Dan Brown
263384cf99
Merge branch 'oidc'
2021-10-16 15:51:13 +01:00
Dan Brown
f3c147d33b
Applied latest styleci changes
2021-10-15 14:16:45 +01:00
Dan Brown
9b8bb49a33
Added custom whoops-based debug view
...
Provides a simple bookstack focused view that does not rely on JavaScript.
Contains links to BookStack specific resources in addition to commonly
desired debug details.
2021-10-14 15:33:08 +01:00
Dan Brown
855409bc4f
Fixed lack of oidc discovery filtering during testing
...
Tested oidc system on okta, Keycloak & Auth0
2021-10-14 13:37:55 +01:00
Dan Brown
a5d72aa458
Fleshed out testing for OIDC system
2021-10-13 16:51:27 +01:00
Dan Brown
05d99a312d
Applied styleci changes
2021-09-26 15:48:22 +01:00
Dan Brown
c32b315cd7
Standardised facade usage to use via their FQCN
...
Done via Laravel Shift Workbench
2021-09-26 15:37:55 +01:00
Dan Brown
fb80bb5d58
Applied latest styleci changes
2021-09-06 22:19:06 +01:00
Dan Brown
253f386f00
Finished off script CSP rules
...
- Added caching for custom html head parsing to add nonce.
- Also moved api docs page into web routes to prevent issues.
2021-09-04 13:57:04 +01:00
Dan Brown
a61c9c5e98
Reorgranised blade view files to form a convention
...
- Primarily moved and re-organised view files.
- Included readme within views to document the convention.
- Fixed some issues with page field select list in previous commit.
- Tweaked some route names while going through.
- Split some views out further.
Closes #2805
2021-08-22 13:17:32 +01:00
Dan Brown
9249addb5c
Updated all login events to route through single service
2021-07-17 17:45:00 +01:00
Dan Brown
934a833818
Apply fixes from StyleCI
2021-06-26 15:23:15 +00:00
Dan Brown
2ae89f2c32
Added the possibility of social provider extension via theme
...
Also started docs page
2021-03-19 16:22:47 +00:00
Dan Brown
3df6c9ac05
Updated service provider reference, added phpunit env var
2021-01-28 22:46:15 +00:00
Dan Brown
ef1b98019a
Fixed some mis-refactoring and split search service
...
Search service broken into index and runner tools.
2020-11-22 00:17:45 +00:00
Dan Brown
66917520cb
Service provider and other cleanup
...
- Removed old 'exposeTranslations' system to instead use new component
option system.
- Extracted validation rules into their own service provider.
- Cleaned up some formatting/comments in the repos.
2020-11-21 17:52:49 +00:00
Dan Brown
349162ea13
Prevented possible XSS via link attachments
...
This filters out potentially malicious javascript: or data: uri's coming
through to be attached to attachments.
Added tests to cover.
Thanks to Yassine ABOUKIR (@yassineaboukir on twitter) for reporting this
vulnerability.
2020-10-31 15:01:52 +00:00
Dan Brown
ea9e9565ef
Removed bmp and tiff support from uploaded images.
...
Fixes #1990
2020-04-05 16:15:05 +01:00
Dan Brown
be08dc1588
Ran phpcbf and updated helpers typehinting
2019-09-15 18:29:51 +01:00
Dan Brown
7a4425473b
Fixed URL gen issue causing incorrect scheme to be used
...
For #1613
2019-09-01 12:07:51 +01:00
Dan Brown
4b0c4e621a
Replaced use of custom 'baseUrl' helper with 'url'
...
Also changed up how base URL setting was being done
by manipulating incoming request URLs instead of
altering then on generation.
2019-08-04 14:26:39 +01:00
Dan Brown
30da105812
Started refactor of URL system to better extend Laravel
2019-07-21 21:32:08 +01:00
Dan Brown
15c39c1976
Updated JS translations to be inserted from back-end
...
Removes old awkward JS translations endpoint.
New system still a little akward in code but not now in process.
Also extracted out page editors into their own files.
Closes #1258
2019-07-06 14:52:25 +01:00
Dan Brown
97fdfa6ebe
Moved config dir into app dir
...
Closes #1506
2019-07-06 13:44:50 +01:00
Dan Brown
b12ae6d11b
Added bookshelves to breadcrumbs
...
- Updated breadcrumb dropdown switchers and back-end sibling code to handle new breadcrumbs.
- Added breadcrumb view composer and EntityContext system to mangage
tracking if in the context of a bookshelf.
2019-04-07 18:28:11 +01:00
Dan Brown
193e2ffebe
Prevent dbl exts. on img upload, Randomized attachment upload names
2019-03-24 19:08:21 +00:00
Dan Brown
f5fe524e6c
Added extension whitelist for image uploads
...
- A continuation of the security issues addressed in v0.25.3
2019-03-21 19:43:15 +00:00
Dan Brown
37b91b6b0e
Hardened image file validation by removing custom validation
...
- Added test to check PHP files cannot be uploaded as an image.
2019-03-20 23:59:55 +00:00
Dan Brown
257a5a23ec
Fleshed out entity provided and optimized imports
2018-09-25 16:58:03 +01:00
Dan Brown
919660678b
Re-structured the app code to be feature based rather than code type based
2018-09-25 12:30:50 +01:00
Dan Brown
3df7d828eb
Fixed failing tests
...
Fixed syntax error in french translations.
Removed 'required' on image validation which was breaking tests
2018-03-24 15:25:13 +00:00
Abijeet
f42d355fd7
Fixes issue with the validation message not being translated.
...
Signed-off-by: Abijeet <abijeetpatro@gmail.com>
2018-03-13 09:10:23 +05:30
Dan Brown
62342433f4
Set /app PHP code to PSR-2 standard
...
Also adde draw.io to attribution list.
Closes #649
2018-01-28 16:58:52 +00:00
Dan Brown
005f0eb4fc
Updated default encoding and added conversion migration.
...
Also updated how DB port is defined so that the DB_PORT
env var can be used or it can be take from the host name.
Fixes #405
2017-07-02 17:30:12 +01:00
Dan Brown
65899a3e91
Prevented settings being overfetched from db/cache
2017-02-05 18:57:57 +00:00
Dan Brown
076693efc9
Added facebook, slack & twitter sign in options.
...
Also added icon svg blade helper.
Closes #125 . Starts #213 .
Requires documentation.
2017-02-04 11:01:49 +00:00
Dan Brown
dabf149411
Added user setting system and added user-lang option
...
Supports #115
2017-01-15 16:27:24 +00:00
Dan Brown
0eb90cb3b6
Fixed carbon locale setting
2016-12-31 14:38:04 +00:00
olexus
f30f4579e9
Add Carbon localization support
2016-12-19 11:05:06 +03:00
Dan Brown
ec17bd8608
Improved Exception handling, Removed npm requirement for testing
2016-09-03 12:08:58 +01:00
Dan Brown
7b6c88f17c
Fixed error on image deletion
...
Also Added tests to cover image upload and deletion.
Fixes #136 .
2016-07-01 20:13:30 +01:00
Dan Brown
88049476fe
Change application namespace to BookStack
2015-09-10 19:31:09 +01:00
Dan Brown
ae95d0a239
Added permission system
2015-08-29 15:03:42 +01:00
Dan Brown
eaa1765c7a
Initial commit
2015-07-12 20:01:42 +01:00