* feat: Add POST method option to redirectOnClient helper
* Applied automatic fixes
* fix: Add missing closing HTML tag in redirectOnClient GET method
* fix: Use lodash escape for form field values to prevent XSS
* Applied automatic fixes
* fix: Add missing lodash/escape import
* Applied automatic fixes
* fix: Escape all URLs in redirectOnClient function
* Update index.ts
* fix: CSP
* Refactor CSP middleware
* docs, only use for email signin
---------
Co-authored-by: codegen-sh[bot] <131295404+codegen-sh[bot]@users.noreply.github.com>
Co-authored-by: Tom Moor <tom@getoutline.com>
This PR contains the necessary work to make Outline an OAuth provider including:
- OAuth app registration
- OAuth app management
- Private / public apps (Public in cloud only)
- Full OAuth 2.0 spec compatible authentication flow
- Granular scopes
- User token management screen in settings
- Associated API endpoints for programatic access
* GA integration settings
* trackingId -> measurementId
Hook up script
* Public page GA tracking
Correct layout of settings
* Remove multiple codepaths for loading GA measurementID, add missing db index
* Remove unneccessary changes, tsc
* test
* stash
* wip
* cleanup
* Remove collaborativeEditing toggle, it will always be on in next release.
Flip separateEdit -> seamlessEdit
* Clarify language, hide toggle when collaborative editing is disabled
* Flip boolean to match, easier to reason about
This PR moves the entire project to Typescript. Due to the ~1000 ignores this will lead to a messy codebase for a while, but the churn is worth it – all of those ignore comments are places that were never type-safe previously.
closes#1282
Hemachandar