Permalink
Commits on Apr 18, 2017
  1. Merge pull request #272 from bryant1410/master

    Fix broken headings in Markdown files
    richtera committed on GitHub Apr 18, 2017
Commits on Apr 17, 2017
Commits on Jan 7, 2015
Commits on Dec 19, 2014
  1. Fix #262

    Flash and redirect to user list when hitting an invalid user URL.
    richtera committed Dec 19, 2014
  2. Fix #262

    Redirect and flash an error for invalid user URL.
    richtera committed Dec 19, 2014
  3. Fix #&2f; problems.

    Try to cleanup damaged configurations.
    If you find #&2f; inside of a config file on disk it can't fix that automatically right now, but using MONGO_URI will.
    Remove html entities escape for text fields which causes major problems with all configurtation values.
    richtera committed Dec 19, 2014
Commits on Dec 16, 2014
Commits on Jun 4, 2014
  1. Merge pull request #261 from Mickael-van-der-Beek/master

    Should resolve some of the security issues. Will check this out.
    richtera committed Jun 4, 2014
Commits on Jun 2, 2014
  1. Removed debugging console.logs.

    Mickael van der Beek committed Jun 2, 2014
  2. Should resolve the issues related to the <a> links created by pull re…

    …quest : cliftonc/calipso/pull#261. Changes:
    
    (1) - Dirty hack inside the link template rendering method that URI encodes parameters
    (2) - Replacing every mention of a verbose field (username, author, ...etc.) by it's URI-encoded copy
    (3) - Replacing every concatenation of variables to create URIs for HTTP redirects (res.redirect()) by their URI-encoded version
    
    Together (1), (2) and (3) solve the issue raised in pull request #261 where <a> links were broken.
    A quicker and cleaner way to fix this issue would be to create two hooks one as a middleware / prototype of Express.js's res.redirect() where the URI is encoded. The other hook would be called when creating <a> links when rendering templates so that every href is URI encoded.
    Mickael van der Beek committed Jun 2, 2014
  3. Should resolve cliftonc/calipso#259 by:

    (1) - Escaping HTML entities using the OWASP best practices
    (2) - Sanitize HTML and/or JavaScript content using the Google Caja library
    
    * Escaping (1) is used on form fields of type text
    * Sanitizing (2) is used on form field of type textarea
    
    Here are links to the source code of the imported Google Caja files (no NPM module available):
    https://code.google.com/p/google-caja/source/browse/trunk/src/com/google/caja/plugin/uri.js
    https://code.google.com/p/google-caja/source/browse/trunk/src/com/google/caja/plugin/html-sanitizer.js
    https://google-caja.googlecode.com/svn-history/r1950/trunk/src/com/google/caja/plugin/html4-defs.js
    
    These files were very slightly modified by removing additions of the modules to the window namespace since the context is Node.js and not the browser.
    The module were also exported so as to make them available through require()'s..
    
    This commit creates an issue itself though by breaking <a> links.
    The follow-up commit / pull-request will address this issue.
    Mickael van der Beek committed Jun 2, 2014
Commits on May 12, 2014
  1. Bump Version

    richtera committed Dec 7, 2013
Commits on Feb 25, 2014
  1. Merge pull request #256 from ammit/master

    Small typo in flash error message
    richtera committed Feb 25, 2014
Commits on Feb 24, 2014
  1. typo in flash error message

    ammit committed Feb 24, 2014
Commits on Dec 7, 2013
  1. Merge pull request #252 from aielo/master

    Portuguese (Brazil) translation
    richtera committed Dec 7, 2013
Commits on Nov 23, 2013
  1. Bump version.

    richtera committed Nov 23, 2013
  2. Merge pull request #250 from eniac111/master

    I just added a bulgarian translation :)
    richtera committed Nov 23, 2013
  3. Merge pull request #248 from patprzybilla/master

    making if condition consistant as per PR #247
    richtera committed Nov 23, 2013
Commits on Nov 5, 2013
  1. Added bulgarian translation

    eniac111 committed Nov 5, 2013
Commits on Oct 9, 2013
  1. Bump Version

    richtera committed Oct 9, 2013
  2. Merge pull request #247 from patprzybilla/master

    #246 fix TypeError: Cannot read property 'length' of undefined
    richtera committed Oct 9, 2013
Commits on Oct 8, 2013
  1. #246 fix TypeError: Cannot read property 'length' of undefined when t…

    …rying to add custom fields to content type
    patprzybilla committed Oct 8, 2013
Commits on Oct 5, 2013
  1. test(app): debug messages for app.stack building

    Log app.stack content in debug mode.
    laurelnaiad committed with richtera Oct 4, 2013
  2. fix(admin module): no crash on empty theme

    If a theme does not have a JSON file or it is not readable to the
    point where it has a type, then do not fail the admin module.
    laurelnaiad committed with richtera Oct 3, 2013
Commits on Oct 3, 2013
  1. test(core/lib/Theme.js): test for schema-valid theme.json

    Initial support for validating a theme.json file.  Uses node package "jsonschema" to define a schema for theme.json and test validity of instances.  Report failures as hard errors.
    laurelnaiad committed Oct 3, 2013
Commits on Sep 28, 2013
  1. Bump Version

    richtera committed Sep 28, 2013
  2. feat(lib/core/Logging.js): log to console during bootstrap

    When the logging library is loaded, initially configure loggging
    to the console so that the boostrap process can provide information.
    laurelnaiad committed with richtera Sep 28, 2013
  3. Bump Version

    richtera committed Sep 28, 2013
  4. fix(app.js): parse node.env.PORT

    Parse node.env.PORT as an integer so that succeeds comparison with
    port in use and is not logged as an error.
    laurelnaiad committed with richtera Sep 28, 2013
  5. feat(lib/core/Storage.js): log during checkInstalling

    Log connection errors during checkInstalling.
    laurelnaiad committed Sep 28, 2013