瀏覽代碼

Merge remote-tracking branch 'origin/dev' into dev

Vanessa 1 年之前
父節點
當前提交
563a9c65a2
共有 7 個文件被更改,包括 28 次插入12 次删除
  1. 11 2
      README.md
  2. 11 2
      README_zh_CN.md
  3. 0 0
      app/stage/protyle/js/lute/lute.min.js
  4. 1 1
      kernel/go.mod
  5. 2 2
      kernel/go.sum
  6. 1 3
      kernel/model/search.go
  7. 2 2
      kernel/model/session.go

+ 11 - 2
README.md

@@ -130,12 +130,21 @@ The entry point is set when building the Docker image: `ENTRYPOINT ["/opt/siyuan
 
 * `--workspace` specifies the workspace folder path, mounted to the container via `-v` on the host
 
-More parameters can refer to `--help`. The following is an example of a startup command: `docker run -v workspace_dir_host:workspace_dir_container -p 6806:6806 b3log/siyuan --workspace=workspace_dir_container`
+More parameters can refer to `--help`. The following is an example of a startup command:
+
+```
+docker run -v workspace_dir_host:workspace_dir_container -p 6806:6806 b3log/siyuan --workspace=workspace_dir_container --accessAuthCode=xxx
+```
 
 * `workspace_dir_host`: the workspace folder path on the host
 * `workspace_dir_container`: The path of the workspace folder in the container, which is the same as specified in `--workspace`
+* `accessAuthCode`: Access authorization code, please **be sure to modify**, otherwise anyone can read and write your data
+
+To simplify, it is recommended to configure the workspace folder path to be consistent on the host and container, such as: `workspace_dir_host` and `workspace_dir_container` are configured as `/siyuan/workspace`, the corresponding startup commands is:
 
-To simplify, it is recommended to configure the workspace folder path to be consistent on the host and container, such as: `workspace_dir_host` and `workspace_dir_container` are configured as `/siyuan/workspace`, the corresponding startup commands is: `docker run -v /siyuan/workspace:/siyuan/workspace -p 6806:6806 -u 1000:1000 b3log/siyuan --workspace=/siyuan/workspace/`.
+```
+docker run -v /siyuan/workspace:/siyuan/workspace -p 6806:6806 -u 1000:1000 b3log/siyuan --workspace=/siyuan/workspace/ --accessAuthCode=xxx
+```
 
 #### User permissions
 

+ 11 - 2
README_zh_CN.md

@@ -133,12 +133,21 @@
 
 * `--workspace` 指定工作空间文件夹路径,在宿主机上通过 `-v` 挂载到容器中
 
-更多的参数可参考 `--help`。下面是一条启动命令示例:`docker run -v workspace_dir_host:workspace_dir_container -p 6806:6806 b3log/siyuan --workspace=workspace_dir_container`
+更多的参数可参考 `--help`。下面是一条启动命令示例:
+
+```
+docker run -v workspace_dir_host:workspace_dir_container -p 6806:6806 b3log/siyuan --workspace=workspace_dir_container --accessAuthCode=xxx
+```
 
 * `workspace_dir_host`:宿主机上的工作空间文件夹路径
 * `workspace_dir_container`:容器内工作空间文件夹路径,和后面 `--workspace` 指定成一样的
+* `accessAuthCode`:访问授权码,请**务必修改**,否则任何人都可以读写你的数据
+
+为了简化,建议将 workspace 文件夹路径在宿主机和容器上配置为一致的,比如将 `workspace_dir_host` 和 `workspace_dir_container` 都配置为 `/siyuan/workspace`,对应的启动命令示例:
 
-为了简化,建议将 workspace 文件夹路径在宿主机和容器上配置为一致的,比如将 `workspace_dir_host` 和 `workspace_dir_container` 都配置为 `/siyuan/workspace`,对应的启动命令示例:`docker run -v /siyuan/workspace:/siyuan/workspace -p 6806:6806 -u 1000:1000 b3log/siyuan --workspace=/siyuan/workspace/`。
+```
+docker run -v /siyuan/workspace:/siyuan/workspace -p 6806:6806 -u 1000:1000 b3log/siyuan --workspace=/siyuan/workspace/ --accessAuthCode=xxx
+```
 
 #### 用户权限
 

File diff suppressed because it is too large
+ 0 - 0
app/stage/protyle/js/lute/lute.min.js


