Commit Graph

2048 Commits (0c3f1204fd113a43e55887b26581e9e33e56f0e6)

Author SHA1 Message Date
Joey Hess 3d6ee9eccd htmlscrubber: Allow the bitcoin URI scheme. 2012-12-22 16:15:38 -04:00
Joey Hess bcec11601f releasing version 3.20121212 2012-12-11 13:03:19 -04:00
Joey Hess c29413ba2a openid: Display openid in Preferences page as a comment, so it can be selected in all browsers. 2012-12-04 13:59:19 -04:00
Joey Hess 286026877d filecheck: Fix bug that prevented File::MimeInfo::Magic from ever being used. 2012-11-04 12:02:26 -04:00
Joey Hess b6d556e5b2 releasing version 3.20121017 2012-10-17 13:36:36 -04:00
Joey Hess 45801c34bd recentchangesdiff: fix further breakage to the template from 3.20120725 2012-10-16 20:49:26 -04:00
Joey Hess bb07dc3f21 releasing version 3.20121016 2012-10-16 15:24:18 -04:00
Joey Hess 96bfdbf1be really fix diff display to not show both types of diff
12fa9c031f porported to fix this, but failed
2012-10-16 10:59:00 -04:00
Joey Hess bad3c0089a Add back a 1em margin between archivepage divs.
This was lost in commit 954e2e4ef1
2012-10-15 13:53:43 -04:00
Joey Hess 6bd8c6732e add cgi_overload_delay tunable
Try to avoid a situation in which so many ikiwiki cgi wrapper programs are
running, all waiting on some long-running thing like a site rebuild, that
it prevents the web server from doing anything else. The current approach
only avoids this problem for GET requests; if multiple cgi's run GETs on a
site at the same time, one will display a "please wait" page for a
configurable number of seconds, which then redirects to retry. To enable
this protection, set cgi_overload_delay to the number of seconds to wait.
This is not enabled by default.
2012-10-09 17:12:04 -04:00
Joey Hess 7b78a21580 changelog 2012-09-29 11:45:11 -04:00
Joey Hess 150d2c0900 update copyright and changelog 2012-08-30 11:57:20 -04:00
Joey Hess 80fa5c82a5 releasing version 3.20120725 2012-08-25 11:08:57 -04:00
Joey Hess a3c1768e10 comments: Remove ipv6 address specific code. 2012-08-25 10:43:24 -04:00
Joey Hess 93a12752ac merged anarcat/osm_arbitrary_layers 2012-08-25 10:13:22 -04:00
Joey Hess b09a73db13 responsen 2012-08-24 23:26:46 -04:00
Joey Hess d926c4aca9 merged anarcat's osm fixes 2012-08-05 22:02:39 -04:00
Joey Hess 25ea99bc22 Split CFLAGS into words when building wrapper. Closes: #682237 2012-07-20 12:56:57 -04:00
Joey Hess 7f883f5203 recentchangesdiff: When diffurl is not set, provide inline diffs in the recentchanges page, with visibility toggleable via javascript. Thanks, Antoine Beaupré 2012-07-19 13:50:07 -04:00
Joey Hess bfc9dc93c9 releasing version 3.20120629 2012-06-29 13:43:09 -04:00
Joey Hess 939d8c5675 mirrorlist: Add mirrorlist_use_cgi setting that avoids usedirs or other config differences by linking to the mirror's CGI. (intrigeri) 2012-06-03 13:16:31 -04:00
Joey Hess 22acf1872a cve 2012-05-16 21:18:40 -04:00
Joey Hess fbfcea89f8 meta: Security fix; add missing sanitization of author and authorurl. Thanks, Raúl Benencia 2012-05-16 19:54:41 -04:00
Joey Hess e09eeb2436 releasing version 3.20120419 2012-04-19 15:41:53 -04:00
Joey Hess 7f0d58fce3 merged smcv/ready/trail 2012-04-18 15:46:47 -04:00
Joey Hess 30a3efda58 graphviz: Handle self-links. 2012-04-18 15:36:27 -04:00
Joey Hess 169550a926 link: Fix renaming wikilinks that contain embedded urls. 2012-04-18 15:15:11 -04:00
Joey Hess e81e857ba6 add comment subscription checkbox to editpage
Reworded template, which also called the commit message a "comment".
2012-04-13 14:28:02 -04:00
Joey Hess ab1ebf1ec6 inline, trail: The pagenames parameter is now a list of absolute pagenames, not relative wikilink type names. This is necessary to fix a bug, and makes pagenames more consistent with the pagespec used in the pages parameter. (smcv) 2012-04-08 16:07:17 -04:00
Joey Hess 358a95d7ad remove: Support removing of pages in the transient underlay. (smcv) 2012-04-08 15:58:06 -04:00
Joey Hess e4cdce4bce rename: Allow rename to be started not from the edit page; return to the renamed page in this case. 2012-04-05 14:48:18 -04:00
Joey Hess b481158c14 typo 2012-04-04 13:18:54 -04:00
Joey Hess 93bda514ba httpauth: When it's the only auth method, avoid a pointless and confusing signin form, and just right to the httpauthurl. 2012-04-04 12:58:36 -04:00
Joey Hess f9e96b0c32 passwordauth: Fix url in password recovery email to be absolute.
This got broken when cgiurl began often returning a relative url.
Added a cgiurl_abs for the things that need a guaranteed absolute cgiurl.
2012-04-02 12:24:14 -04:00
Joey Hess 89df287aaa meta: Support keywords header. Closes: #664780 Thanks, Martin Michlmayr 2012-04-01 14:39:27 -04:00
Joey Hess d68d255268 Added a "changes" hook. Renamed the "change" hook to "rendered", but
the old hook name is called for now for back-compat.
2012-03-28 18:43:07 -04:00
Joey Hess 723c5b97d3 changemail: New plugin, sends emails about changed pages. 2012-03-28 16:40:10 -04:00
Joey Hess 4250d389d3 meta: Export author information in html <meta> tag. Closes: #664779 Thanks, Martin Michlmayr 2012-03-27 15:52:35 -04:00
Joey Hess aaa72a3a80 inline: When the pagenames list includes pages that do not exist, skip them.
bestlink returns '' if no existing page matches a link. This propigated
through inline and other plugins, causing uninitialized value warnings, and
in some cases (when filecheck was enabled) making the whole directive fail.

