Now using the `escape-html` module so that we can decode
the realm description properly and escape the html at the
same time. The encodeURIComponent function doesn't
provide this kind of flexibility. We need to decode the
real description properly since we show the same in the
tooltip and setting page.
* dependencies: Upgrade rc to the depth of 5.
This updates rc dependecies, to fix a vulnerability
deep-extend - Prototype Pollution
Refs: https://nodesecurity.io/advisories/612
* dependencies: Upgrade stringstream to the depth of 6.
This solves, 5 vulnerabilities which were using the vulnerable
version of stringstream.
stringstream - Out-of-bounds Read
Refs: https://nodesecurity.io/advisories/664
* gulp: Upgrade gulp to v4.0.0.
This solves, 5 vulnerabilities.
minimatch - Regular Expression Denial of Service
https://nodesecurity.io/advisories/118
lodash - Prototype Pollution
https://nodesecurity.io/advisories/577
* dependencies: Update request to the depth of 6.
This solves 5 vulnerabilities.
stringstream - Out-of-bounds Read
https://nodesecurity.io/advisories/664
This commit fixes a security bug which was caused by
using innerHTML and not doing proper HTML escaping.
Ideally, we should be doing proper HTML escaping for
any data we get from the server to avoid XSS attack.
We already handle realm icon and url very well, the
realm description was not handled previously but this commit
now fixes this in a right way.
This PR changes the current implementation of the loading indicator by attaching
the indicator to the right dom element, so that it doesn't show up once a server
is loaded.
Fixes: #482.
This adds the do not disturb button to the left sidebar
which disables sound and notifications. It also disables
flash taskbar on windows.
Fixes: #298.
This commit download file attachments using downloadURL method of
webContent, the same way loadURL opens internal links. This
removes the use of hidden webview added in
f70432f4e3.
Improves: #469.
It turns out if you add/remove an org the hidden webview get deleted
since its in #webview-container where other sidebar webviews like which
get removed and readded through that process.
Improves: #469.
* This will make sure that the current server webview will not
reload due to URL change.
* Add an option to allow users to download the file attachments.
Improves: #469.
Changing the behaviour of opening the attachments in the
default browser to the app. This commit enables users to
download the attachments. If the attachment type is image
then we open the same in the app though users need to
click on the go-back button.
To-do - Open the image link in a lightbox.
Improves: #469.
Fixes:
* Move "Disconnect" button to be at the far right.
* Ellipsis text-overflow for server-url.
* Show server url as title tooltip on hover.
* Remove settings-card's right transition on hover.
Improves: #456.
Minor fixes -
* Update link to create a new organization.
* Update placeholder text for demo zulip server.
* Remove border from connect button.
* Add overflow for smaller window.
* Fix a typo in background color.
* Use buttons for server actions.
* Make new server page responsive.
* Focus buttons on tab.
* Update styling of button.
* Make add new server page responsive.
Fixes: #457.
This PR updates the connected organization page.
Changes -
* All the server details are now inline.
* Change "Delete" to "Disconnect".
* Club org logo and name together on the right, and URL and "Disconnect" to the left.
* Link to organization logo on the server tab.
Improves #340.
This fixes an issue which was caused by saving the last active tab
before a functional tab activates. The bug was introduced in f409bb0449.
It was unnoticed from v1.5.0 to the latest v1.8.2.
The bug causes a serious issue where the app can't change the app settings and all settings were
getting overridden when a user switches back to setting page.
Fixes#448.
Changes -
* New setting nav item for connected organizations.
* All new page for adding a new server.
* Minor UI changes in setting page.
* Update default height, width of the main window.
* Fix webview showing outline.
* Hide Server nav item in setting page.
Fixes#340.
