Commit Graph

613 Commits (14909f1d51ddbcf7d14799e06b3c7908f40e9256)

Author SHA1 Message Date
Simon McVittie 32ef584dc5 HTML-escape error messages (OVE-20160505-0012)
The instance in cgierror() is a potential cross-site scripting attack,
because an attacker could conceivably cause some module to raise an
exception that includes attacker-supplied HTML in its message, for
example via a crafted filename. (OVE-20160505-0012)

The instances in preprocess() is just correctness. It is not a
cross-site scripting attack, because an attacker could equally well
write the desired HTML themselves; the sanitize hook is what
protects us from cross-site scripting here.
2016-05-05 23:43:17 +01:00
Simon McVittie 02a1aa4e49 Don't fail to syslog if the wiki name contains %s
This is a corner case spotted while fixing UTF-8 syslogging.
2016-01-21 07:33:41 +00:00
Simon McVittie b8dbb48fdc Force log messages to be bytestrings
Sys::Syslog is not UTF-8-literate.
2016-01-21 07:33:41 +00:00
Simon McVittie 15939a2528 Add deterministic option and use it for the docwiki
It doesn't do anything yet.
2015-06-09 22:30:43 +01:00
Simon McVittie 2afb0dd663 Do not directly enable emailauth by default, only indirectly via openid
This avoids nasty surprises on upgrade if a site is using httpauth,
or passwordauth with an account_creation_password, and relying on
only a select group of users being able to edit the site. We can revisit
this for ikiwiki 4.
2015-05-27 08:52:01 +01:00
Joey Hess 84efd3e00f allow emailuser to be called when there is no %config set
ikiwiki-hosting needs to do this
2015-05-19 17:06:25 -04:00
Daniel Kahn Gillmor a5309078ec make cgiurl output deterministic
IkiWiki::cgiurl() currently produces non-deterministic output, because
the params hash can be sorted different ways.

Sorting keys to params before crafting the string should make the
output deterministic.
2015-05-19 15:34:46 -04:00
Joey Hess ab1bba9dab cloak user PII when making commits etc, and let cloaked PII be used in banned_users
This was needed due to emailauth, but I've also wrapped all IP address
exposure in cloak(), although the function doesn't yet cloak IP addresses.

(One IP address I didn't cloak is the one that appears on the password
reset email template. That is expected to be the user's own IP address,
so ok to show it to them.)

Thanks to smcv for the pointer to
http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2015-05-14 11:58:21 -04:00
Joey Hess 4fc4e78cd8 sanitize nickname derived from email address 2015-05-14 10:40:52 -04:00
Joey Hess 497513e737 avoid showing password prefs for emailauth user 2015-05-13 23:24:07 -04:00
Simon McVittie 943ec015da If neither timezone nor TZ is set, set both to :/etc/localtime if we're on a GNU system and that file exists, or GMT otherwise 2015-03-01 15:01:05 +00:00
Simon McVittie f570c89214 Fix getlibdirs when libdirs is unset 2014-12-16 08:11:59 +00:00
Simon McVittie b3e21b0436 Simplify libdirs: libdirs must be plural, libdir must be a single string
This makes the documentation read more sensibly, and matches how we
handle underlaydirs and underlaydir.
2014-12-09 20:02:03 +00:00
Simon McVittie 23b91e69b0 Merge remote-tracking branch 'spalax/paternal/libdirs' 2014-12-09 19:58:36 +00:00
Louis 3ebab88c40 Make getlibdirs return an array (or whathever this type is called in perl) 2014-12-06 18:40:14 +01:00
Louis c8d28b9439 Allow several extra library and plugin directories (libdir option) 2014-12-06 18:32:02 +01:00
Amitai Schlair 3a5a030bac entab 2014-12-02 10:38:17 -05:00
Mark Jason Dominus (陶敏修) e2354943d7 in debug mode, issue a warning before waiting for a lock 2014-12-02 10:37:09 -05:00
Simon McVittie ceab72ad34 page.tmpl: tell mobile browsers we have a responsive layout, unless told not to
Mobile browsers typically assume that arbitrary web pages are
designed for a "desktop-sized" browser window (around 1000px)
and display that layout, zoomed out, in order to avoid breaking
naive designs that assume nobody will ever look at a website on
a phone or something. People who are actually doing "responsive
design" need to opt-in to mobile browsers rendering it at a
more normal size.
2014-12-01 21:29:46 +00:00
Simon McVittie 490a1eca7b Always produce HTML5 doctype and new attributes, but not new elements
According to caniuse.com, a significant fraction of Web users are
still using Internet Explorer versions that do not support HTML5
sectioning elements. However, claiming we're XHTML 1.0 Strict
means we can't use features invented in the last 12 years, even if
they degrade gracefully in older browsers (like the role and placeholder
attributes).