+ 1 - 1
kernel/go.mod

@@ -8,7 +8,7 @@ require (
 	github.com/88250/css v0.1.2
 	github.com/88250/epub v0.0.0-20230830085737-c19055cd1f48
 	github.com/88250/gulu v1.2.3-0.20230615033005-b519d6875346
-	github.com/88250/lute v1.7.6-0.20230828091650-fcb96f789c8f
+	github.com/88250/lute v1.7.6-0.20230920021453-4af6ebb5b2f6
 	github.com/88250/pdfcpu v0.3.14-0.20230401044135-c7369a99720c
 	github.com/88250/vitess-sqlparser v0.0.0-20210205111146-56a2ded2aba1
 	github.com/ClarkThan/ahocorasick v0.0.0-20230727142813-c94579738c5b

+ 2 - 2
kernel/go.sum

@@ -61,8 +61,8 @@ github.com/88250/go-sqlite3 v1.14.13-0.20220714142610-fbbda1ee84f5 h1:8HdZozCsXS
 github.com/88250/go-sqlite3 v1.14.13-0.20220714142610-fbbda1ee84f5/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
 github.com/88250/gulu v1.2.3-0.20230615033005-b519d6875346 h1:U0wZN6zuf+vUhzdHC6DbZE/bY5FUt3FuCwn/KgObV44=
 github.com/88250/gulu v1.2.3-0.20230615033005-b519d6875346/go.mod h1:pTWnjt+6qUqNnP9xltswsJxgCBVu3C7eW09u48LWX0k=
-github.com/88250/lute v1.7.6-0.20230828091650-fcb96f789c8f h1:6ssvC8OfwGRDE3KFo0EKXccw2MLMZ+b6WanCBiA/mnE=
-github.com/88250/lute v1.7.6-0.20230828091650-fcb96f789c8f/go.mod h1:+wUqx/1kdFDbWtxn9LYJlaCOAeol2pjSO6w+WJTVQsg=
+github.com/88250/lute v1.7.6-0.20230920021453-4af6ebb5b2f6 h1:R6iDuvYvoe38tz04KV0lGZiK5NxFOPrZ1S/QhhaJxKM=
+github.com/88250/lute v1.7.6-0.20230920021453-4af6ebb5b2f6/go.mod h1:+wUqx/1kdFDbWtxn9LYJlaCOAeol2pjSO6w+WJTVQsg=
 github.com/88250/pdfcpu v0.3.14-0.20230401044135-c7369a99720c h1:Dl/8S9iLyPMTElnWIBxmjaLiWrkI5P4a21ivwAn5pU0=
 github.com/88250/pdfcpu v0.3.14-0.20230401044135-c7369a99720c/go.mod h1:S5YT38L/GCjVjmB4PB84PymA1qfopjEhfhTNQilLpv4=
 github.com/88250/vitess-sqlparser v0.0.0-20210205111146-56a2ded2aba1 h1:48T899JQDwyyRu9yXHePYlPdHtpJfrJEUGBMH3SMBWY=

+ 1 - 3
kernel/model/search.go

@@ -215,9 +215,7 @@ func FindReplace(keyword, replacement string, ids []string, paths, boxes []strin
 		return
 	}
 
-	keyword = strings.TrimSpace(keyword)
-	replacement = strings.TrimSpace(replacement)
-
+	// No longer trim spaces for the keyword and replacement https://github.com/siyuan-note/siyuan/issues/9229
 	if keyword == replacement {
 		return
 	}

+ 2 - 2
kernel/model/session.go

@@ -165,7 +165,7 @@ func CheckAuth(c *gin.Context) {
 			u, parseErr := url.Parse(origin)
 			if nil != parseErr {
 				logging.LogWarnf("parse origin [%s] failed: %s", origin, parseErr)
-				c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed"})
+				c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed: parse req header [Origin] failed"})
 				c.Abort()
 				return
 
@@ -177,7 +177,7 @@ func CheckAuth(c *gin.Context) {
 			}
 
 			if !strings.HasPrefix(u.Host, util.LocalHost) && !strings.HasPrefix(u.Host, "[::1]") {
-				c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed"})
+				c.JSON(401, map[string]interface{}{"code": -1, "msg": "Auth failed: for security reasons, please set [Access authorization code] when using non-127.0.0.1 access\n\n为安全起见,使用非 127.0.0.1 访问时请设置 [访问授权码]"})
 				c.Abort()
 				return
 			}

Some files were not shown because too many files changed in this diff