Commit Graph

794 Commits (14414fcd92f9e3c4f7b81ee3608fae7357153b78)

Author SHA1 Message Date
Joey Hess bbcf878f75 * meta: Check that the urls provided for authorurl, permalink, and openid
are safe and can't contain javascript.
2008-02-10 17:17:44 -05:00
Josh Triplett d20e24b636 Also filter the attributes cite, longdesc, and usemap, which can contain URIs 2008-02-10 13:59:37 -08:00
Josh Triplett 34115a34e0 Move about: fix to version 2.31.3 in the changelog 2008-02-10 13:36:52 -08:00
Josh Triplett a7be7bdf56 Do not allow the about: URI scheme
Some browsers interpret about: URIs like a limited version of data:
URIs.  In particular, some versions of Internet Explorer interpret
arbitrary HTML content in about: URIs.
2008-02-10 13:23:28 -08:00
Joey Hess 6aa25f2757 update 2008-02-10 15:38:57 -05:00
Joey Hess 852994d950 changelog munging 2008-02-10 14:17:27 -05:00
Joey Hess d7e0c035e5 * htmlscrubber security fix: Block javascript in uris.
* Add htmlscrubber test suite.
2008-02-10 13:16:40 -05:00
Josh Triplett 122f6df325 Merge branch 'master' into prefix-directives
Conflicts:

	debian/changelog
	templates/change.tmpl
2008-02-09 23:02:52 -08:00
Joey Hess 1eeb683f1a releasing version 2.31 2008-02-10 01:11:48 -05:00
Joey Hess f1fcb5be9c * Page templates can now use CTIME to show when the page was created. 2008-02-09 23:05:48 -05:00
Josh Triplett 6b35ec682b Mention user wikilists in README.Debian 2008-02-08 18:12:38 -08:00
Joey Hess 63e316f362 * Don't die if running with --getctime and rcs_getctime throws an error.
There are several cases (recentchanges files, aggregated files)
  where some source files are not in revision control.
2008-02-07 22:11:54 -05:00
Joey Hess ce0e242d21 update after merge 2008-02-05 16:06:50 -05:00
Joey Hess f92505d78b Merge branch 'master' into prefix-directives 2008-02-05 15:59:42 -05:00
Joey Hess bf522a347f * inline: Add new `allowrss` and `allowatom` config options. These can be
used if you want a wiki that doesn't default to generating rss or atom
  feeds, but that does allow them to be turned on for specific blogs.
2008-02-04 18:36:50 -05:00
Joey Hess d1c4899a22 * inline: When previewing, still call will_render on rss/atom files,
just avoid actually writing the files. This is necessary because ikiwiki
  saves state after a preview (in case it actually *did* write files),
  and if will_render isn't called its security checks will get upset
  when the page is saved. Thanks to Edward Betts for his help tracking this
  tricky bug down.
2008-02-04 17:58:23 -05:00
Joey Hess 749c1e36d9 * monotone changes by Brian May:
- On commits, replace "mtn sync" bidirectional with "mtn push" single
    direction. No need to pull changes when doing a commit. mtn sync
    is still called in rcs_update.
  - Support for viewing differences via patches using viewmtn.
2008-02-03 18:14:39 -05:00
Joey Hess 9d54cc4659 implement aggregate_locking design
Now aggregation will not lock the wiki. Any changes made during aggregaton are
merged in with the changed state accumulated while aggregating. A separate
lock file prevents multiple concurrent aggregators. Garbage collection
of orphaned guids is much improved. loadstate() is only called once
per process, so tricky support for reloading wiki state is not needed.