Skipping the empty results fixes that, but this is papering over another
problem: If the missing page is later added, there is not dependency
information to know that the inline needs to be updated. Perhaps smcv will
fix that later.
2012-03-21 15:48:25 -04:00
Joey Hess 662ea9971c Remove dead link from plugins/teximg. Closes: #664885 2012-03-21 15:48:24 -04:00
Joey Hess 8d46f83756 releasing version 3.20120203 2012-03-19 14:44:17 -04:00
Joey Hess 223c6d487a more updates for trail merge 2012-03-18 14:38:20 -04:00
Joey Hess a812692a50 changelog 2012-03-18 14:22:28 -04:00
Joey Hess f0733e6b96 URI escape filename when generating the diffurl.
ikiwiki source files can contain at least one character that
needs to be escaped in an url: +
2012-03-13 11:50:39 -04:00
Joey Hess 4c6e39cb07 Add a few missing jquery UI icons to attachment upload widget underlay. 2012-03-05 16:54:54 -04:00
Joey Hess 9f56a417a1 add osm plugin 2012-03-03 11:30:44 -04:00
Joey Hess 78737cbfbf shortcut: Support Wikipedia's form of url-encoding for unicode characters
I think it's the wrong encoding, seems like mojibake to me, but it works
now. Closes: #661198
2012-03-03 11:27:59 -04:00
Joey Hess 3274b809f2 changelog 2012-03-03 11:01:55 -04:00
Joey Hess da0df8b40f changelog 2012-02-19 19:27:25 -04:00
Joey Hess 38ff2b44c6 Fix a snail mail address. Closes: #659158 2012-02-08 16:07:20 -04:00
Joey Hess c3f9ef8289 revert change to prettydate
Its strftime is from Date::Format, doesn't have the problem, and using the
POSIX one breaks its %o.
2012-02-02 22:27:55 -04:00
Joey Hess cd879e4c4f changelog 2012-01-30 15:25:56 -04:00
Joey Hess 2ebae85f9b fix 2012-01-30 15:14:41 -04:00
Joey Hess 88465ae468 document a bug fix
Original bug was introduced 24 Nov 2011.
2012-01-30 15:13:55 -04:00
Joey Hess a78126c55e calendar, prettydate: Fix strftime encoding bug
strftime is a C function, it does not return decoded utf8.
Several places in ikiwiki manually decoded it, but at least two
forgot to.

