Joey Hess
6cc69038ca
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-05-13 12:44:06 -04:00
Joey Hess
fba4a198b5
mdwn: Add a multimarkdown setup file option.
2008-05-13 12:43:25 -04:00
Joey Hess
f1b1e193da
web commit by https://noone.org/openid// : Added note about license (GPL)
2008-05-13 07:08:39 -04:00
Joey Hess
d06e4c2c33
add news item for ikiwiki 2.46
2008-05-12 20:57:46 -04:00
Joey Hess
fb3d5b4800
Fixes for behavior changes in perl 5.10's CGI
...
Something has changed in CGI.pm in perl 5.10. It used to not care
if STDIN was opened using :utf8, but now it'll mis-encode utf-8 values
when used that way by ikiwiki. Now I have to binmode(STDIN) before
instantiating the CGI object.
In 57bba4dac1
, I changed from decoding
CGI::Formbuilder fields to utf-8, to decoding cgi parameters before setting
up the form object. As of perl 5.10, that approach no longer has any effect
(reason unknown). To get correctly encoded values in FormBuilder forms,
they must once again be decoded after the form is set up.
As noted in 57bba4da
, this can cause one set of problems for
formbuilder_setup hooks if decode_form_utf8 is called before the hooks, and
a different set if it's called after. To avoid both sets of problems, call
it both before and after. (Only remaining problem is the sheer ugliness and
inefficiency of that..)
I think that these changes will also work with older perl versions, but I
haven't checked.
Also, in the case of the poll plugin, the cgi parameter needs to be
explcitly decoded before it is used to handle utf-8 values. (This may have
always been broken, not sure if it's related to perl 5.10 or not.)
2008-05-12 20:44:22 -04:00
Joey Hess
80a110ad60
update
2008-05-12 17:13:02 -04:00
Joey Hess
adb5d92ed7
not just a poll plugin problem
2008-05-12 17:09:40 -04:00
Joey Hess
7ac5b0414d
Revert "web commit by http://joey.kitenet.net/ : testing utf-8"
...
This reverts commit 908375a63e
.
2008-05-12 17:08:10 -04:00
Joey Hess
908375a63e
web commit by http://joey.kitenet.net/ : testing utf-8
2008-05-12 17:07:17 -04:00
Joey Hess
bafb2d7b81
web commit by http://liw.fi/
2008-05-12 16:26:38 -04:00
Joey Hess
be81c594ce
thoughts
2008-05-12 14:38:17 -04:00
Joey Hess
21cd34106d
response
2008-05-12 14:10:17 -04:00
Joey Hess
3ca4b4089a
web commit by http://liw.fi/ : Updated URL for openiddirectory page. It had moved.
2008-05-11 08:15:34 -04:00
Joey Hess
7a4a17f120
web commit by http://liw.fi/ : Updated URL for emacs markdown mode. The page had moved to a new location.
2008-05-11 08:14:13 -04:00
Joey Hess
345c707921
web commit by http://madduck.net/
2008-05-10 14:15:23 -04:00
Joey Hess
8dc18fc9d4
web commit by http://madduck.net/
2008-05-10 13:18:26 -04:00
Joey Hess
ae980bc471
web commit by http://madduck.net/ : add shortcut for wiki.debian.org
2008-05-10 09:28:14 -04:00
Joey Hess
e34011afcc
web commit by buo: Response
2008-05-09 16:46:40 -04:00
Joey Hess
4eba3f631b
design for a xapian search plugin
2008-05-08 19:42:33 -04:00
Joey Hess
a50fb83394
add --delete-bucket option
2008-05-08 16:11:39 -04:00
Joey Hess
0168cc3c8b
response
2008-05-08 15:53:48 -04:00
Joey Hess
879f3a9403
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-05-08 15:51:41 -04:00
Joey Hess
b8d81b7b7f
amazon s3 index file improvements
...
