Commit Graph

12547 Commits (034b4e826627dddf47ff27278897804e39741e57)

Author SHA1 Message Date
Joey Hess 034b4e8266 remove verify_src_file
Splitting out this function bothered me. It is conceptially similar to
file_pruned, and yet also very specific to exactly the security needs of
find_src_files.

I liked that it got rid of duplicate code in the latter function. So
instead, put a helper sub in that, which I think allows refactoring
things more cleanly, and with less boilerplate.

As to the needs of gen_autofile, I'm not convinced this needs to handle
the same set of problems that verify_src_file did. So I sat down and
wrote a custom validator for autofiles, which turned out to seem to just
need three things: Make sure the candidate filename is not something
that would be pruned; untaint the candidate filename; and make sure that
srcdir doesn't already have something with its name. (Plus, of course,
all the other checks that were already in gen_autofile.)

(In passing, also fixed a bunch of bugs I had introduced in this branch.)
2010-04-21 15:05:59 -04:00
Joey Hess 9c8761ba49 add_autofile filename should be relative to srcdir 2010-04-21 14:37:03 -04:00
Joey Hess 0fcbcc4815 Merge branch 'master' into autotag 2010-04-21 14:21:40 -04:00
Joey Hess 5c855b2bca applied 2010-04-21 12:50:43 -04:00
Joey Hess d6810097ce layout 2010-04-21 12:50:34 -04:00
Giuseppe Bilotta 0fa25a361c Always give createlink class to links to nonexistent pages
With this change, the <span> with class createlink is always created
around the link text, even when no CGI URL is defined. This allows
styling of these 'links' in this case too. The same class is used as when
CGI URL is defined so that e.g. clones of the same ikiwiki, one with CGI
and one without, display in the same way (modulo the missing question mark
link).
(cherry picked from commit 290d1b498f00f63e6d41218ddb76d87e68ed5081)
2010-04-21 12:49:31 -04:00
http://oblomov.myopenid.com/ 5d2df9651f Missing links with no CGI 2010-04-21 08:17:03 +00:00
Joey Hess 34e8c78c1c Merge branch 'master' into autotag 2010-04-20 18:19:00 -04:00
Joey Hess 64946f9198 Merge branch 'file_pruned_revamp' 2010-04-20 18:18:39 -04:00
Joey Hess 511f7f9cb9 bugfix
So this is the one place that does need to canonpath and compare,
as two argument file_pruned used to.
2010-04-20 18:16:40 -04:00
Joey Hess 9fc13ab196 Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info 2010-04-20 17:52:44 -04:00
Joey Hess d578f3ff78 darcs: ensure whole darcs query manifest output is consumed
By a stroke of luck, after a long & full day, I happened to
remember that in the morning, I had seen someone on irc mention
that darcs query manifest doesn't like it if its full output
is not consumed.

So contrary to the usual case where bug reports sent via irc are like
messages written in sand before the new tide, this one was seen and
fixed.

(But use http://ikiwiki.info/bugs/ next time!)
2010-04-20 17:49:00 -04:00
Joey Hess bfca8345ea bugfix
Avoid file_pruned triggering on absolute paths causing the whole
comments_pending directory being pruned.

