TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-11-24 06:35:49 +03:00
Code Issues Projects Releases Wiki Activity
1,108 Commits 227 Branches 1,677 Tags 368 MiB
dc1cf3b509
Commit Graph

1108 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ryan Powell
dc1cf3b509 changes to support URI's without a scheme in config.js. 
also removed "http:" from google fonts link to prevent a mixed content warning.
 2013-10-14 10:42:08 -04:00
Hannah Wolfe
8ab4552ca0 Merge pull request #1011 from buddhamagnet/amend-readmes 
Added full stops to READMEs
 2013-10-14 06:41:12 -07:00
buddhamagnet
ec00b71b09 added full stops to READMEs 2013-10-14 13:56:09 +01:00
Hannah Wolfe
c76a2410aa Merge pull request #1010 from moritzh/master 
Update README.md
 2013-10-14 05:28:55 -07:00
moritz haarmann
10fa96a3d1 Update README.md 
Small typo in Readme fixed
 2013-10-14 14:24:33 +02:00
Hannah Wolfe
119b0ea430 Merge branch '0.3.2-wip' 
Conflicts:
	core/client/assets/lib/uploader.js
 2013-10-11 20:56:15 +01:00
Hannah Wolfe
b4e04b3650 Fix for image uploads 
- express 3.4.0 uses connect 2.9.0 which had a sizable change to how multipart woks
- this change resulting in req.files.uploadimage.type going away
 2013-10-11 20:26:09 +01:00
Hannah Wolfe
b544ee7ed6 Revert "Updated to latest version of express-hbs" 
This reverts commit d169bba3f8.

Conflicts:
	package.json
 2013-10-11 20:14:58 +01:00
Hannah Wolfe
f30e356e7c Revert "Updated to latest version of express" 
This reverts commit c95d469eb3.

Conflicts:
	package.json
 2013-10-11 20:13:44 +01:00
Hannah Wolfe
b4d5918fac Version bump for 0.3.2 
- added optional mysql dependency
- removed .afignore
- updates to .gitignore to ignore any additional themes or plugins
 2013-10-11 18:21:14 +01:00
Hannah Wolfe
d47b19b491 Added grunt release task 
closes #941

Conflicts:
	Gruntfile.js
 2013-10-11 18:19:03 +01:00
Hannah Wolfe
4c89422b0d Added SECURITY.md file 
closes #989
 2013-10-11 18:17:37 +01:00
Hannah Wolfe
e613d88167 Merge pull request #997 from cobbspur/uploadrefactor 2013-10-11 18:15:45 +01:00
cobbspur
c52a10cd1a fixed image upload url synchronicity and url removed on cancel 
closes #988, closes #956, closes #975

- fixed multiple ids and refactored triggers
- persistence requirement overridden
- trash can now removes url in editor
- if empty url is saved http:// is inserted and dropzone initialized

Conflicts:
	core/client/assets/lib/uploader.js
 2013-10-11 18:15:17 +01:00
Hannah Wolfe
0bb5e8702a Merge pull request #980 from jamesbloomer/lockdown-assets-rebase 2013-10-11 18:06:11 +01:00
jamesbloomer
9d114c7fa6 Lock down theme static directory to not serve templates, markdown and text files. 
closes #942
- insert custom middleware to check for blacklisted files
- redirect to express.static if file accepted
- if not valid return next() to do nothing
- currently black listing .hbs, .txt, .md and .json
- debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting
a theme serve unknown types
 2013-10-11 18:05:31 +01:00
Hannah Wolfe
6db7e6d96e Merge pull request #1000 from sebgie/issue#872 2013-10-11 13:19:12 +01:00
Sebastian Gierlinger
b040ea3365 Change from address 
closes #872
- changed from address to use config.mail.fromaddress
- changed from address to default to settings.email
 2013-10-11 12:49:33 +01:00
Hannah Wolfe
c732cd2ccb Adding xss unit test 
issue #938
 2013-10-10 16:43:25 +01:00
Hannah Wolfe
9466a9753b Merge branch '0.3.2-wip' 
Conflicts:
	core/test/unit/api_posts_spec.js
 2013-10-10 16:37:35 +01:00
Hannah Wolfe
a37d487ffd Merge pull request #992 from pmgarman/spacelys-sprockets-n-sockets 2013-10-10 16:19:42 +01:00
Hannah Wolfe
31e2737cfd Update config validation to allow for socket only 
issue #887
 2013-10-10 16:13:02 +01:00
Patrick Garman
97f592aa41 Allow Ghost to run using sockets 
Closes #887
- Adds getSocket function > Returns the socket location if sockets are enabled or false
- Adds startGhost function > Callback for server.listen
 2013-10-10 16:12:28 +01:00
Hannah Wolfe
03ee256da6 Merge pull request #922 from matthojo/SASS-Compress 2013-10-10 15:40:27 +01:00
Matthew Harrison-Jones
5daa46276c SCSS is now compressed on build 2013-10-10 15:27:07 +01:00
Hannah Wolfe
54f8a04779 Merge pull request #996 from ErisDS/0.3.2-tagfixes 
Improving tag handling in post_class and body_class
 2013-10-10 07:05:15 -07:00
Hannah Wolfe
7b28056849 Merge pull request #995 from ErisDS/xss 
XSS
 2013-10-10 07:04:50 -07:00
Hannah Wolfe
e31622aa3b Merge pull request #998 from sebgie/config-file-path 
Fix filepaths for config
 2013-10-10 07:03:05 -07:00
Sebastian Gierlinger
6ff17c78a2 Fix filepaths for config and upload 
no issue
- added appRoot to config-loader.js
- modified uploader to use correct path
- modified tests
 2013-10-10 12:44:31 +02:00
Hannah Wolfe
f1317b84af Improving tag handling in post_class and body_class 
closes #967, closes #987