Turns out duplicate index files do not need to be stored when usedirs is in
use, just when it's not. Ikiwiki is quite consistent about using page/ when
usedirs is in use. (The only exception is the search plugin, which needs
fixing.)
This also includes significant code cleanup, removal of a incorrect special
case for empty files, and addition of a workaround for a bug in the amazon
perl module.
2008-05-08 15:51:09 -04:00
Joey Hess
2bf34f1733
web commit by buo: re: question
2008-05-08 14:45:57 -04:00
Joey Hess
ca33ec2b9c
question
2008-05-08 14:12:44 -04:00
Joey Hess
57cf8ef4f2
web commit by buo: More information on ikiwiki mangling accented characters
2008-05-08 11:56:37 -04:00
Joey Hess
6bba9b0e4d
web commit by http://madduck.net/ : closing
2008-05-08 10:59:38 -04:00
Joey Hess
a3e1783596
web commit by buo: Removing previous installation fixes compile failure.
2008-05-08 10:29:48 -04:00
Joey Hess
de344200c6
web commit by jrn: gratuitous change to test (remove "And")
2008-05-08 00:26:58 -04:00
Joey Hess
dafa7ef3e2
most modules are pre-installed now
2008-05-08 00:20:49 -04:00
Joey Hess
be89d6749e
update
2008-05-07 23:51:01 -04:00
Joey Hess
9e6a4ccfdd
amazon s3 support implemented and kinda working
...
pruning not yet implemented, however
2008-05-07 23:15:43 -04:00
Joey Hess
939885d556
whitespace
2008-05-07 22:02:28 -04:00
Joey Hess
d1154b2925
documentation for amazon_s3 plugin
...
Now to write it. :-)
2008-05-07 21:20:58 -04:00
Joey Hess
3eb3ff6208
cannot reproduce
2008-05-07 17:10:43 -04:00
Joey Hess
a7ece50826
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-05-07 17:06:12 -04:00
Joey Hess
cdf8ced4c2
clarification
2008-05-07 16:35:06 -04:00
Joey Hess
2b5d12f658
web commit by buo: bug: 2.45 fails to compile
2008-05-07 14:47:30 -04:00
Joey Hess
b731fce466
web commit from 145.97.197.85: poll vote (Accept both)
2008-05-07 04:11:57 -04:00
Joey Hess
2c000c6e32
fix links
2008-05-06 19:24:00 -04:00
Joey Hess
dc26eb7d12
new tip documenting how to use the pinger and pingee plugins
2008-05-06 19:22:09 -04:00
Joey Hess
b144831e46
pinger/pingee now tested and working
2008-05-06 19:06:53 -04:00
Joey Hess
880d098dab
template change documentation
2008-05-06 14:33:03 -04:00
Joey Hess
069c938aad
update
2008-05-05 20:22:10 -04:00
Joey Hess
1f88cad3a2
aggregate: Add support for web-based triggering of aggregation for people stuck on shared hosting without cron. (Sheesh.) Enabled via the `aggregate_webtrigger` configuration optiom.
2008-05-05 20:20:45 -04:00
Joey Hess
86c6f2b963
fix PERL5LIB in examples
...
Using `pwd` makes some modules that call cpan recursively succeed to
install
2008-05-05 20:12:06 -04:00
Joey Hess
0599a6591f
update
2008-05-05 19:14:33 -04:00
Joey Hess
adeba977cb
update
2008-05-05 19:10:42 -04:00
Joey Hess
ed98af9750
add sections, expand, reorg
2008-05-05 19:08:47 -04:00
Joey Hess
8599297edf
update
2008-05-05 18:59:20 -04:00
Joey Hess
7588f7b239
correction
2008-05-05 18:59:02 -04:00
Joey Hess
df13ac07c8
more on cleanup
2008-05-05 15:39:36 -04:00
Joey Hess
f324b911e2
linkify
2008-05-05 15:19:55 -04:00
Joey Hess
96b3880725
add news item for ikiwiki 2.45
2008-05-05 15:18:12 -04:00
Joey Hess
545054c356
releasing version 2.45
2008-05-05 15:17:44 -04:00
Joey Hess
a72c33c76c
updates
2008-05-05 15:03:38 -04:00
Joey Hess
b1b9c2c0d1
formatting
2008-05-05 14:58:21 -04:00
Joey Hess
b428fb1b14
formatting
2008-05-05 14:53:31 -04:00
Joey Hess
3a9dfb8361
enhancesments for shared hosting
...
