2acef3c2ec
Fixed issue where restricted page content in plaintext export
...
The content of pages made non-viewable to a user via permissions, within a visible parent, could be seen via the plaintext export option. Before v0.30.6 this would have applied only to scenarios where all pages within the chapter were made non-visible. In v0.30.6 this would make all pages within the chapter visible.
As per #2414
2020-12-18 13:56:00 +00:00
3f3fad7113
Fixed book-tree-gen page visibility issue
...
When book trees were generated, pages in chapters where ALL pages within
were not supposed to be visibile, would be visible due to the code
falling back on the raw relation which would not account for
permissions.
This has now been changed so that a custom 'visible_pages' attribute is set and used by any book tree structures, to ensure it does not fall back to the raw relation.
Added an extra test to cover.
For #2414
2020-12-17 17:31:18 +00:00
884664bfe9
Ensured base64 images are read from image upload folder
...
Also removed unused storage systems and updated testing.
2020-12-06 15:34:18 +00:00
8911e3f441
Removed http fetching from image base64 generation
2020-12-06 14:24:22 +00:00
7d38c96a23
Removed generic "UploadService" which was doing very little
2020-12-06 12:58:40 +00:00
162d893143
Updated .env.example to encorage use of setting APP_URL
...
For the purposes of secure URL generation and to avoid common problems
found when people are using reverse proxies.
2020-12-06 12:31:36 +00:00
6d8b0605a0
Merge branch 'xss_and_redir_patch' of git://github.com/PercussiveElbow/BookStack into xss_and_redirect
2020-10-31 15:19:33 +00:00
349162ea13
Prevented possible XSS via link attachments
...
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.
Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
bbd1384acb
XSS and redirect fixes with test cases
2020-10-27 01:34:51 +00:00
6aa2bf9e27
Merge pull request #2296 from timoschwarzer/esbuild-watch-first-time-fix
...
Fix build:js:watch not building at first launch in Docker
2020-10-13 23:17:23 +01:00
18bcafaee4
Updated translator attribution before release v0.30.3
2020-10-13 22:49:55 +01:00
8d07b7cf1c
Added alias for vbscript
2020-10-13 22:44:33 +01:00
080f9c3025
Merge pull request #2302 from nutsflag/master
...
Add VBScript Codemirror
2020-10-13 22:41:09 +01:00
617fe6bc8c
Merge pull request #2303 from BookStackApp/l10n_master
...
New Crowdin updates
2020-10-13 22:39:52 +01:00
bb1f1a9ecd
Fixed error on drawing edit on markdown editor
...
Was preventing save of drawings.
For #2313
2020-10-13 22:36:07 +01:00
d688e43197
New translations settings.php (Chinese Simplified)
2020-10-05 06:26:38 +01:00
c82c3023c5
New translations settings.php (Spanish)
2020-10-02 17:18:27 +01:00
d0d75afc66
New translations settings.php (Chinese Simplified)
2020-10-02 15:55:46 +01:00
467176ee78
Update code.js
2020-10-02 15:14:29 +02:00
521a002001
Update code-editor.blade.php
2020-10-02 15:13:31 +02:00
aca37b8784
Fix build:js:watch not building at first launch in Docker
2020-10-01 11:25:22 +02:00
f3ee8f2d4c
Updated http service to not read 204 response data
2020-09-30 22:32:03 +01:00
ea406690f5
Updated esbuild options and version & updated npm deps
...
Had to change way sortable is imported due to changes, Still
seemed to have functioning multi-select.
2020-09-30 22:28:53 +01:00
465d405926
Updated page content related links on content id changes
...
For #2278
2020-09-28 22:26:50 +01:00
1097c61d6d
Fixed duplicate requests in attachment manager issue
...
Closes #2286
2020-09-28 21:55:24 +01:00
def2d61ad8
Merge pull request #2272 from jakubboucek/feature/fix-invalid-canonical-redirect
...
Fixed canonical redirects on non-root url app instances
2020-09-28 21:15:23 +01:00
8b0f5e7000
Updated draw.io references to diagrams.net
...
Related to #2044
2020-09-28 20:45:38 +01:00
1e88e8086f
Fixed canonical redirects on non-root url app instances
...
