closes#942
- insert custom middleware to check for blacklisted files
- redirect to express.static if file accepted
- if not valid return next() to do nothing
- currently black listing .hbs, .txt, .md and .json
- debatable which is best, black list or white list, either one will probably need tweaks but erred on side of letting
a theme serve unknown types
Closes#887
- Adds getSocket function > Returns the socket location if sockets are enabled or false
- Adds startGhost function > Callback for server.listen
closes#967, closes#987
- use slug instead of name (it's unique)
- get tags even if we aren't inside the post context
- add tag handling to body_class too
issue #938
- rather than using escape, use node-validatiors santize function which is designed for preventing xss vectors
- added listener for changes to both editor and settings page
- added more sanitization to the user model
- consistently use triple-braces when outputting blog post titles
issue #977
- As of the addition of when/monitor/console we now get errors about unhandled promises
- This fixes one which appeared when starting up without a DB
Fixes#362
- There is no need to set the viewport on functional tests anymore
unless something other
than the default of 1280x1024 is desired.
- There is no need to invoke `casper.run` to trigger `test.done`
anymore for functional tests.
- Each test works independently of the rest; registration is handled
once for the lifetime of the test run and then login/logout can be
invoked automatically as desired.
- Mocha tests all utilize predefined, more realistic fixtures when
appropriate.
- Renamed old api tests that were really model tests as appropraite.
- Added example api test for posts.
closes#937
- fixed bug where ![] is replaced with ![](http://) for image url
- added fileStorage setting to uploader
- added fileStorage helper (could become standard way of providing config data for frontend???)
- added data element to editor and settings
- if no config value is set fileStorage: true is default
Specified type='button' for the buttons in the form so they don't get
pseudo clicked on enter key in inputs. Added a keyup handler to check
for enter keys in the inputs and do the proper action based on where you
are in the form.