TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-24 14:43:08 +03:00
Code Issues Projects Releases Wiki Activity
1,047 Commits 227 Branches 1,677 Tags 368 MiB
95f9fce3be
Commit Graph

1047 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Hannah Wolfe
95f9fce3be Swapping escape to sanitze 
issue #938

- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
 2013-10-09 19:13:16 +01:00
Tim Griesser
c9235ccb0b Escaping several fields to prevent XSS 
issue #938
- escapes post's title field
- escapes settings title, description, email
- escapes user's name field
- includes test for post title
 2013-10-09 19:13:13 +01:00
Hannah Wolfe
d169bba3f8 Updated to latest version of express-hbs 
issue #830
 2013-10-07 16:42:25 +01:00
Hannah Wolfe
c95d469eb3 Updated to latest version of express 
closes #875
 2013-10-07 14:31:57 +01:00
Hannah Wolfe
c0d5167f7d Merge pull request #948 from javorszky/0.3.2-wip 
Fixes config.example.js
 2013-10-05 12:16:32 -07:00
Gabor Javorszky
a37c7958b1 Fixes config.example.js 
Closes #945
 2013-09-30 15:06:54 +01:00
Hannah Wolfe
6bd62538af Merge branch '0.3.1-wip' 
Conflicts:
	core/server/controllers/admin.js
 2013-09-27 17:22:55 +01:00
Hannah Wolfe
0169b78f35 Updating to Latest Casper, more gist fixes 2013-09-27 17:21:06 +01:00
Hannah Wolfe
d866f0f31a Version bump for 0.3.1 bugfix release 2013-09-27 17:20:52 +01:00
Hannah Wolfe
a5bf8bf1e2 Removing reset button 
- noone needs this, and someone is bound to press it and then complain.
 2013-09-27 17:20:41 +01:00
Hannah Wolfe
4d6455e6d1 Updating to latest Casper, includes fix for gists 2013-09-27 14:17:32 +01:00
Hannah Wolfe
e86958fdb7 Further fix to image markdown 
issue #866 again
 2013-09-27 14:17:19 +01:00
Hannah Wolfe
d841e749f9 Adding extra class for url uploads 2013-09-27 13:34:39 +01:00
Hannah Wolfe
ee8d8102db Merge pull request #923 from ErisDS/0.3.1-wip-mysql 
0.3.1 wip mysql
 2013-09-27 05:04:45 -07:00
Hannah Wolfe
9ae1dc26db Merge pull request #914 from gotdibbs/Issue874 2013-09-27 13:03:42 +01:00
William Dibbern
ef8fed3159 Added comments to config for ports 
Fixes #874

- Added comments to clarify that you should set the port to
`process.env.PORT` when running ghost under iisnode.
 2013-09-27 12:57:33 +01:00
Hannah Wolfe
5c10f6608c Unit Test fixes for MySQL 
issue #858

- there is no guaranteed order to arrays, so sort before testing them
- tests run much faster, date comparisons fail
- settings tests are more explicit, otherwise they fail random validations
- dates must be inserted as date objects
 2013-09-27 12:52:31 +01:00
Hannah Wolfe
11296c0064 Merge pull request #920 from ErisDS/0.3.1-wip-markdown 
0.3.1 wip markdown
 2013-09-27 04:30:23 -07:00
Hannah Wolfe
d544b4aebb Custom destroy method for posts 
issue #858

- correctly handles detaching tags before deleting the post
 2013-09-27 11:56:20 +01:00
Hannah Wolfe
e6b779330f Correctly test for an empty Tag array 
issue #858

- fixes syntax errors in mysql
 2013-09-27 11:55:02 +01:00
Hannah Wolfe
71711c1fd2 Drop tables in correct order 
issue #858

- unit tests now run for MySQL
 2013-09-27 11:54:09 +01:00
Hannah Wolfe
50a16ceb76 Test Cleanup 2013-09-27 11:36:12 +01:00
Hannah Wolfe
e411ed6889 No autolinking inside of code blocks 
closes #865

- rejigged markdown to have some functionality before showdown runs, and other functionality before.
- autolinking now happens last, so it can be smarter
 2013-09-27 11:35:44 +01:00
Hannah Wolfe
8c6519fde7 Don't output image tag for empty source 
closes #866

 - ensures we don't end up creating any more empty image tags.
 2013-09-27 11:30:41 +01:00
John O'Nolan
9df4955bcb Fix tiny alignment issue on Ghost logo 2013-09-27 11:23:24 +02:00
John O'Nolan
8ce4d4b7c5 Fixed fucked up modal padding 2013-09-27 11:21:23 +02:00
Hannah Wolfe
6369eb20be Remove broken image from fixture 
issue #866

