Commit Graph

871 Commits (44d4f086efcd5e777e100eeca078fc6eafaf9476)

Author SHA1 Message Date
Joey Hess 16299dbae8 load HTML::Entities at top
Used in several subs, not all of which load it on demand, this seems simpler.
2008-03-14 18:43:54 -04:00
Joey Hess bc2671082b no need to use HTML::Entities, as it's loaded on demand by code below 2008-03-12 18:52:33 -04:00
Joey Hess 99c65a4c0e * Use absolute url for feedurl when filling out the feed templates.
Closes: #470530
2008-03-12 18:49:41 -04:00
Joey Hess 862ca19eb1 truncate recentchangesdiffs after 200 lines
This works around a perl crasher bug, and also avoids bloating pages
with enormous diffs.

rcs_recentchanges modified to return a list in an array context.
2008-03-12 15:45:10 -04:00
Joey Hess 3dc979470e use git show to get the diff
If a diff of the firsst commit in a git repo was requested, it would fail and
print to stderr since first^ isn't valid. Using git show will always work.
2008-03-12 14:44:20 -04:00
Joey Hess f7bdc2385d * Use forcebaseurl to make page previews be displayed with the html base
set to the destination page. This avoids need for hacks to munge the urls
  in preview mode, which fixes several bugs.
* Several destpage fixes in plugins.
2008-03-12 14:21:48 -04:00
Joey Hess 2fa9da9f16 * monotone: Require version 0.38 or greater, and stop using the mtnmergerc
option. (Brian May)
2008-03-12 10:46:04 -04:00
Joey Hess 51ee2a2eab fix syntax error 2008-03-12 10:35:25 -04:00
martin f. krafft d02e350a69 Correct meta.robots attribute value->content
This was a silly typo, sorry. <meta ...> takes an attribute content, not
value.

Signed-off-by: martin f. krafft <madduck@madduck.net>
2008-03-11 18:37:04 -04:00
martin f. krafft c471d5425f Generate openid2 headers as well
This causes meta.openid to also generate the openid2 headers.

Signed-off-by: martin f. krafft <madduck@madduck.net>
2008-03-11 15:53:21 -04:00
martin f. krafft 2325525713 Let meta.openid set X-XRDS-Location header
Adds an optional xrds-location parameter to the openid meta handler,
which allows for XRDS delegation.

A good document on XRDS is
http://www.windley.com/archives/2007/05/using_xrds.shtml

Signed-off-by: martin f. krafft <madduck@madduck.net>
2008-03-11 15:51:11 -04:00
Joey Hess fc4c1b7ec8 * Remove locking code in git rcs_commit. I'm not sure if this was ever
correct, and it's certianly not correct now, since the wiki is locked
  before rcs_commit is ever called, and should not be unlocked by
  rcs_commit either.
2008-03-07 12:25:40 -05:00
Joey Hess eec482aa65 test for Text::Markdown::[Mm]arkdown and use the available one
Markdown is such a splintered mess.. The current debian package provides
only Text::Markdown::Markdown, while all versions of Text::Markdown support
Text::Markdown::markdown, and old versions also support the capitalised version,
while new ones don't.

It's getting to the point where `grep /markdown/i %symbol_table` is the only
sane way to figure out what function to call..
2008-03-04 20:29:52 -05:00
Joey Hess 0217eebf49 * Use Text::Markdown::markdown, since version 1.0.16 of Text::Markdown
no longer supports Text::Markdown::Markdown. All old versions of
  Text::Markdown also support the lower-case version.
2008-03-04 20:17:55 -05:00
Joey Hess d93aaed791 * Add recentchangesdiff plugin that adds diffs to the recentchanges feeds.
* rcs_diff is a new function that rcs modules should implement.
* Implemented rcs_diff for git, svn, and tla (tla version untested).
  Mercurial and monotone still todo.
2008-03-03 15:53:34 -05:00
martin f. krafft c10cfb27d1 Add robots tag to meta plugin
Add special handling for <meta name="robots" ...> which needs not be
scrubbed as it's harmless.