* Add a Bundle::Ikiwiki to the source for use with CPAN to install *all*
the modules ikiwiki can use.
* Add a cpan directory containing a CPAN::MyConfig that can ease use of
CPAN to install in a home directory on shared hosting providers.
* With these changes, it's pretty easy to install onto nearlyfreespeech.net
and probably other shared hosting providers like dreamhost. Added
a tip page documentng the process for nearlyfreespeech.
2008-05-05 14:51:26 -04:00
Joey Hess
ad44c47977
rename to more specific name
2008-05-05 14:14:08 -04:00
Joey Hess
c1196acadc
linkify
2008-05-03 13:32:28 -04:00
Joey Hess
27ca70225e
web commit by RichMorin
2008-05-03 10:17:35 -04:00
Joey Hess
1ad826eb94
web commit by RichMorin
2008-05-03 10:08:36 -04:00
Joey Hess
b2dea99417
Fix ugly display when editing a page that has vanished.
...
srcfile now has an optional second parameter to avoid it throwing an error
if the source file does not exist.
2008-05-02 13:02:07 -04:00
Joey Hess
6f852e88e3
anonk: Add anonok_pagespec configuration setting that can be used to allow anonymous users to edit only matching pages. Closes : #478892
2008-05-01 14:58:23 -04:00
Joey Hess
f39659277d
web commit by http://vibrog.myopenid.com/
2008-04-30 16:25:30 -04:00
Joey Hess
a512904a9d
web commit by http://alcopop.org/me/openid/ : poll vote (Accept only OpenID for logins)
2008-04-30 16:00:48 -04:00
Joey Hess
a2e0ef4572
web commit by http://alcopop.org/me/openid/ : context
2008-04-30 15:54:27 -04:00
Joey Hess
6de5cbaaee
web commit by http://alcopop.org/me/openid/ : test comment
2008-04-30 15:52:33 -04:00
Joey Hess
7647109bac
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-04-30 12:58:55 -04:00
Joey Hess
bb51e81762
img: Support a title attribute, will be passed through to html. Closes : #478718
2008-04-30 12:58:36 -04:00
Joey Hess
3419cdfcbb
web commit by buo: Web editing and mangled characters
2008-04-30 11:09:37 -04:00
Joey Hess
112737535c
resp
2008-04-29 18:20:21 -04:00
Joey Hess
516908cc8e
web commit by http://vibrog.myopenid.com/
2008-04-29 01:37:57 -04:00
Joey Hess
cafffef679
web commit by http://tychoish.livejournal.com/ : sandbox test of wikilink
2008-04-28 22:31:48 -04:00
Joey Hess
cf2652c139
web commit by JeremyReed: why if?
2008-04-28 17:54:32 -04:00
Joey Hess
c25f0f7abd
response
2008-04-28 17:01:59 -04:00
Joey Hess
edaccbbb55
web commit by http://vibrog.myopenid.com/
2008-04-28 16:39:22 -04:00
Joey Hess
66984deaeb
thoughts
2008-04-28 15:57:17 -04:00
Joey Hess
f37abf206e
use a proper wiki link, not a html link
2008-04-28 15:52:42 -04:00
Joey Hess
72cedc59e9
fix formatting
2008-04-28 15:47:11 -04:00
Joey Hess
6412cbfe52
idea
2008-04-28 15:43:06 -04:00
Joey Hess
dbb5d11196
Deal with different paths to perl when removing -T flag.