Also, strftime might not return even encoded utf8, if LC_TIME is set
to a non-utf8 value. Went ahead and supported decoding whatever encoding
it uses.

The remaining direct calls to strftime() are all ones that first set
LC_TIME=C, in order to get times that are not for human display.
2012-01-30 15:09:37 -04:00
Joey Hess 01afd033cb changelog 2012-01-30 14:44:52 -04:00
Joey Hess 6c3cdb04ac Switch to YAML::XS to work around insanity in YAML::Mo. Closes: #657533
https://rt.cpan.org/Ticket/Display.html?id=74487

Gave up trying to support multiple YAML backends. The XS one requires ugly
manual encoding to get unicode right, and doesn't allow dumping yaml
fragments w/o the yaml header, but at least it doesn't randomly crash
on import like YAML::Mo has started to.
2012-01-28 22:36:14 -04:00
Joey Hess 18f35269c2 mdwn: Added nodiscount setting, which can be used to avoid using the markdown discount engine, when maximum compatability is needed. 2012-01-16 13:42:30 -04:00
Joey Hess 1572c3c376 attachment: Fix utf-8 display bug. 2012-01-15 16:39:13 -04:00
Joey Hess 01a1a20aad releasing version 3.20120115 2012-01-15 16:27:32 -04:00
Joey Hess b38261a03a Workaround discount's eliding of <style> blocks. 2012-01-15 16:19:22 -04:00
Joey Hess 047d2c12e5 Make backlink(.) work. Thanks, Giuseppe Bilotta. 2012-01-13 13:43:31 -04:00
Joey Hess cc4678e70d releasing version 3.20120109 2012-01-09 12:17:24 -04:00
Joey Hess c1a0fec9d7 correction 2012-01-04 13:43:37 -04:00
Joey Hess 8ed142afc9 On Debian, depend on libtext-markdown-discount. 2012-01-03 19:49:13 -04:00
Joey Hess 9dce803faf discount support
mdwn: Can use the discount markdown library, via the
Text::Markdown::Discount perl module.

This is preferred if available since it's the fastest currently supported
markdown library, speeding up markdown rendering by a factor of 40.

That is to say, when only rendering a lot of markdown, discount is 40x
faster. When building a ikiwiki site, ikiwiki's other overhead gets in the
way, but I still see significant speedups. Building the ikiwiki docwiki
dropped from 62 to 45 seconds, for example.

However, when multimarkdown is enabled, Text::Markdown::Multimarkdown is
still used.

While discount contains some nonstandard markdown extensions,
including tables and footnotes, AFAICS most of them are not
enabled by default in the perl bindings.

I consider sticking to non-extended markdown a desirable thing, since this
is probably not the last markdown engine. In particular, sundown is waiting
in the wings to get packaged and get a perl binding.

----

Reviewing all the showdown extensions, here are the ones that are enabled:

centered paragraphs:

->centered<-

image sizes: [dust mite](http://dust.mite =150x150)

<style>..</style> blocks are eaten. The perl binding does not provide
access to the gathered CSS. This is not legal html anyway, so unlikely
to cause breakage.
2012-01-01 17:28:31 -04:00
Joey Hess 5e3e329063 releasing version 3.20111229 2011-12-29 12:08:59 -04:00
Joey Hess bbf255276b changelog 2011-12-24 19:43:17 -04:00
Joey Hess f6440dd5e6 coverage merged 2011-12-06 15:04:56 -04:00
Joey Hess 5bf7ee5dea done 2011-12-06 14:34:12 -04:00
Joey Hess a165790ba7 typo 2011-12-05 15:19:25 -04:00
Joey Hess aa226bbb6b Consume all stdin when rcs_receive short-circuits, to avoid git SIPIPE race.
We had a weird problem where, after moving to a new, faster server,
"git push" would sometimes fail like this:

Unpacking objects: 100% (3/3), done.
fatal: The remote end hung up unexpectedly
fatal: The remote end hung up unexpectedly

What turned out to be going on was that git-receive-pack was dying due
to an uncaught SIGPIPE. The SIGPIPE occurred when it tried to write to
the pre-receive hook's stdin. The pre-receive hook, in this case, was
able to do all the checks it needed to do without the input, and so did
exit(0) without consuming it.