This means our output is no longer valid according to any particular
DTD. Real browsers and other non-validator user-agents have never
cared about DTD compliance anyway, so I don't think this is a real loss.
2014-10-16 11:04:53 +01:00
Simon McVittie 56f8223f95 Set default User-Agent to something that doesn't mention libwww-perl
It appears that both the open-source and proprietary rulesets for
ModSecurity default to blacklisting requests that say they are
from libwww-perl, presumably because some script kiddies use libwww-perl
and are too inept to set a User-Agent that is "too big to blacklist",
like Chrome or the iPhone browser or something. This seems doomed to
failure but whatever.
2014-10-12 17:45:27 +01:00
Simon McVittie 3b8da667cc Add reverse_proxy option which hard-codes cgiurl in CGI output
This solves several people's issues with the CGI trying to be
too clever when IkiWiki is placed behind a reverse-proxy.
2014-10-05 23:49:37 +01:00
Simon McVittie d712389ae3 Avoid mixed content when cgiurl is https but url is not 2014-10-05 23:49:37 +01:00
Simon McVittie 532f7adfdb Use protocol-relative URIs if cgiurl and url differ only by authority (hostname) 2014-10-05 15:56:19 +01:00
Simon McVittie 7f5c2cfa5a Merge branch 'ready/templatebody' 2014-09-15 21:52:03 +01:00
Simon McVittie 70bc1a2113 add more wording based on what chrysn suggested 2014-09-15 21:22:42 +01:00
Simon McVittie 7dcf18dba5 Merge branch 'ready/document-success-reason' 2014-09-15 21:15:31 +01:00
Simon McVittie 2eea320b67 Merge branch 'ready/trail-sort' 2014-09-12 21:38:06 +01:00
Joey Hess 40d6ccbadb Make --no-gettime work in initial build. Closes: #755075 2014-08-28 19:08:09 -07:00
Simon McVittie 3f4a935740 trail: don't generate a costly dependency when forcing sort order
pagespec_match_list() makes the current page depend on the pagespec
being matched, so if you use [[!trailoptions sort="..."]] to force
a sort order, the trail ends up depending on internal(*) and is
rebuilt whenever anything changes. Add a new sort_pages() and use that
instead.
2014-07-11 22:08:08 +01:00
Simon McVittie a9fc30b19c Track whether we're in the scan or render phase
In the scan phase, it's too early to match pagespecs or sort pages;
in the render phase, both of those are OK.

It would be possible to add phases later, renumbering them if necessary
to maintain numerical order.
2014-03-05 10:42:19 +00:00
Simon McVittie 7672014582 Add templatebody plugin and directive, and enable it by default
Also add a regression test for templatebody.
2014-03-05 10:42:19 +00:00
Simon McVittie cbb3218db7 add readtemplate hook 2014-03-05 10:42:19 +00:00
Simon McVittie 8c6da231d6 SuccessReason: add some explanatory comments
Whenever I look at dependency calculation, it takes me a while to get my
head round the concept of influences. If what I've written here is
accurate, maybe the next person to look at this (or my future self)
will need less of a run-up.
2014-03-03 11:50:15 +00:00
Joey Hess e0d1c264d9 Allow up to 8 levels of nested directives, rather than previous 3 in directive infinite loop guard. 2014-02-23 14:11:54 -04:00
Joey Hess c5d63c549d Merge remote-tracking branch 'anarcat/dev/syslog_utf8' 2014-02-23 14:09:51 -04:00
Tuomas Jormola dc53ca18f2 Bug#737121: ikiwiki: [PATCH] Implement configuration option to set the user agent string for outbound HTTP requests
Package: ikiwiki
Version: 3.20140125
Severity: wishlist