2008-04-28 15:37:17 -04:00
Joey Hess
4723d5f9f1
response
2008-04-28 15:34:11 -04:00
Joey Hess
bde6809e5b
web commit by http://vibrog.myopenid.com/
2008-04-28 15:03:22 -04:00
Joey Hess
1a4ba6cbcf
web commit by JeremyReed: about news site
2008-04-28 14:57:25 -04:00
Joey Hess
f3eda82c08
web commit by JeremyReed: reply about perl version in filename too.
2008-04-28 14:15:38 -04:00
Joey Hess
0d80b13738
web commit by JeremyReed: reply
2008-04-28 14:11:52 -04:00
Joey Hess
bbfc613360
web commit by http://vibrog.myopenid.com/
2008-04-28 14:08:04 -04:00
Joey Hess
6b316dd8e0
response
2008-04-28 13:48:33 -04:00
Joey Hess
453bdeaf55
response
2008-04-28 13:46:50 -04:00
Joey Hess
9f02ee8634
Add PREFIX/bin to the hardcoded PATH within ikiwiki.
2008-04-28 13:44:37 -04:00
Joey Hess
aa4f9fe232
response
2008-04-28 13:38:53 -04:00
Joey Hess
74d98c69b1
web commit by JeremyReed: found problem
2008-04-28 12:47:29 -04:00
Joey Hess
bc9a448c58
web commit by JeremyReed: more info. sid is defined in prefs just not edit
2008-04-28 12:32:54 -04:00
Joey Hess
3b16d472c0
web commit by JeremyReed: sid not in form.
2008-04-28 12:09:47 -04:00
Joey Hess
b6435e9b7d
web commit by JeremyReed: fix link to SharedHosting by prefixing with slash.
2008-04-28 11:48:34 -04:00
Joey Hess
e56dd17bcf
web commit by JeremyReed: Can't exec "ikiwiki-transition"
2008-04-28 11:44:01 -04:00
Joey Hess
4e0f75a75f
web commit by JeremyReed: hard-coded perl path
2008-04-28 11:07:05 -04:00
Joey Hess
fdffe02d39
web commit by http://vibrog.myopenid.com/
2008-04-28 05:52:58 -04:00
Joey Hess
02da269465
web commit by http://edward.myopenid.com/ : fix code block rendering
2008-04-28 02:42:50 -04:00
Joey Hess
29bf14fcc3
followup
2008-04-27 14:34:23 -04:00
Joey Hess
1d4bc83aec
the sandbox is not a TODO list. Remove TODO item
2008-04-27 14:32:55 -04:00
Joey Hess
cc26b153b4
move question to discussion page, where it belongs
2008-04-27 14:32:30 -04:00
Joey Hess
a64bc76fbe
response
2008-04-27 14:31:35 -04:00
Joey Hess
502197e9bb
web commit by http://vibrog.myopenid.com/
2008-04-27 04:29:12 -04:00
Joey Hess
008de43f67
web commit by http://vibrog.myopenid.com/
2008-04-27 04:28:28 -04:00
Joey Hess
319bf45a37
web commit by http://vibrog.myopenid.com/
2008-04-27 04:22:55 -04:00
Joey Hess
51042ff04a
web commit by http://vibrog.myopenid.com/
2008-04-27 04:19:58 -04:00
Joey Hess
35f943e6f8
web commit by http://harningt.eharning.us/ : applied alterations according to comments/git reqs
2008-04-27 00:23:27 -04:00
Joey Hess
17c276dea5
web commit by JeremyReed: about taint and -T build failure
2008-04-26 20:54:08 -04:00
Joey Hess
9652cdfe2e
toc: Add the table of contents at sanitize time, rather than at format time. This allows the toc to be displayed when previewing an edit. It also avoids headers in the page template from showing up in the toc.