Apparently that causes a race. Most of the time, git forks the hook,
writes output to the hook, and then the hook runs, ignores it, and exits.
But sometimes, on our new faster server, git forked the hook, and it
ran, and exited, before git got around to writing to it, resulting in
the SIGPIPE.

write(7, "c9f98c67d70a1cfeba382ec27d87644a"..., 100) = -1 EPIPE (Broken
pipe)
--- SIGPIPE (Broken pipe) @ 0 (0) ---

I think git should ignore SIGPIPE when writing to hooks. Otherwise,
hooks may have to go out of their way to consume all input, and as I've
seen, the races when they fail to do this can lurk undiscovered.

I have written to the git mailing list about this.

As a workaround, consume all stdin before exiting.
2011-12-05 15:17:01 -04:00
Joey Hess 3b40790041 releasing version 3.20111107 2011-11-30 16:52:30 -04:00
Joey Hess 4cb343f348 graphviz: Support wikilinks embedded in the graph.
(Sponsored by The TOVA Company.)
2011-11-30 15:47:13 -04:00
Joey Hess 44863ea234 graphviz: Support urls embedded in the graph, by having graphviz generate an imagemap.
Also, I let preview mode write real files, rather than using data: uri.
Which is ok these days, since ikiwiki tracks files created during
previewing, and cleans them up later.
2011-11-30 15:47:12 -04:00
Joey Hess 3046dc4d30 The umask setting can now be set to private, group, or public, avoiding the need to enter octal correctly which is particularly difficult in yaml setup files. (smcv) 2011-11-27 18:35:05 -04:00
Joey Hess 41f6363a63 editpage: Fix FormattingHelp link on Discussion pages.
In 875d550f12 I for some reason
made $page be changed when creating a discussion page, which
broke the link on the edit page. Changing page seems unnecessary,
so reverted that part of the change.
2011-11-27 13:19:19 -04:00
Joey Hess 106d55bf47 img: Bugfix to width/height tags for scaled down image when only one dimension was provided. Thanks, Per Carlson. 2011-11-17 18:53:23 -04:00
Joey Hess 5fd076e630 releasing version 3.20111106 2011-11-06 16:35:53 -04:00
Joey Hess 875d550f12 Fix handling of discussion page creation links to make discussion pages in the right place and with the right case.
Broken by page case preservation feature added in 3.20110707.
2011-11-06 16:14:04 -04:00
Joey Hess 67b2beb1b0 Make the setup automator create YAML formatted files. 2011-11-06 16:01:50 -04:00
Joey Hess 3e69f6481f changelog 2011-10-23 11:57:47 -07:00
Joey Hess 496874ab27 svn: Support subversion 1.7, which does not have .svn in each subdirectory.
Involved dropping some checks for .svn which didn't add anything, since if
svn is enabled and you point it at a non-svn checkout, you get both pieces.

The tricky part is add and rename, in both cases the new file can be in
some subdirectory that is not added to svn.

For add, turns out svn has a --parents that will deal with this by adding
the intermediate directories to svn as well.

For rename though, --parents fails if the directories exist but are not
yet in svn -- which is exactly the case, since ikiwiki makes them
by calling prep_writefile. So instead, svn add the parent directory,
recursively.

tldr; svn made a reasonable change in dropping the .svn directories from
everywhere, but the semantics of other svn commands, particularly their
pickiness about whether parent directories are in svn or not, means
that without the easy crutch of checking for those .svn directories,
code has to tiptoe around svn to avoid pissing it off.
2011-10-12 19:07:38 -04:00
Joey Hess 6321a75e0c track escaping change in upstream template
This is not belived to be XSS exploitable due to other checks in ikiwiki.