If BookStack instance is deployed to any non-root path, e.g. http://example.com/wiki/ ,
requests for http://example.com/wiki/shelves/
was redirected to http://example.com/shelves
instead of http://example.com/wiki/shelves
Synced with: https://github.com/laravel/laravel/blob/master/public/.htaccess
2020-09-27 02:50:37 +02:00
d48ac0a37d
Removed redundant test
...
Now replaced in recent commit by one that checks actual message gets
displayed on the redirect page.
Redirect page changed to login page.
2020-09-26 18:24:05 +01:00
3eeb1e7d08
Updated translators fiel with latest
2020-09-26 17:48:02 +01:00
0d43b50f9d
New Crowdin updates ( #2262 )
...
* New translations entities.php (Russian)
* New translations settings.php (Russian)
* New translations entities.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations settings.php (Chinese Simplified)
* New translations entities.php (Czech)
* New translations common.php (Czech)
* New translations components.php (Czech)
* New translations settings.php (Czech)
* New translations errors.php (Czech)
* New translations settings.php (Czech)
* New translations settings.php (Czech)
* New translations settings.php (Czech)
* New translations settings.php (German)
* New translations settings.php (German)
* New translations entities.php (German)
* New translations validation.php (Czech)
* New translations entities.php (Spanish, Argentina)
* New translations entities.php (German Informal)
* New translations settings.php (German Informal)
* New translations auth.php (Czech)
2020-09-26 17:46:32 +01:00
6bcfac6751
Updated codemirror and updated codemirror base styles
...
Aligns styles with current release, since was causing overflow
with scrollbars.
Fixes #2267
2020-09-26 17:33:43 +01:00
68489e5b44
Updated PR code to use isA and updated that function definition
...
Related to #2227
2020-09-26 17:00:17 +01:00
fe0e307313
Merge branch 'renderpages' of git://github.com/mr-vinn/BookStack into mr-vinn-renderpages
2020-09-26 16:55:05 +01:00
9985046685
Added test for includes on book export
...
Related to #2227
2020-09-26 16:54:24 +01:00
53ec794e53
Fixed issue where SAML login not notifiy on existing user
...
Added testing to cover
Fixes #2263
2020-09-26 16:43:06 +01:00
328d2514c4
Updated settings nav to be more flexible
...
Uses flexbox layout, flexed to content instead of rigid thirds like
before. Also extracted row into own file
2020-09-26 16:26:30 +01:00
de2756dd95
Updated callout links to be correct colors
...
- Also updated to be underlined instead of bold
2020-09-26 15:40:51 +01:00
1f97047799
Merge branch 'master' of git://github.com/alexmannuk/BookStack into alexmannuk-master
2020-09-26 15:35:13 +01:00
c870c10e38
Merge pull request #2270 from gertjankrol/feature/test-migrations-workflow
...
Add `test-migrations` workflow
2020-09-26 15:25:17 +01:00
49fa21c1e2
Merge pull request #2268 from gertjankrol/master
...
Fix the `AddActivityIndexes` migration's `down()` method
2020-09-26 15:21:21 +01:00
9f87423584
Merge pull request #2274 from abulgatz/patch-1
...
Fixed "Ubunto Mono" $mono type misspelling
2020-09-26 12:11:53 +01:00
08fbd39fcb
Fixed markdown iframe loading and content alignment
...
Fixes #2280
2020-09-26 12:01:01 +01:00
5f75a9f32c
Fix "Ubunto Mono" $mono type misspelling
2020-09-23 16:19:30 -05:00
3750922c3e
Added the test-migrations workflow
2020-09-22 19:53:45 +02:00
4b0d1ddf39
Fixed the AddActivityIndexes migration's down() method
2020-09-22 19:22:27 +02:00
a6c20c321f
Merged latest translation changes
2020-09-20 10:28:01 +01:00
e12012a6fc
Updated translation contributors
2020-09-20 09:15:02 +01:00
73b4c6d947
Fixed some wording in example env
2020-09-19 23:09:08 +01:00
9e11fc33fa
Updated example env with helpful info
...
- Added comments to explain the use of the file.
- Added comments to advise that space/hash containing values would need
to be quoted.
Related to #2258
2020-09-19 16:09:43 +01:00