2008-04-26 15:13:01 -04:00
Joey Hess
2d78c4d9a7
response; fixed
2008-04-26 15:07:21 -04:00
Joey Hess
deba9c7af4
response
2008-04-26 15:05:26 -04:00
Joey Hess
562e24d695
response
2008-04-26 14:55:56 -04:00
Joey Hess
59c81f07fa
add news item for ikiwiki 2.44
2008-04-24 13:52:41 -04:00
Joey Hess
7758dbb279
web commit by http://madduck.net/
2008-04-24 03:57:49 -04:00
Joey Hess
49043e48fa
web commit by http://madduck.net/
2008-04-24 03:12:51 -04:00
Joey Hess
3635867493
web commit by http://harningt.eharning.us/ : updated openid reference
2008-04-24 00:01:27 -04:00
Joey Hess
475429a917
web commit by http://harningt.eharning.us/ : more git attribution corner-case ideas
2008-04-24 00:00:53 -04:00
Joey Hess
2987b08ec9
web commit by http://mlcastle.net/ : poll vote (Accept only OpenID for logins)
2008-04-22 20:32:45 -04:00
Joey Hess
04a7003c5d
web commit by http://mlcastle.net/ : add hindi text.
2008-04-22 20:13:11 -04:00
Joey Hess
827f6b9bfc
remove question that was added to a non-discussion page
2008-04-22 15:19:15 -04:00
Joey Hess
710b118b49
web commit by Dirk
2008-04-22 14:40:37 -04:00
Joey Hess
6dcb111310
web commit by Dirk
2008-04-22 14:38:23 -04:00
Joey Hess
42f4904f72
web commit by http://hendry.iki.fi/ : anti-expert-exchange
2008-04-22 04:58:20 -04:00
Joey Hess
3bc9d474a3
web commit by bartuer: add a question about restructuredtext
2008-04-21 15:25:51 -04:00
Joey Hess
0405299f07
web commit by http://andreyvit.livejournal.com/
2008-04-21 00:16:48 -04:00
Joey Hess
3912a9f5e9
add CVE link
2008-04-20 15:25:51 -04:00
Joey Hess
e62f3f8f95
web commit by http://codehelp.myopenid.com/ : Add QOF and estron
2008-04-20 13:34:15 -04:00
Joey Hess
a516b2a63f
web commit by http://hendry.iki.fi/ : google search
2008-04-19 17:15:30 -04:00
Joey Hess
e1842ce95c
remove random html
...
This page documents markdown. Please use the sandbox for formatting
testing, and not this page.
2008-04-18 18:43:33 -04:00
Joey Hess
84b915d6d1
web commit by alccode
2008-04-18 17:06:22 -04:00
Joey Hess
81355cd4c6
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-04-17 14:38:16 -04:00
Joey Hess
f1228946bd
Bring back the svnrepo setup file option. This is needed for recentchangediff to work with svn repos.
2008-04-17 14:37:55 -04:00
Joey Hess
143c8770d1
web commit by http://sabr.myopenid.com/
2008-04-17 08:40:07 -04:00
Joey Hess
d420e032cc
web commit by http://sabr.myopenid.com/ : thanks belong at the end of the conversation, not the beginning!
2008-04-17 06:22:19 -04:00
Joey Hess
14b8d6369b
web commit by http://sabr.myopenid.com/
2008-04-17 06:12:21 -04:00
Joey Hess
4216b9590f
web commit by http://sabr.myopenid.com/
2008-04-17 03:12:49 -04:00
Joey Hess
543926c540
web commit by http://sabr.myopenid.com/
2008-04-17 03:10:30 -04:00
Joey Hess
cedb7c33f9
web commit by http://sabr.myopenid.com/
2008-04-17 03:09:44 -04:00
Joey Hess
48976989e0
web commit by http://sabr.myopenid.com/
2008-04-17 03:08:58 -04:00
Joey Hess
cbe4f9ead5
web commit by http://sabr.myopenid.com/
2008-04-17 03:08:36 -04:00
Joey Hess
9f44f60a89
web commit by http://sabr.myopenid.com/
2008-04-17 03:08:11 -04:00
Joey Hess
2512ceebb0
web commit by http://sabr.myopenid.com/
2008-04-17 02:29:18 -04:00
Joey Hess
21b8c3f94d
web commit by JoshTriplett: Testing adding a page with page type not set.