- use slug instead of name (it's unique)
- get tags even if we aren't inside the post context
- add tag handling to body_class too
 2013-10-09 19:51:55 +01:00
Hannah Wolfe
f5d617d8d4 Merge pull request #925 from matthojo/New-line 
Added new paragraph keyboard shortcut
 2013-10-09 11:32:43 -07:00
Hannah Wolfe
14ac437763 Updating to latest Casper 
- triple braces for post titles everywhere
 2013-10-09 19:29:38 +01:00
Hannah Wolfe
95f9fce3be Swapping escape to sanitze 
issue #938

- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
 2013-10-09 19:13:16 +01:00
Tim Griesser
c9235ccb0b Escaping several fields to prevent XSS 
issue #938
- escapes post's title field
- escapes settings title, description, email
- escapes user's name field
- includes test for post title
 2013-10-09 19:13:13 +01:00
Hannah Wolfe
59d69f273e Merge pull request #984 from matthojo/Loading-Bar 
Loading bar
 2013-10-09 09:32:13 -07:00
Hannah Wolfe
b5c5d531d1 Fix for unhandled promise on fresh db startup 
issue #977

- As of the addition of when/monitor/console we now get errors about unhandled promises
- This fixes one which appeared when starting up without a DB
 2013-10-09 16:58:50 +01:00
Matthew Harrison-Jones
58417c2a8d Added in functionality for a working loading bar 2013-10-08 16:39:07 +01:00
Matthew Harrison-Jones
fdf5e3d69e Revert "loading bar implementation" 
This reverts commit de6b8ee9b3 and 16742bcaef
 2013-10-08 14:12:46 +01:00
Hannah Wolfe
53dc1b4466 Merge pull request #983 from gotdibbs/Issue362 
Refactored tests
 2013-10-08 03:04:15 -07:00
William Dibbern
8ef27f0590 Refactored tests 
Fixes #362

- There is no need to set the viewport on functional tests anymore
unless something other
than the default of 1280x1024 is desired.
- There is no need to invoke `casper.run` to trigger `test.done`
anymore for functional tests.
- Each test works independently of the rest; registration is handled
once for the lifetime of the test run and then login/logout can be
invoked automatically as desired.
- Mocha tests all utilize predefined, more realistic fixtures when
appropriate.
- Renamed old api tests that were really model tests as appropraite.
- Added example api test for posts.
 2013-10-07 21:05:25 -05:00
Hannah Wolfe
d169bba3f8 Updated to latest version of express-hbs 
issue #830
 2013-10-07 16:42:25 +01:00
Hannah Wolfe
d58e379c83 Merge pull request #977 from tgriesser/debugging 
Adding when/monitor/console
 2013-10-07 06:39:09 -07:00
Hannah Wolfe
c95d469eb3 Updated to latest version of express 
closes #875
 2013-10-07 14:31:57 +01:00
Tim Griesser
ccd7b211f2 adding when/monitor/console 2013-10-07 09:28:53 -04:00
Hannah Wolfe
00bf88472a Merge branch '0.3.2-wip' 2013-10-06 20:33:53 +01:00
Hannah Wolfe
cd929f19b3 Merge pull request #954 from jgable/fixChangePasswordEnter 
Fix pressing enter key on user settings
 2013-10-05 12:25:26 -07:00
Hannah Wolfe
c0d5167f7d Merge pull request #948 from javorszky/0.3.2-wip 
Fixes config.example.js
 2013-10-05 12:16:32 -07:00
John O'Nolan
34762ce1be Move webfonts to // rather than http:// 
https://en.ghost.org/forum/bugs-suggestions/475-suggestion-remove-system-dependence-on-google-web-fonts
 2013-10-04 09:48:51 +02:00
Hannah Wolfe
4bc8db57cc Merge pull request #918 from gotdibbs/Issue877 
Fix a couple of issues when there are no posts
 2013-10-03 07:40:11 -07:00
Hannah Wolfe
ba0b6982a4 Trailing slashes for cache invalidation headers 
issue #963
 2013-10-02 16:14:35 +01:00