Thanks Olly Betts for review.
2011-09-27 11:05:34 -04:00
Joey Hess 97caf03fa0 releasing version 3.20110905 2011-09-05 15:17:15 -04:00
Joey Hess 5cb0ecc000 Fix web revert of a file deletion.
When reverting, an add is a remove, and a remove is an add.
2011-09-05 14:51:49 -04:00
Joey Hess acb0eb78c4 Promote RPC::XML to a Recommends, since it's used by auto-blog.setup. Closes: #637603 2011-09-05 13:25:05 -04:00
Joey Hess 35b69392c8 Avoid warning message when generating setup file if highlight is not installed. Closes: #637606
There's a nice message if the plugin is loaded and used and highlight is
not available, and a nice fallback. So no need for this other warning,
which can happen any time all plugins are loaded to generate a setup file.
2011-09-05 13:21:56 -04:00
Joey Hess f774f20913 Fix comments testsuite to not rely on Date::Parse's ability to parse the date Columbus discovered America. Closes: #640350
This is such a pity. smcv had these great dates, but squeeze's Date::Parse
cannot parse them.

Oh well, at least it makes for a great bug closure title.
2011-09-05 13:17:36 -04:00
Joey Hess 7d2b68cd16 inline: When indexing internal pages for searching, use the url of the inlining page. 2011-09-01 11:38:10 -04:00
Joey Hess 4af7b2c14d search: Fix encoding bug in calculation of maximum term size. 2011-08-30 11:37:38 -04:00
Joey Hess c8f7dcbc31 Use lockf rather than flock when taking the cgilock, for better portability.
This kind of change is scary, but this particular lock is very simply
used and so it seems ok to make it even just for better portability to
SunOS. (People still use that?)
2011-08-24 17:35:53 -04:00
Joey Hess 73eb892ba2 jquery source cleanup
* Add unminified jquery js and css files to source.
* Update to jquery 1.6.2, and jquery-ui 1.8.14.

The full files are included in the source but not the binary.

I'm not minifying the files as part of build because I don't want ikiwiki
to build depend on a javascript minifier. (Let alone need one at runtime).
Nor do I want to deal with any breakage caused by the minifier. These
files were taken from the debian packages.

The jquery-tmpl full file was taken from revision
66bb852217c49ae8c9a8f2522150354ae80463de of its git repository, which
matches the minified file I already had. I did not want to deal with possible
breakage in newer versions; this thing claims to need an ancient version of
jquery (1.4.2), and is perhaps only working by luck with the newer versions
as it is.
2011-08-24 16:25:03 -04:00
Joey Hess 1873095484 Put in a workaround for #622591, by ensuring Search::Xapian gets loaded before Image::Magick. 2011-08-07 11:01:41 -04:00
Joey Hess e07adcad7a typo 2011-08-05 17:14:41 -04:00
Joey Hess d2cf716876 Avoid using named capture groups in heredoc code for oldperl compatability.
Also reordered heredoc part of regexp for consistency.
2011-07-30 20:12:33 +02:00
Joey Hess ed360d045a Fix escaping of html entities in tag names.
Example case was a tag with & in its name, which resulted in a malformed
rss feed.
2011-07-29 12:54:30 +02:00
Joey Hess 65a7bc4e06 Fix escaping of html entities in permalinks. 2011-07-29 12:37:43 +02:00
Joey Hess f2529edcab Fix typo in Danish translation of shortcuts page that caused expoentional regexp blowup.
Complex regular subexpression recursion limit (32766) exceeded at
/home/joey/src/ikiwiki/IkiWiki.pm line 1532.

This doesn't fix the blowup potential itself, it just fixes the typo. :)

A sample page that causes the blowup is attached below for future
reference. The first directive is not terminated. Contributing are the
additional quotes around the following directives, which mean that they can
each be processed as a parameter to the first directive, or as an
individual directive. In resolving this ambiguity, the regexp blows up.
Happily, perl contains the explosion , so I don't think there is an exploit
here.