2008-04-16 20:21:29 -04:00
Joey Hess
74d8a656da
web commit by http://bruno.boulgour.com/ : Typo
2008-04-16 19:14:58 -04:00
Joey Hess
e8c9362c7f
web commit by http://bruno.boulgour.com/ : Problems with adminuser role
2008-04-16 19:14:07 -04:00
Joey Hess
e91b128338
add news item for ikiwiki 2.43
2008-04-16 18:45:34 -04:00
Joey Hess
570f7e6594
web commit by http://hands.com/~phil/
2008-04-15 06:39:46 -04:00
Joey Hess
982f969367
web commit by http://hands.com/id/phil/
2008-04-13 16:54:58 -04:00
Joey Hess
10150e675d
web commit by http://sabr.myopenid.com/
2008-04-13 12:55:51 -04:00
Joey Hess
1efaa8e6ec
web commit by http://sabr.myopenid.com/
2008-04-13 12:55:02 -04:00
Joey Hess
c8097457a7
web commit by http://sabr.myopenid.com/
2008-04-13 12:52:22 -04:00
Joey Hess
9a2dfd21ab
web commit by http://sabr.myopenid.com/
2008-04-13 12:48:28 -04:00
Joey Hess
3f0de75332
web commit by http://sabr.myopenid.com/ : add a toc to test it appearing in preview... it doesn't.
2008-04-13 12:21:33 -04:00
Joey Hess
40c03af378
web commit by http://sabr.myopenid.com/
2008-04-13 12:08:44 -04:00
Joey Hess
f4797af297
web commit by http://sabr.myopenid.com/
2008-04-12 22:53:53 -04:00
Joey Hess
50e06351ca
web commit by http://sabr.myopenid.com/
2008-04-12 22:46:00 -04:00
Joey Hess
78e740f643
web commit by http://sabr.myopenid.com/
2008-04-12 22:23:55 -04:00
Joey Hess
c70160e995
web commit by http://sabr.myopenid.com/
2008-04-12 22:15:21 -04:00
Joey Hess
d97ca8c610
web commit by http://sabr.myopenid.com/
2008-04-12 20:36:15 -04:00
Joey Hess
378c2696d9
web commit by http://sabr.myopenid.com/
2008-04-12 20:13:42 -04:00
Joey Hess
7518b245f2
web commit by http://sabr.myopenid.com/
2008-04-12 20:05:34 -04:00
Joey Hess
060ceaba1f
web commit by http://sabr.myopenid.com/
2008-04-12 20:04:59 -04:00
Joey Hess
4988a901c8
web commit by http://sabr.myopenid.com/
2008-04-12 20:04:29 -04:00
Joey Hess
7178de28da
web commit by tschwinge: Modify.
2008-04-12 18:01:54 -04:00
Joey Hess
461f907403
web commit by http://sabr.myopenid.com/
2008-04-12 17:57:09 -04:00
Joey Hess
3b7b057e01
patch, thoughts
2008-04-12 17:19:32 -04:00
Joey Hess
57035d610e
web commit by http://sabr.myopenid.com/
2008-04-12 13:21:11 -04:00
Joey Hess
1f4dec34e2
web commit by cjb: Added wiktionary shortcut
2008-04-10 21:55:25 -04:00
Joey Hess
26c96e1f10
web commit by http://sabr.myopenid.com/
2008-04-10 20:18:20 -04:00
Joey Hess
2718fc2b25
response
2008-04-10 19:54:38 -04:00
Joey Hess
92e39d7391
cannot reproduce
2008-04-10 19:32:43 -04:00
Joey Hess
abde579038
response
2008-04-10 19:25:23 -04:00
Joey Hess
51f75484d7
let's move the access keys discussion out to the todo item about it
2008-04-10 19:18:34 -04:00
Joey Hess
d9275303cc
correct the command line used to generate the favicon
2008-04-10 18:51:21 -04:00
Joey Hess
58e346d229
correct utf-8 damage introduced by jblevins's modification of this page
2008-04-10 18:00:17 -04:00
Joey Hess
235b6d18b6
change wording
2008-04-10 17:59:11 -04:00
Joey Hess
04d601f419
response
2008-04-10 17:53:24 -04:00
Joey Hess
2beb279806
Give the full path to the hyperestraier helpfile in estseek.conf.
