1. 17 Nov, 2017 1 commit
  2. 16 Nov, 2017 1 commit
  3. 11 Oct, 2017 1 commit
  4. 03 Oct, 2017 1 commit
  5. 05 Jul, 2017 1 commit
  6. 07 Jun, 2017 1 commit
  7. 04 May, 2017 1 commit
    • Rares Sfirlogea's avatar
      Display slash commands outcome when previewing Markdown · 45e4c665
      Rares Sfirlogea authored
      Remove slash commands from Markdown preview and display their outcome next to
      the text field.
      Introduce new "explanation" block to our slash commands DSL.
      Introduce optional "parse_params" block to slash commands DSL that allows to
      process a parameter before it is passed to "explanation" or "command" blocks.
      Pass path for previewing Markdown as "data" attribute instead of setting
      a variable on "window".
      45e4c665
  8. 26 Apr, 2017 1 commit
  9. 26 Mar, 2017 1 commit
  10. 20 Mar, 2017 1 commit
  11. 13 Mar, 2017 1 commit
  12. 08 Mar, 2017 1 commit
  13. 14 Feb, 2017 1 commit
  14. 07 Feb, 2017 1 commit
  15. 31 Dec, 2016 2 commits
  16. 30 Nov, 2016 1 commit
  17. 11 Aug, 2016 1 commit
  18. 01 Jul, 2016 1 commit
  19. 16 Jun, 2016 2 commits
  20. 14 Jun, 2016 1 commit
    • Sean McGivern's avatar
      Forbid scripting for wiki files · 1cda245c
      Sean McGivern authored
      Wiki files (not pages - files in the repo) are just sent to the browser
      with whatever content-type the mime_types gem assigns to them based on
      their extension. As this is from the same domain as the GitLab
      application, this is an XSS vulnerability.
      
      Set a CSP forbidding all sources for scripting, CSS, XHR, etc. on these
      files.
      1cda245c
  21. 09 Jun, 2016 1 commit
    • Timothy Andrew's avatar
      Hook up the updated `WikiLinkFilter` to the wiki controllers. · e6b1d166
      Timothy Andrew authored
      - Need to pass in a `page_slug` to the filter, so it can rewrite based
        on the current page (all links are rewritten to the level of the app root).
      - The earlier `markdown_preview` endpoint was at the level of the wiki.
        We need to know the current page (for rewriting, as above), so this
        commit moves the endpoint to the level of a wiki page.
      - Fix all tests
      e6b1d166
  22. 03 Jun, 2016 2 commits
  23. 26 May, 2016 1 commit
    • Yorick Peterse's avatar
      Split Markdown rendering & reference gathering · 86166d28
      Yorick Peterse authored
      This splits the Markdown rendering and reference extraction phases into
      two distinct code bases. The reference extraction phase no longer relies
      on the html-pipeline Gem (and any related code) and allows for
      extracting of references from multiple HTML nodes in a single pass. This
      means that if you want to extract user references from 200 comments you
      no longer need to run 200 times N number of queries, instead only a
      handful of queries may be needed.
      86166d28
  24. 29 Apr, 2016 1 commit
  25. 20 Apr, 2016 3 commits
  26. 30 Mar, 2016 1 commit
  27. 19 Mar, 2016 1 commit
  28. 03 Oct, 2015 1 commit
  29. 09 Sep, 2015 1 commit
  30. 02 Sep, 2015 1 commit
  31. 26 Aug, 2015 1 commit
  32. 26 Jun, 2015 2 commits
  33. 20 Apr, 2015 1 commit
  34. 07 Apr, 2015 1 commit