Signed-off-by: martin f. krafft <madduck@madduck.net>
(cherry picked from commit b15d0299a7f7b147e89d8a202d6cca1c21491af2)
2008-03-02 18:04:09 -05:00
Adeodato Simó a8f08ab8e1 Make directives generated by shortcuts accept a `desc` parameter.
(cherry picked from commit 252da396bfa728b99af7c9bb304a7b5f3f6d94e6)
2008-03-02 18:04:09 -05:00
Adeodato Simó be0b4f603f Allow colons in URLs after the first slash
A new regexp fixes this bug:
http://ikiwiki.info/bugs/No_link_for_blog_items_when_filename_contains_a_colon/

I traced this down to htmlscrubber. If disabled,
it works. If enabled, then $safe_url_regexp
determines the URL unsafe because of the colon and
hence removes the src attribute.

Digging into this, I find that RFC 3986 pretty
much discourages colons in filenames:

"""
A path segment that contains a colon character
(e.g., "this:that") cannot be used as the first
segment of a relative-path reference, as it would
be mistaken for a scheme name. Such a segment must
be preceded by a dot-segment (e.g., "./this:that")
to make a relative- path reference.
"""

on the other hand, with usedirs, any link to
another page will be prepended by ../ anyway, so
that makes them okay again.

The solution still seems not to use colons.

In any case, htmlscrubber should get a new regexp,
courtesy of dato.

I have tested and verified this.

Signed-off-by: martin f. krafft <madduck@madduck.net>
2008-02-29 19:29:44 +01:00
Joey Hess f4773f6a83 avoid calling getctime on internal pages
internal pages won't be in revision control so this avoids some ugly noise
2008-02-24 18:02:34 -05:00
Joey Hess 4eabb3cb7a * inline: When forcing urls absolute for rss feeds, skip mailto and other
such urls.
2008-02-24 17:07:56 -05:00
Joey Hess bd55d276b3 Fix links generated by preprocessor directives when previewing.
As was already done for linkfication, links generated in a prevew page
are relative to the top of the wiki, so it has to be told that the destpage
is there.

