045c7c51d6
Security hardening: prevent stored XSS and render crashes
...
- MarkdownView: add rehype-sanitize between rehype-raw and rehype-katex
to strip scripts/event-handlers/javascript: URLs from user-authored
markdown (was stored XSS, also affected the public /pg/* route);
keep className on code/span/div so KaTeX and syntax highlighting
still work. Add rehype-sanitize ^6.0.0 to deps and lockfile.
- MarkdownContent / StandaloneMarkdownPage: parse markdown content via
parseMarkdownContent() instead of an unguarded JSON.parse, so a single
corrupt/legacy record no longer white-screens the whole page.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com >
2026-05-16 16:12:56 +01:00
c9310250e4
add: markdown deletion
2025-06-23 15:41:03 +01:00
a08164e914
add: route to stand along page
2025-06-23 12:18:26 +01:00
30a46d5064
add: markdown template to json schema
2025-05-12 09:59:23 +01:00
e5affe3465
improve: update css
2025-05-11 20:14:29 +01:00
101666d26d
upgrade react-query to v5
2025-05-09 00:44:53 +01:00
87b4246a9b
add: backend api auth by apikey/apikey gen/apikey revoke
2025-05-06 18:54:10 +01:00
1ce2eebbfa
improve: upgrade node to 20, upgrade react-query to v4
2025-04-27 00:36:42 +01:00
9ea44385ee
add: markdown permission setting
...
improve: template
2025-04-25 00:39:01 +01:00
c20cb168ff
fix: template defects
2025-04-18 02:16:17 +01:00
137ea649f8
fix: template defects
2025-04-17 21:44:45 +01:00
947b59e3ea
add: template editor
2025-04-14 17:02:22 +01:00
09338a2683
improve: add setting button to pathnode
2025-03-20 18:37:13 +00:00
dc0ff3b406
improve: change db schema for settings
2025-03-20 13:58:24 +00:00
2c330904e4
add: webhook
2025-03-17 13:54:53 +00:00
8abf54eade
fix: table boarder not shown in md
2025-03-05 18:29:13 +00:00
dd1ee9fd5c
add: load backup
2025-03-05 17:33:17 +00:00
2911f8722e
add: tree / search
2025-03-05 01:23:09 +00:00
39a69ca5b8
add: auto link feature
2025-01-17 16:33:39 +00:00
76b298ac8b
add: markdown search feature
2025-01-17 09:20:20 +00:00
3f4669f776
improve: minor change in main/side nav css
2025-01-16 18:00:44 +00:00
cdf9039049
add: provide backup archive feature
2025-01-16 14:05:19 +00:00
74326f60c3
add: toggle button for path
2025-01-16 09:52:04 +00:00
cfcf823e4c
improve: different color for path/md node
2025-01-09 14:19:31 +00:00
ed13196ef8
improve: support todo check list in md
2025-01-08 14:30:50 +00:00
2837edef31
improve: css for change order
2024-12-29 19:30:46 +00:00
75d083f11f
add: order paths & mds
2024-12-29 18:52:39 +00:00
34ab63d0bf
fix: latex in md creates scroll bar for root
2024-12-15 07:39:38 +00:00
a9d9b4e8f0
improve: fix README
2024-12-10 21:28:07 +00:00
76b64716c2
fix: home md not shown
2024-12-10 13:25:17 +00:00
d88fb34881
add: display home markdown
2024-12-09 21:15:04 +00:00
90897165db
add: add logo
2024-12-09 09:47:26 +00:00
379843404f
improve: adjust footer layout
2024-12-09 09:25:56 +00:00
ba2274c76e
Merge remote-tracking branch 'origin/master'
...
# Conflicts:
# tests/ConfigProvider.test.js
2024-12-09 08:53:31 +00:00
3f6461d17e
add: tests
2024-12-09 08:53:03 +00:00
931ade90a3
add: tests
2024-12-09 08:46:20 +00:00
d8da574833
fix: public path
2024-12-09 08:00:54 +00:00
ba69541a7b
improve: add production stage
2024-12-09 07:01:22 +00:00
0e6fd8409a
improve: use react-query for caching
2024-12-08 17:11:14 +00:00
a31cec7ef0
fix: edit function of markdown
2024-12-07 12:03:23 +00:00
7eaf37223c
fix: inconsistent style of path with/without index
2024-12-07 00:32:49 +00:00
20f205ba59
add: bind path to index markdown
2024-12-06 23:35:36 +00:00
a1473e51e7
improve: adjust layout of path node
2024-12-06 19:01:03 +00:00
df7ba4c490
fix: render of markdown preview
2024-12-06 17:22:42 +00:00
ccdded32a8
fix: path won't expend
2024-12-06 15:26:18 +00:00
ede31f85b5
Save Markdowns
2024-12-06 15:13:20 +00:00
6d96b658f0
kc token public key/token issue, path root set to 1
2024-12-06 10:04:03 +00:00
da1860a269
manage markdowns by path
2024-12-05 18:28:15 +00:00
788fd2f37a
upgrade to bulma style
2024-12-05 13:57:42 +00:00
8bae53d026
read configs from env
2024-12-05 13:39:08 +00:00