- this fixes the problem inside the fixture
 2013-09-27 09:18:02 +01:00
Hannah Wolfe
681aa71bf5 Merge pull request #848 from jamesbloomer/705-image-Upload-file-storage-amends-type 
Use file mime type to check server side if image upload is a valid file
 2013-09-26 15:18:04 -07:00
Hannah Wolfe
57d83fe560 Merge pull request #794 from sebgie/issue#570 
Add invalidate cache headers
 2013-09-26 15:17:24 -07:00
Hannah Wolfe
6605ce1c71 Merge pull request #908 from jgable/fixImporterDates 2013-09-26 23:16:08 +01:00
Jacob Gable
a9c0359f18 Add some unit tests for post saving 
- Confirm published_at for new posts
- Confirm slug generating on saving posts
 2013-09-26 23:15:43 +01:00
Hannah Wolfe
c976a094f6 Merge pull request #878 from jgable/configErrorMessages 2013-09-26 23:12:09 +01:00
Jacob Gable
088518936c Configuration validation in config-loader 
Added a couple sanity checks to the config during the loadConfig call.

- Check that the config exists for the current NODE_ENV
- Check that the config.url exists and is valid structure
- Check that the config.database exists
- Check that the config.server exists and has a port and host value
 2013-09-26 23:07:48 +01:00
Hannah Wolfe
18ca744c98 Merge pull request #913 from ErisDS/0.3.1-html-handling 
Treat markdown as text in editor
 2013-09-26 14:53:37 -07:00
Hannah Wolfe
3fec758e67 Merge branch 'sebgie-issue884' into 0.3.1-wip 2013-09-26 22:49:32 +01:00
Sebastian Gierlinger
59b57b84e0 Fix partials in themes 
closes #884
- changed init sequence of ghost and helpers
 2013-09-26 22:30:45 +02:00
Hannah Wolfe
0ef99ad393 Merge pull request #912 from cobbspur/saveposition 
fixes position of save button in image uploader
 2013-09-26 13:26:01 -07:00
Hannah Wolfe
e6b6c54386 Merge pull request #910 from cobbspur/height 
Increased visibility of trash can in image uploader for broken url
 2013-09-26 13:18:57 -07:00
Hannah Wolfe
fc881229f4 Treat markdown as text in editor 
closes #857

- markdown is inserted into codemirror with .text() not .html()
 2013-09-26 21:06:52 +01:00
cobbspur
3119fc5388 fixes position of save button in image uploader 
closes #911

- adds display block to save button centre class
 2013-09-26 20:15:48 +01:00
cobbspur
2a55595191 Increased visibility of trash can in image uploader for broken url 
closes #838

- adds a min height value to pre-image-uploader scss
 2013-09-26 18:33:09 +01:00
Hannah Wolfe
086d9677c0 Merge pull request #902 from sebgie/issue#871 2013-09-26 15:46:40 +01:00
Sebastian Gierlinger
3def65ee11 Fix for sendmail problem 
closes #871
- added solution from email
- tested on OSX
 2013-09-26 15:45:34 +01:00
Hannah Wolfe
4ad935e4f5 Merge pull request #900 from sebgie/issue#886 2013-09-26 15:40:14 +01:00
Sebastian Gierlinger
fa43ca79d3 Add content to RSS 
closes #886
- removed meta_description which is empty and would have crashed
- added content
- img src converted to absolute path
- a href converted to absolute path
 2013-09-26 15:37:25 +01:00
John O'Nolan
58873a9fc3 Stripped obsolete CSS3 prefixes 2013-09-26 15:26:00 +01:00
Hannah Wolfe
e9015fdb03 Merge pull request #852 from jamesbloomer/826-fix-image-upload-tests-on-windows 2013-09-26 15:23:13 +01:00
jamesbloomer
55048d6a20 Fix image upload tests on windows 
closes #826
- on windows the fs.exists call had windows style back slashes
- set up the test to cope with either (not the most elegant but works)
 2013-09-26 15:19:05 +01:00
Hannah Wolfe
3098e9577b Merge pull request #879 from JohnONolan/cleanup 2013-09-26 15:14:35 +01:00
John O'Nolan
d1957958e3 Cleanup indentation and quotes 
Aligns all requirements vertically for easier reading + adds single quote standard consistently throughout Ghost, except in long strings.
 2013-09-26 15:06:31 +01:00