I was using "" to indicate this, but that may confuse some preprocessor
plugins, which treat parameters with an empry value specially (sparkline is one
such). Instead, use "/", which is more accurate anyway and works just as well.
2008-02-24 16:37:11 -05:00
Joey Hess f7303db5a1 * Fix another preview will_render bug. This one involved inline,
which forced a scan of the page to make available metadata that
  appeared after the inline directive. Problem is that scan made it forget
  about any other files rendered due to the page. The scan also turns out
  to be unnecessary now, since meta persistently stores state and it's
  always available. So it was just removed.
2008-02-24 15:36:25 -05:00
Joey Hess a59af82bb8 * tla: Remove call to escapeHTML when constructing recentchanges message;
the html is escaped at a different level. Closes: #466495
* bzr, mercurial: Remove unused import of escapeHTML.
2008-02-20 16:45:02 -05:00
Joey Hess 1c06aed378 * monotone: Add code to default mergerc file to run
_MTN/ikiwiki-netsync-hook when a commit is merged in from the net.
2008-02-14 16:10:33 -05:00
Joey Hess 553136ec1f * Preview limits the page dropdown to what's selected previously
(as preserving the full list across preview would be tricky). Userdirs
  were still being offered as an option there, remove them.
* Fix a bug where user A created a page concurrently with user B, and
  when B previewed it would redirect B to A's new page, losing B's work.
  Instead, don't redirect and let conflict handling resolve it.
2008-02-14 15:42:14 -05:00
Joey Hess 8be2b60aac * The search plugin needs to override <base> to point to the directory
containing ikiwiki.cgi, but this should not change the urls to the style
  sheets etc. Add a new forcebareurl parameter to misctemplate to allow
  it to do that.
2008-02-14 15:20:49 -05:00
Joey Hess 1de1fb15a0 * camelcase: Convert to use new linkify and scan hooks rather than the old
hack.
2008-02-11 23:04:19 -05:00
Joey Hess 4763514861 * Add the linkify and scan hooks. These hooks can be used to implement
custom, first-class types of wikilinks.
* Move standard wikilink implementation to a new wikilink plugin, which
  will of course be enabled by default.
2008-02-11 22:48:27 -05:00
Joey Hess 4aab5f0a73 * Generate XML RPC messages with the encoding set to utf-8 instead
of XML::RPC's default of us-ascii. Allows interoperation with
  python's xmlrpc library, which threw invalid encoding exceptions and
  caused the rst plugin to hang.
2008-02-11 00:11:49 -05:00
Joey Hess c6fc554c54 use quotemeta when building the regexp 2008-02-10 19:02:12 -05:00
Josh Triplett 728dfd9595 Allow the smb: URI scheme. 2008-02-10 15:08:56 -08:00
Josh Triplett 502cd00ec7 Allow the snews: URI scheme. 2008-02-10 15:05:11 -08:00
Josh Triplett ec9d3ab549 Do not allow the steam: URI scheme. 2008-02-10 14:59:08 -08:00
Josh Triplett 3cda22a27f Match literal '.' in URI schemas containing '.', rather than matching any character 2008-02-10 14:50:30 -08:00
Joey Hess bbcf878f75 * meta: Check that the urls provided for authorurl, permalink, and openid
are safe and can't contain javascript.
2008-02-10 17:17:44 -05:00
Joey Hess 4bfdbd4858 export $safe_url_regexp 2008-02-10 17:07:21 -05:00
Josh Triplett d20e24b636 Also filter the attributes cite, longdesc, and usemap, which can contain URIs 2008-02-10 13:59:37 -08:00
Joey Hess 2078f706d6 add parens around scheme regexp 2008-02-10 16:29:46 -05:00
Josh Triplett a7be7bdf56 Do not allow the about: URI scheme
Some browsers interpret about: URIs like a limited version of data:
URIs.  In particular, some versions of Internet Explorer interpret
arbitrary HTML content in about: URIs.
2008-02-10 13:23:28 -08:00
Joey Hess dfd6bb3854 fix data:image handling 2008-02-10 15:24:03 -05:00
Joey Hess d7e0c035e5 * htmlscrubber security fix: Block javascript in uris.
* Add htmlscrubber test suite.
2008-02-10 13:16:40 -05:00
Josh Triplett 122f6df325 Merge branch 'master' into prefix-directives
Conflicts:

	debian/changelog
	templates/change.tmpl
2008-02-09 23:02:52 -08:00
Joey Hess f1fcb5be9c * Page templates can now use CTIME to show when the page was created. 2008-02-09 23:05:48 -05:00
Joey Hess 63e316f362 * Don't die if running with --getctime and rcs_getctime throws an error.
There are several cases (recentchanges files, aggregated files)
  where some source files are not in revision control.
2008-02-07 22:11:54 -05:00
Joey Hess a4b2e77077 add support for prefix_directives 2008-02-05 16:14:38 -05:00
Joey Hess f64ef7deb6 proper fix for the preview/will_render issue 2008-02-04 18:46:34 -05:00
Joey Hess b37dc9c926 preview shouldn't show the feed buttons or post form 2008-02-04 18:44:54 -05:00
Joey Hess bf522a347f * inline: Add new `allowrss` and `allowatom` config options. These can be
used if you want a wiki that doesn't default to generating rss or atom
  feeds, but that does allow them to be turned on for specific blogs.
2008-02-04 18:36:50 -05:00
Joey Hess 85de2f7bc4 the old code worked, suprisingly, but I prefer this form 2008-02-04 18:05:40 -05:00
Joey Hess d1c4899a22 * inline: When previewing, still call will_render on rss/atom files,
just avoid actually writing the files. This is necessary because ikiwiki
  saves state after a preview (in case it actually *did* write files),
  and if will_render isn't called its security checks will get upset
  when the page is saved. Thanks to Edward Betts for his help tracking this
  tricky bug down.
2008-02-04 17:58:23 -05:00