08 +01:00
Jermolene db000efc9e Move support for attachments from a plugin into the core 2018-06-21 12:34:01 +01:00
Jermolene 24490984f1 Fix filename typo 2018-06-21 09:38:36 +01:00
Jermolene 7d06f75305 Coding standards tweaks 2018-06-21 09:32:15 +01:00
Jermolene fca56add92 Merge branch 'master' into http-server 2018-06-21 08:42:32 +01:00
Jermolene acaa07a964 First stab at a threaded commenting plugin 2018-06-21 08:36:15 +01:00
Bram Chen 23797b05a1 Add chinese help text of debuglevel for the server command (#3337) 2018-06-20 17:16:30 +01:00
Jermolene 1ce9973bed Add optional debug logging to the server command 2018-06-20 12:43:41 +01:00
Jermolene c29f5a1b61 Server command: map missing path to "/" 
Otherwise, the user gets a 404 if we use a path prefix and the user omits the trailing slash
 2018-06-20 12:18:35 +01:00
BurningTreeC 2a3f1b4403 Make tm-full-screen work in all windows (#3334) 
this makes tm-full-screen work in new windows, too
 2018-06-16 10:03:38 +01:00
Jermolene 7557b8b5b7 Remove extraneous debugging code from 35cbb127a3 2018-06-15 11:34:06 +01:00
Jermolene 35cbb127a3 Restrict variable substitutions to macros defined with the define pragma 
Fixes #3333
 2018-06-15 08:31:02 +01:00
Jermolene aba9c94f5a Fix coding standards for put.js 
A few minor things, but the accidental use of "const" is serious: TW5 is intended to run on ES5.
 2018-06-13 15:50:47 +01:00
Jermolene bacf500d50 Avoid deprecated new Buffer() usage 
See https://alexatnet.com/node-js-10-important-changes/#buffer-1

> Uses of new Buffer() and Buffer() outside of the node_modules directory will now emit a runtime deprecation warning.

More details: https://nodejs.org/api/buffer.html#buffer_buffer_from_buffer_alloc_and_buffer_allocunsafe
 2018-06-13 11:22:17 +01:00
Jermolene 2e51f08bef Add support for rebasing headings at render time 
Fixes #3330
 2018-06-10 15:54:23 +01:00
Jermolene 29606c6d24 Refactor new journal actions 
Using contained actions, as we were, meant that the actions (and in this case the wikify widget) were being rendered at render time, but might have been out of date by the time the actions were triggered. Using the action attribute ensures the actions are rendered when they are executed.

Fixes #3326
 2018-06-06 19:41:02 +01:00
Jermolene 17e73befde Docs: Update IIS setup instructions 
Reference to the wiki folder was incorrect
 2018-06-01 10:30:46 +01:00
Jermolene 89f99151b3 Correction to the IIS installation instructions 2018-05-30 18:25:30 +01:00
Jermolene d2682b71ff DynaView: Only apply minimum height to tiddlers that are not yet visible 2018-05-25 11:08:27 +01:00
Jermolene 121e868ca4 Merge branch 'master' of https://github.com/Jermolene/TiddlyWiki5 2018-05-23 14:18:28 +01:00
Jermolene 4b42173962 DynaView: refactor checkVisibility for performance and readability 2018-05-23 14:17:49 +01:00
Jermolene 01bdaff005 Separate the two reveal-on-scroll examples 
Making them easier to understand and copy
 2018-05-23 14:17:23 +01:00
AnthonyMuscio edcf1b1d41 Update cla-individual.md (#3305) 2018-05-21 10:40:16 +01:00
BurningTreeC 05af050cbf CodeMirror plugin: tweak for font-size (#3294) 2018-05-19 08:50:18 +01:00
Jermolene 6b14969cf6 Display a warning for binary tiddlers in view mode 
The base64 data is currently parsed as wikitext, which is slow and unhelpful

We already display the same warning for binary tiddlers in edit mode.
 2018-05-18 17:53:07 +01:00
Jermolene f0b7c9a3d5 TextSlicer: Fix external links 2018-05-17 18:30:21 +01:00
Jermolene 33453039fc Fix broken import previews 
All three were inadvertently showing the existing tiddler (if any), not the imported tiddler.
 2018-05-16 17:40:15 +01:00
Jermolene 33e636cbe7 Docs: Add popupmechanism link to Button widget docs 
Fixes #3284
 2018-05-16 16:23:57 +01:00