Notes

mirror of https://github.com/TriliumNext/Notes.git synced 2025-08-10 02:02:29 +08:00

Author	SHA1	Message	Date
Panagiotis Papadopoulos	13a1b42e12	refactor(server/utils): isElectron - replace fn with boolean this values cannot change during runtime, => there is no need to have these checks as dynamic function, instead just export the boolean value directly	2025-01-29 22:40:42 +02:00
Panagiotis Papadopoulos	ec19ccd7a7	fix(csrf): stop leaking the CSRF token in the server logs As per OWASP: "A CSRF token must not be leaked in the server logs or in the URL.", see: https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#transmissing-csrf-tokens-in-synchronized-patterns	2025-01-16 21:16:33 +01:00
Panagiotis Papadopoulos	139bf3dcdf	fix(csrf): use generateCsrfToken with more "user friendly" settings fixes the case, where existing TriliumNext users, will get a "Invalid CSRF Token" Message, when they have an older _csrf token in their cookies from a previous installation/visit. the settings now will handle these cases in the background automatically. also fixes #950	2025-01-16 20:14:23 +01:00
Elian Doran	c8c501d717	Merge branch 'develop' into refactor_replace-csurf	2025-01-14 20:32:52 +02:00
Elian Doran	1807b2b031	chore(types): missing import type for JS imports	2025-01-13 23:18:10 +02:00
Panagiotis Papadopoulos	c36085e580	chore: fix TS warning by type narrowing `req.csrfToken` might be undefined according to `csrf-csrf` provided types, so use type narrowing to make sure it exists, before calling it	2025-01-12 10:22:05 +01:00
Elian Doran	324696bc54	refactor(ts): enable verbatim module syntax	2025-01-09 18:36:24 +02:00
Elian Doran	4cbb529fd4	chore(prettier): fix all files	2025-01-09 18:07:02 +02:00
Panagiotis Papadopoulos	14358d1ec0	refactor(views): use ejs partial for injecting window.glob	2025-01-08 09:15:16 +01:00
Adorian Doran	8c17be8953	client: rename the "System" theme to "Auto"	2024-12-16 22:16:26 +02:00
Adorian Doran	aba2813682	client: add the "System" theme	2024-12-16 22:09:26 +02:00
Adorian Doran	3390a2a968	client: add color scheme-related variations of the Next theme	2024-12-16 21:13:29 +02:00
Elian Doran	b2b41edd61	feat(theme): allow using next as base theme	2024-12-14 02:30:23 +02:00
Elian Doran	c39e8be29a	feat(server): set up option to toggle background effects	2024-12-09 21:57:54 +02:00
Elian Doran	f4efefe480	feat(mica): add back toggleable	2024-12-09 21:54:11 +02:00
Elian Doran	8e65139c0f	feat(safe): don't load themes if safe mode is active	2024-12-09 10:08:31 +02:00
Elian Doran	aefd139592	feat(next): improve left margin to allow moving	2024-12-05 20:34:55 +02:00
Elian Doran	7cb5ef2266	feat(style): pass whether electron to CSS	2024-12-04 22:57:03 +02:00
Elian Doran	e9cf310657	feat(style): pass platform to CSS	2024-12-04 22:55:07 +02:00
Elian Doran	8135fa09c3	feat(native-buttons): differentiate background based on layout	2024-12-01 21:06:01 +02:00
Elian Doran	7cb9671fe3	feat(theme): start implementing a theme for TriliumNext	2024-11-22 20:12:09 +02:00
Elian Doran	2260dcefe5	client,server: Enforce min value of max content width (closes #593 )	2024-11-15 22:29:59 +02:00
Elian Doran	07fb8c072d	server: Fix CSRF on mobile reload (closes #318 )	2024-08-14 18:59:02 +03:00
Elian Doran	6006d01f8b	electron: Fix JSON imports	2024-07-24 20:52:46 +03:00
Elian Doran	6c8e9f69b0	server-esm: Fix import of package.json	2024-07-18 21:53:50 +03:00
Elian Doran	55eecb0f61	server-esm: Change export object to export default object	2024-07-18 21:42:44 +03:00
Elian Doran	35d11cc0d2	server-esm: Change simple local import statements	2024-07-18 21:35:17 +03:00
Elian Doran	10c21d3403	server-ts: Convert routes/index	2024-04-07 14:36:47 +03:00

28 Commits