By default, LWP::UserAgent used by IkiWiki to perform outbound HTTP
requests sends the string "libwww-perl/<version number>" as User-Agent
header in HTTP requests. Some blogging platforms have blacklisted the
user agent and won't serve any content for clients using this user agent
string. With IkiWiki configuration option "useragent" it's now possible
to define a custom string that is used for the value of the User-Agent
header.
2014-02-01 16:53:33 -04:00
Antoine Beaupré 2a143bfd0b don't edit config setting, but a temporary variable, complete and unbreak tests 2013-11-29 01:09:04 -05:00
Antoine Beaupré 2869b65bcb recover gracefully from syslog failures 2013-11-29 01:09:03 -05:00
Joey Hess 654530fa8b Added only_committed_changes config setting, which speeds up wiki refresh by querying git to find the files that were changed, rather than looking at the work tree. Not enabled by default as it can break some setups where not all files get committed to git. 2013-11-16 17:26:20 -04:00
Joey Hess 3aaa33064c Optmised loadindex by caching the page name in the index.
I have benchmarked the pagename() call this avoids taking up to 2 seconds
for a loadindex in a large wiki. The total loadindex for that wiki was
6.46s, so this is a significant improvment.
Even on a smaller site, this reduces the refresh time from 1.69 to 1.52
seconds.

The only breakage risk here is that pagename() can change the page name
it calculates due to setup changes. But in the case of a setup change, the
whole site is rebuilt. So the cached page name is not used in that
case.
2013-11-16 12:48:11 -04:00
Joey Hess 992d4f52ff Fixed unncessary tight loop hash copy in saveindex where a pointer can be used instead. Can speed up refreshes by nearly 50% in some circumstances.
I *think* this is ok, at least it results in close to the same index being
saved as before. The difference is that plugins that have a pagestate of {}
have that recorded this way, while with the tight loop, the key for the
plugin in not copied in that case. I cannot see how this could matter.
2013-11-16 12:28:01 -04:00
Joey Hess df09eba2fd Fix cookiejar default setting. 2013-09-04 10:15:35 -04:00
Amitai Schlair d844a3487e cookiejar is now a core config setting. 2013-08-03 09:55:54 -04:00
Amitai Schlair 462d8f8015 Honor proxy env vars and reliably honor cookiejar. 2013-07-27 08:12:01 -04:00
Joey Hess 533793ee46 The ip() pagespec can now contain glob characters to match eg, a subnet full of spammers. 2013-07-08 11:49:38 -04:00
Giuseppe Bilotta 186a76ec20 Allow dots in parameter key names
This allows e.g. the meta command to be used to introduce DublinCore
metadata.
2013-02-15 17:24:33 -04:00
Joey Hess b1cd1c067f add cgi_overload_message 2012-10-11 11:22:03 -04:00
Joey Hess 6bd8c6732e add cgi_overload_delay tunable
Try to avoid a situation in which so many ikiwiki cgi wrapper programs are
running, all waiting on some long-running thing like a site rebuild, that
it prevents the web server from doing anything else. The current approach
only avoids this problem for GET requests; if multiple cgi's run GETs on a
site at the same time, one will display a "please wait" page for a
configurable number of seconds, which then redirects to retry. To enable
this protection, set cgi_overload_delay to the number of seconds to wait.
This is not enabled by default.
2012-10-09 17:12:04 -04:00
Joey Hess f9e96b0c32 passwordauth: Fix url in password recovery email to be absolute.
This got broken when cgiurl began often returning a relative url.
Added a cgiurl_abs for the things that need a guaranteed absolute cgiurl.
2012-04-02 12:24:14 -04:00