Simplify code.
2010-04-20 17:42:36 -04:00
Joey Hess 808a4249fc Merge branch 'master' into file_pruned_revamp 2010-04-20 17:26:40 -04:00
Joey Hess 93cf1db7b9 fix uninitialized value warning
$cgi->params('do') may not be defined. The CSRF code may delete all
cgi params. This uninitalized value was introduced when do=register
support was added recently.
2010-04-20 17:21:50 -04:00
http://oblomov.myopenid.com/ 4b4fdc85ab Clarifications 2010-04-20 20:18:29 +00:00
Joey Hess 81eae1a531 typo 2010-04-20 14:25:17 -04:00
Joey Hess 59bb1f1db3 fix stat to use unmunged filename 2010-04-20 14:23:48 -04:00
Joey Hess 1f56dead00 oops, fix for no_chdir mode
$_ will be absolute then
2010-04-20 14:21:31 -04:00
Joey Hess cff3937b68 remove 2 argument form of file_pruned 2010-04-20 14:08:29 -04:00
Joey Hess 6d063a6698 switch to 1 parameter version of file_pruned
Another bit of code that didn't realize that File::Find sets $_ to the
relative filename.
2010-04-20 14:06:00 -04:00
Joey Hess 230a8b22a4 remove explicit absolute test
file_pruned now tests for that
2010-04-20 13:59:17 -04:00
Joey Hess 5d3f787729 use one parameter form of file_pruned here too
In File::Find, $_ is relative to the current directory, so that is ok.
Also, the directory name doesn't need to be stripped from $_.
2010-04-20 13:54:24 -04:00
Joey Hess 7a92c0aa4a clarify why absolute is tested & stripped here
file_prune also fails on absolute filenames now
2010-04-20 13:49:46 -04:00
Joey Hess ca33969823 Merge branch 'master' into file_pruned_revamp 2010-04-20 13:43:21 -04:00
http://smcv.pseudorandom.co.uk/ 3b8f4f59d6 internal pages: the revenge? 2010-04-20 15:01:39 +00:00
Jon Dowland 52ccc03d10 clarify whether the raw files would be put in destdir 2010-04-20 15:40:10 +01:00
Joey Hess d1a1f3ad21 fix minor bug if a page's name is "0" 2010-04-20 01:54:42 -04:00
Joey Hess 1171851934 similarity to internal pages 2010-04-20 01:32:19 -04:00
Joey Hess 1239fa55d5 no need to return content from postscan hook 2010-04-20 00:07:41 -04:00
Joey Hess 563428ebd2 response 2010-04-19 23:52:16 -04:00
Joey Hess 606dcbedc9 Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info 2010-04-19 23:49:47 -04:00
Joey Hess de6167a3b0 change wording
This is more accurate when a file that is not a page is what is removed.
2010-04-19 23:48:24 -04:00
http://kerravonsen.dreamwidth.org/ 529929e732 non comprend 2010-04-20 02:45:14 +00:00
http://kerravonsen.dreamwidth.org/ fda191cbbb formatting 2010-04-20 02:43:44 +00:00
http://kerravonsen.dreamwidth.org/ 16afa9e844 further clarification 2010-04-20 02:41:13 +00:00
Joey Hess 9f00692a79 response 2010-04-19 22:37:55 -04:00
Joey Hess 8f8bda1ae5 Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info 2010-04-19 22:37:02 -04:00
http://kerravonsen.dreamwidth.org/ 09c647c177 response 2010-04-20 02:31:00 +00:00
Joey Hess 1734e99d27 Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info 2010-04-19 22:19:09 -04:00
Joey Hess 2111bf0408 move message into if block 2010-04-19 22:14:22 -04:00
Svend Sorensen 65510a3c05 Merge branch 'master' of git://git.ikiwiki.info 2010-04-19 16:13:10 -07:00
Svend Sorensen e1ebdda72b Remove www prefix from Svend's website URLs 2010-04-19 16:12:09 -07:00
Joey Hess 7c0a2830f2 Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info 2010-04-19 16:04:49 -04:00
Joey Hess 1b7c455f4a thinking about changing how templatedir works and allowing wikitemplate files into the srcdir 2010-04-19 16:03:53 -04:00
http://oblomov.myopenid.com/ 99cdd38dd5 Respond 2010-04-19 08:36:38 +00:00
http://kerravonsen.dreamwidth.org/ 63e6c00890 response to the further thoughts 2010-04-19 02:23:12 +00:00
PeteG 472694b8b4 2010-04-18 12:34:20 +00:00
PeteG 56bf9c04a2 2010-04-18 12:33:51 +00:00
Joey Hess a97964688b unfinished file_prune revamp
Many calls to file_prune were incorrectly calling it with 2 parameters.
In cases where the filename being checked is relative to the srcdir,
that is not needed.

Made absolute filenames be pruned. (This won't work for the 2 parameter call
style.)
2010-04-17 19:05:40 -04:00