"[[!shortcut name=wiktionary url=\"https://secure.wikimedia.org/wiktionary/en/"
"[[!shortcut name=debss url=\"http://snapshot.debian.net/package/%s\"]]"
"[[!shortcut name=debwiki url=\"http://wiki.debian.org/%s\"]]"
"[[!shortcut name=fdobug url=\"https://bugs.freedesktop.org/show_bug.cgi?id=%s\" desc=\"freedesktop.org bug #%s\"]]"
"[[!shortcut name=fdolist url=\"http://lists.freedesktop.org/mailman/listinfo/%s\" desc=\"%s@lists.freedesktop.org\"]]"
"[[!shortcut name=cpanrt url=\"https://rt.cpan.org/Ticket/Display.html?id=%s\" desc=\"CPAN RT#%s\"]]"
"[[!shortcut name=novellbug url=\"https://bugzilla.novell.com/show_bug.cgi?id=%s\" desc=\"bug %s\"]]"
"[[!shortcut name=fdolist url=\"http://lists.freedesktop.org/mailman/listinfo/%s\" desc=\"%s@lists.freedesktop.org\"]]"
"[[!shortcut name=gnomebug url=\"http://bugzilla.gnome.org/show_bug.cgi?id=%s\" desc=\"GNOME bug #%s\"]]"
"[[!shortcut name=linuxbug url=\"http://bugzilla.kernel.org/show_bug.cgi?id=%s\" desc=\"Linux bug #%s\"]]"
"[[!shortcut name=gmane url=\"http://dir.gmane.org/gmane.%s\" desc=\"gmane.%s\"]]"
"[[!shortcut name=gmanemsg url=\"http://mid.gmane.org/%s\"]]"
"[[!shortcut name=cpan url=\"http://search.cpan.org/search?mode=dist&query=%s\"]]"
"[[!shortcut name=ctan url=\"http://tug.ctan.org/cgi-bin/ctanPackageInformation.py?id=%s\"]]"
"[[!shortcut name=hoogle url=\"http://haskell.org/hoogle/?q=%s\"]]"
"[[!shortcut name=iki url=\"http://ikiwiki.info/%S/\"]]"
"[[!shortcut name=ljuser url=\"http://%s.livejournal.com/\"]]"
"[[!shortcut name=rfc url=\"http://www.ietf.org/rfc/rfc%s.txt\" desc=\"RFC %s\"]]"
"[[!shortcut name=c2 url=\"http://c2.com/cgi/wiki?%s\"]]"
"[[!shortcut name=meatballwiki url=\"http://www.usemod.com/cgi-bin/mb.pl?%s\"]]"
"[[!shortcut name=emacswiki url=\"http://www.emacswiki.org/cgi-bin/wiki/%s\"]]"
"[[!shortcut name=haskellwiki url=\"http://haskell.org/haskellwiki/%s\"]]"
"[[!shortcut name=dict url=\"http://www.dict.org/bin/Dict?Form=Dict1&Strategy=*&Database=*&Query=%s\"]]"
"[[!shortcut name=imdb url=\"http://imdb.com/find?q=%s\"]]"
"[[!shortcut name=gpg url=\"http://pgpkeys.mit.edu:11371/pks/lookup?op=vindex&exact=on&search=0x%s\"]]"
"[[!shortcut name=perldoc url=\"http://perldoc.perl.org/search.html?q=%s\"]]"
"[[!shortcut name=whois url=\"http://reports.internic.net/cgi/whois?whois_nic=%s&type=domain\"]]"
"[[!shortcut name=cve url=\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=%s\"]]"
"[[!shortcut name=cia url=\"http://cia.vc/stats/project/%s\"]]"
"[[!shortcut name=ciauser url=\"http://cia.vc/stats/user/%s\"]]"
"[[!shortcut name=flickr url=\"http://www.flickr.com/photos/%s\"]]"
"[[!shortcut name=man url=\"http://linux.die.net/man/%s\"]]"
"[[!shortcut name=ohloh url=\"http://www.ohloh.net/projects/%s\"]]"
"[[!shortcut name=cpanrt url=\"https://rt.cpan.org/Ticket/Display.html?id=%s\" desc=\"CPAN RT#%s\"]]"
"[[!shortcut name=novellbug url=\"https://bugzilla.novell.com/show_bug.cgi?id=%s\" desc=\"bug %s\"]]"
2011-07-26 17:29:36 +02:00
Joey Hess ca435801d9 po: Add `LANG_CODE` and `LANG_NAME` template variables. (intrigeri) 2011-07-19 14:12:45 -04:00