(Tested fairly thuroughly.)
2008-02-03 16:48:26 -05:00
Joey Hess e57749b702 * recentchanges: Exipre all *._change pages, even if the directory
they're in has changed.
2008-02-03 14:51:03 -05:00
Joey Hess 340fe9707c * recentchanges: Improve handling of links on the very static changes pages
by thunking to the CGI, which can redirect to the page, or allow it to be
  created if it doesn't exist.
2008-02-03 14:48:20 -05:00
Joey Hess 1f6591f0a6 * aggregate: Revert use of forking to not save state, that was not the right
approach.
2008-02-03 03:04:19 -05:00
Joey Hess 9f60272831 * poll: This plugin turns out to have edited pages w/o doing any locking.
Oops. Convert it from a cgi to a sessioncgi hook, which will work
  much better.
2008-02-03 00:26:00 -05:00
Joey Hess 80915c830a * cgi hooks are now run before ikiwiki state is loaded.
* This allows locking the wiki before loading state, which avoids some
  tricky locking code when saving a web edit.
2008-02-03 00:23:04 -05:00
Joey Hess 0779013683 * aggregate: Forking a child broke the one state that mattered: Forcing
the aggregating page to be rebuilt. Fix this.
2008-02-02 23:56:13 -05:00
Joey Hess 6a7c3d1209 * Revert preservation of input file modification times in output files,
since this leads to too many problems with web caching, especially with
  inlined pages. Properly solving this would involve tracking every page
  that contributes to a page's content and using the youngest of them all,
  as well as special cases for things like the version plugin, and it's just
  too complex to do.
2008-02-02 23:40:57 -05:00
Joey Hess e3c21fd5e8 releasing version 2.30 2008-02-02 17:51:04 -05:00
Joey Hess 002cf74f18 * Copyright file updates. 2008-01-29 20:42:32 -05:00
Joey Hess 8427187a39 update 2008-01-29 19:56:53 -05:00
Joey Hess 336a276446 changelog 2008-01-29 19:42:19 -05:00
Joey Hess 3803266b8f merged the recentchanges branch
misc fixes
2008-01-29 17:50:11 -05:00
Joey Hess 64a8c828b8 * meta: Add pagespec functions to match against title, author, authorurl,
license, and copyright. This can be used to create custom RecentChanges.
* meta: To support the pagespec functions, metadata about pages has to be
  retained as pagestate.
* Fix encoding bug when pagestate values contained spaces.
2008-01-29 17:16:51 -05:00
Joey Hess 47ee266163 improve support for internal pages
This makes it a lot quicker to deal with lots of recentchanges pages
appearing and disappearing. It avoids needing to clutter up pagespecs with
exclusions for those pages, by making normal pagespecs not match them.
2008-01-29 15:05:49 -05:00
Joey Hess d72753e100 updates 2008-01-29 01:03:44 -05:00
Joey Hess d7fdd04b5a * Removed support for sending commit notification mails. Along with it went
the svnrepo and notify settings, though both will be ignored if left in
  setup files.
2008-01-29 00:36:58 -05:00
Joey Hess 2ff726e875 don't render internal-use pages, and document them 2008-01-29 00:07:55 -05:00
Joey Hess 2d3dc86d07 * prettydate,ddate: Don't ignore time formats passed to displaytime
function.
2008-01-28 23:48:27 -05:00
Joey Hess 3436fed081 * inline: The template can check for FIRST and LAST, which will be
set for the first and last inlined page. Useful for templates that build
    tables and the like.
2008-01-28 21:22:04 -05:00
Josh Triplett 1b03a06c8c Add new preprocessor directive syntax¸ using a '!' prefix.
Add a prefix_directives option to the setup file to turn this syntax
on; currently defaults to false, for backward compatibility.  Support
optional '!' prefix even with prefix_directives off, and use that in
the underlay to support either setting of prefix_directives.  Add NEWS
entry with migration information.
2008-01-27 16:14:38 -08:00
Josh Triplett 2ec5768aac Remove a trailing space from debian/changelog (noticed by dch) 2008-01-26 16:43:12 -08:00
Josh Triplett 295619dfa0 debian/changelog entry for commit 37b4fadcee
Add missing debian/changelog entry for previous commit
37b4fadcee, "Add trailing comma to
commented-out umask in sample ikiwiki.setup".
2008-01-26 16:42:40 -08:00
Joey Hess 4f872b5633 * aggregate: Fork a child process to handle the aggregation. This simplifies
the code, since that process can change internal state as needed, and
  it will automatically be cleaned up for the parent process, which proceeds
  to render the changes.
2008-01-24 17:22:39 -05:00
Joey Hess eac410da67 update changelog 2008-01-17 11:23:32 -05:00
Joey Hess ba6b8e5e3e * aggregate: Don't let feeds set creation times for pages in the future. 2008-01-16 02:01:00 -05:00
Joey Hess d312709c41 * Old versions of git-init don't support --git-dir or GIT_DIR with
--bare. Change ikiwiki-makerepo to use a method that should work with
  those older versions too.
2008-01-11 15:12:02 -05:00
Joey Hess 01461d3537 releasing version 2.20 2008-01-10 14:58:47 -05:00
Joey Hess d028c29772 docs/changelog 2008-01-09 20:05:56 -05:00
Joey Hess 141d363888 In preferences, allow the subscriptions and email fields to be cleared 2008-01-09 17:59:56 -05:00
Joey Hess e01960e90a not only markdown adds gunk, so remove it in the main htmlize function 2008-01-09 14:41:28 -05:00
Joey Hess 2b9ce0129b * mdwn: When htmlizing text, if it's a single line with no newline,
remove the enclosing paragraph and newline markdown wraps it in.
  This allows removing several hacks around this markdown behavior from
  other plugins that htmlize fragements of pages.
2008-01-09 14:35:23 -05:00
Joey Hess 57ff2ecaed * template: Remove bogus htmlize pass added in 2.16.
* template: Htmlize template variables, but also provide a raw version
  via `<TMPL_VAR raw_variable>`.
2008-01-09 14:17:25 -05:00