2008-04-10 17:50:43 -04:00
Joey Hess
b698bf2408
Use bzr --quiet to avoid it outputting stuff and messing up http headers. (Scott Bronson)
2008-04-10 17:44:40 -04:00
Joey Hess
e4395a567b
Fix broken rcs_update for bzr. (Scott Bronson)
2008-04-10 17:41:43 -04:00
Joey Hess
e1d456a86f
Fix missing import of escapeHTML in userlink. (Scott Bronson)
2008-04-10 17:39:51 -04:00
Joey Hess
15237c74fc
response
2008-04-10 17:31:39 -04:00
Joey Hess
a91f044044
add news item for ikiwiki 2.42
2008-04-10 17:24:24 -04:00
Joey Hess
7f51c69491
releasing version 2.42
2008-04-10 17:24:08 -04:00
Joey Hess
d5c964508f
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-04-10 17:12:55 -04:00
Joey Hess
ab0e0e807a
perl dumping core is not an ikiwiki bug, sorry
2008-04-10 17:09:58 -04:00
Joey Hess
555f1d0512
web commit by http://joey.kitenet.net/ : test
2008-04-10 16:46:23 -04:00
Joey Hess
243739e1c3
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
2008-04-10 16:35:50 -04:00
Joey Hess
72b5ef2c5f
Fix CSRF attacks against the preferences and edit forms. Closes : #475445
...
The fix involved embedding the session id in the forms, and not allowing the
forms to be submitted if the embedded id does not match the session id.
In the case of the preferences form, if the session id is not embedded,
then the CGI parameters are cleared. This avoids a secondary attack where the
link to the preferences form prefills password or other fields, and
the user hits "submit" without noticing these prefilled values.
In the case of the editpage form, the anonok plugin can allow anyone to edit,
and so I chose not to guard against CSRF attacks against users who are not
logged in. Otherwise, it also embeds the session id and checks it.
For page editing, I assume that the user will notice if content or commit
message is changed because of CGI parameters, and won't blndly hit save page.
So I didn't block those CGI paramters. (It's even possible to use those CGI
parameters, for good, not for evil, I guess..)
The only other CSRF attack I can think of in ikiwiki involves the poll plugin.
It's certianly possible to set up a link that causes the user to unknowingly
vote in a poll. However, the poll plugin is not intended to be used for things
that people would want to attack, since anyone can after all edit the poll page
and fill in any values they like. So this "attack" is ignorable.
2008-04-10 16:35:30 -04:00
Joey Hess
609e74bbd8
fix what I think is a typo
2008-04-10 16:08:59 -04:00
Joey Hess
c69c811d64
web commit by http://joey.kitenet.net/ : oops :-)
2008-04-10 14:45:00 -04:00
Joey Hess
ff363cf9a0
web commit by http://joey.kitenet.net/
2008-04-10 14:43:58 -04:00
Joey Hess
5647448501
web commit by ScottSwalwell: Fixed my fix.
2008-04-10 13:01:27 -04:00
Joey Hess
7921d9456c
web commit by ScottSwalwell: Fixed this link.
2008-04-10 13:00:36 -04:00
Joey Hess
04528ba259
web commit by cjb: Fixed URL
2008-04-10 01:06:21 -04:00
Joey Hess
e8728aa894
web commit by cjb: Tagged
2008-04-10 00:09:07 -04:00
Joey Hess
675236d251
web commit by cjb: Suggested patch for 302 redirect after page creation when using bzr
2008-04-10 00:07:59 -04:00