47d4aa4812
2015-05-26 10:07:14 -04:00
599e16aef2
openid spam happens, as it turns out
2015-05-25 13:26:03 -04:00
6dfba9b72e
identified (partly) last spammer
2015-05-25 13:19:29 -04:00
66c21af8ba
Revert "WU trf, train tickets, ship shop, cvv, complete fullz, dumps"
...
This reverts commit 1d05cf33fb
2015-05-25 13:17:56 -04:00
1d05cf33fb
WU trf, train tickets, ship shop, cvv, complete fullz, dumps
2015-05-25 09:06:26 -04:00
4268a63be5
typo
2015-05-21 12:29:21 -04:00
9ee5f1626e
Question about python path for external plugins.
2015-05-21 12:28:33 -04:00
b385373b69
http://i.imgur.com/0yo0VjC.png?1
2015-05-19 18:27:41 -04:00
da0baca91b
Idea: embedded podcast A/V player.
2015-05-17 18:44:30 -04:00
ab1bba9dab
cloak user PII when making commits etc, and let cloaked PII be used in banned_users
...
This was needed due to emailauth, but I've also wrapped all IP address
exposure in cloak(), although the function doesn't yet cloak IP addresses.
(One IP address I didn't cloak is the one that appears on the password
reset email template. That is expected to be the user's own IP address,
so ok to show it to them.)
Thanks to smcv for the pointer to
http://xmlns.com/foaf/spec/#term_mbox_sha1sum
2015-05-14 11:58:21 -04:00
2a64eea0f5
comments
2015-05-14 11:02:57 -04:00
85a529db3d
passwordauth: Don't allow registering accounts that look like openids.
...
Also prohibit @ in account names, in case the file regexp was relaxed to
allow it.
2015-05-14 10:57:56 -04:00
804144402b
Merge branch 'master' of ssh://git.ikiwiki.info
2015-05-14 10:46:59 -04:00
f1f3d4c6e7
update re passwordauth @
2015-05-14 10:41:07 -04:00
7ef44d84d6
acls and expectations
2015-05-14 08:22:29 -04:00
dd1dceef47
Critical of automatic merging of stylesheets
2015-05-14 08:14:37 -04:00
71ddaa5adb
2015-05-14 07:06:43 -04:00
20d8557c7b
please do cloak email addresses, the principle of least astonishment applies
2015-05-14 06:05:58 -04:00
42b3b1f63a
proposal for making emailauth not force username == email address
2015-05-14 05:49:45 -04:00
b831d4a6f1
note about email visibility in git commits
2015-05-13 23:44:23 -04:00
b89f4b7ec5
fix page extension
2015-05-13 23:43:16 -04:00
369bfd45cc
close
2015-05-13 23:42:34 -04:00
cfb2c22906
Merge branch 'emailauth'
2015-05-13 23:38:56 -04:00
95e1e51caa
emailauth link sent and verified; user login works
...
Still some work to do since the user name is an email address and should
not be leaked.
2015-05-13 22:27:03 -04:00
f1d77f8193
add emailauth.tmpl
2015-05-13 21:15:08 -04:00
e34533d1a0
email auth plugin now works through email address entry
2015-05-13 18:50:40 -04:00
5b459737a5
Converted openid-selector into a more generic loginselector helper plugin.
2015-05-13 18:50:29 -04:00
f8add0adb3
rename openid selector files to login-selector
2015-05-13 17:58:59 -04:00
ab4d9a5467
generalized the openid selector to a login selector
...
This includes some CSS changes to names of elements.
Also, added Email login button (doesn't work yet of course),
and brought back the small openid login buttons. Demoted yahoo and verison
to small buttons. This makes the big buttons be the main login types, and
the small buttons be provider-specific helpers.
2015-05-13 16:50:44 -04:00
ee2905ae0a
comments
2015-05-13 16:49:12 -04:00
5d49b5c115
link to indieauth and mention existing problems with this approach
2015-05-13 15:49:18 -04:00
370261e715
thoughts
2015-05-13 14:31:08 -04:00
b9a2c3bfde
tyo
2015-05-13 14:23:10 -04:00
3575f939d8
update
2015-05-13 14:22:08 -04:00
ccd285b986
update
2015-05-13 14:19:38 -04:00
c455d51556
proposal
2015-05-13 14:16:16 -04:00
6f627420b5
close
2015-05-13 13:41:16 -04:00
0434f86dd5
branch link fix
2015-05-11 07:55:41 -04:00
8118abb558
local.css also blocking
2015-05-11 07:51:54 -04:00
4c957c366f
can't work this out
2015-05-11 01:18:34 -04:00
fe5dc38344
Add "Aloodo Blog"
2015-05-10 14:35:28 -04:00
e6418a68df
Added a comment: You are right
2015-05-09 22:22:28 -04:00
d869e78023
Added a comment
2015-05-09 03:06:01 -04:00
6af966995f
Fix Archlinux link
2015-05-08 03:15:31 -04:00
34749154d5
Added a comment: Going mobile
2015-05-08 02:39:20 -04:00
73d18438b6
Using ikiwiki for a new podcast.
2015-05-05 22:48:06 -04:00
9446d3faee
underlay plugin needs to be enabled of course
2015-05-02 19:32:34 -04:00
651eba5478
Yes to leaflet.js
2015-04-19 04:54:00 -04:00
e9afe7eb6c
Looking again at fancying up podcasts for iTunes.
2015-04-18 21:17:29 -04:00
1dae5fafe0
split it
2015-04-18 15:04:58 -04:00
a4f69f126e
Start discussion regarding OpenLayers 2
2015-04-18 14:21:49 -04:00
948646f7b9
2015-04-18 13:44:45 -04:00
cd790721b9
still works here, thanks to version pinning
2015-04-18 13:43:34 -04:00
6deeb32ed6
2015-04-18 13:42:44 -04:00
2906a3f0f7
Merge branch 'master' of ssh://git.ikiwiki.info
2015-04-18 12:35:36 -04:00
3fe1f39f88
bug report
2015-04-18 12:30:47 -04:00
0252e5703d
add more details of CVE-2015-2793
2015-04-14 13:38:13 -04:00
8ad932efd5
yes Debian wheezy is vulnerable, a proposed-update is queued
2015-04-14 13:33:32 -04:00
fde1b02ba8
is ikiwiki in wheezy vulnerable?
2015-04-14 14:27:33 +01:00
3c9537af5d
Added a comment
2015-04-13 13:29:51 -04:00
1b4d7b8d6d
osm
2015-04-13 00:26:08 -04:00
36911130d7
2015-04-07 16:31:46 -04:00
c83d351fc2
Added a comment: zombie
2015-04-07 15:00:48 -04:00
491f737f8c
2015-04-07 14:35:09 -04:00
ddf467601a
Update comment on bug
2015-04-07 10:21:08 -04:00
d899301fef
Comment on templatebody bug
2015-04-07 10:15:38 -04:00
8dedc3cef1
Comment on templatebody bug
2015-04-07 10:14:11 -04:00
ddb44f1638
2015-04-02 14:56:28 -04:00
be8521ec16
2015-04-02 14:55:20 -04:00
9b2682a92f
2015-04-02 14:54:37 -04:00
5c1acfe7ea
Typos
2015-03-31 12:01:51 -04:00
e5437b60a4
Add question about meta, title and pagename
2015-03-31 12:00:38 -04:00
708373935b
had a 500 here
2015-03-30 20:35:39 -04:00
f1d7392869
small bug
2015-03-30 20:34:28 -04:00
121e9132f3
security review seems to say this is an okay change
2015-03-30 19:24:45 -04:00
02f745a675
update for recent XSS
2015-03-30 11:31:59 -04:00
3b27d8fafa
respond
2015-03-30 07:09:33 -04:00
11a67ae321
close fixed bug
2015-03-30 07:02:01 -04:00
7da5085589
fix formatting
2015-03-30 06:56:25 -04:00
c68c044d87
rename bugs/XSS_Alert...__33____33____33__.html to bugs/XSS_Alert...__33____33____33__.mdwn
2015-03-30 06:55:39 -04:00
3ca8255a11
also mention 3.20141016.2
2015-03-30 06:53:00 -04:00
23b9023517
fix formatting
2015-03-30 06:51:34 -04:00
1ea7fa90c2
Add news for version 3.20150329
2015-03-29 22:46:39 +01:00
9f003b651d
ouf, works!
2015-03-28 12:47:50 -04:00
969881fd19
fail
2015-03-28 12:42:02 -04:00
9664c85ac9
2015-03-28 12:32:56 -04:00
2a6762f068
Added a comment: progress
2015-03-28 12:31:53 -04:00
6b777f58cf
figure it out at last: would need review from smcv for symlink security
2015-03-28 12:29:42 -04:00
011b2af8c5
another attempt
2015-03-28 03:45:09 -04:00
bff9a88376
2015-03-28 01:55:56 -04:00
18dfba868f
Fix XSS in openid selector. Thanks, Raghav Bisht.
2015-03-27 12:17:39 -04:00
2940fe5334
2015-03-25 00:02:24 -04:00
ed200f2039
2015-03-24 01:51:44 -04:00
ed9228e0b8
2015-03-22 02:50:45 -04:00
498ca24adc
2015-03-21 05:42:27 -04:00
45c187f5be
2015-03-21 05:41:57 -04:00
3f7879e2fe
2015-03-21 05:41:25 -04:00
2dc1250df1
2015-03-21 05:32:10 -04:00
e0dd70576d
2015-03-21 05:30:19 -04:00
2eb34c7442
Revert "hablar sobre sistemas operativos UNIVERSALES ES LO MEJOR"
...
This reverts commit 992f9953c3
2015-03-20 22:24:10 -04:00
usgv@7608a70b09743e47fbf6b7bcd937121e03e4e244
https://id.koumbit.net/anarcat
Antoine Beaupré
https://me.yahoo.com/a/NyYLSvhuu9XQ3TQ79dx8Peg5GY1VfiNezVI-#df77b
spalax
Jake1
Amitai Schlair
Joey Hess
kjs
smcv
http://hendry.iki.fi/
dmarti
santiago
https://www.google.com/accounts/o8/id?id=AItOawkickHAzX_uVJMd_vFJjae6SLs2G38URPU
cbaines
Jonathan Dowland
https://www.google.com/accounts/o8/id?id=AItOawllKlcOj2Js8XJnMJFXXMp7FmsWjsEpOno
https://me.yahoo.com/a/eetjWe8B34ZeUsHyFzpwC5QvBcEuVxllSvpJHw--#376d7
fr33domlover
https://www.google.com/accounts/o8/id?id=AItOawmNBpOEmx0-HoNUP5uM0s-j-WDLhrH4OFc
https://launchpad.net/~beaufils
Simon McVittie
ocket8888
https://www.google.com/accounts/o8/id?id=AItOawkl0wS6X0mzN8lb-SFh3ajLB-7ezwfwyTw
https://www.google.com/accounts/o8/id?id=AItOawndltpDNFSfEZBR_TIcjeDQRkuuyT1e_3o
