Commit Graph

18962 Commits (544608aa5e926563f099f7f397aa0536a7b25c5d)

Author SHA1 Message Date
https://www.google.com/accounts/o8/id?id=AItOawlcaGfdn9Kye1Gc8aGb67PDVQW4mKbQD7E cee4c16187 Added a comment 2014-10-14 18:25:13 -04:00
Amitai Schlair ed35163be0 one report suffices; not yet clear there's a bug 2014-10-14 18:19:09 -04:00
https://www.google.com/accounts/o8/id?id=AItOawk8U772S3jDrZJCO0WA5WaDLjJv5mMl6Yw 194c0a1084 2014-10-14 09:46:55 -04:00
https://www.google.com/accounts/o8/id?id=AItOawk8U772S3jDrZJCO0WA5WaDLjJv5mMl6Yw 627ed5f93c 2014-10-14 09:20:24 -04:00
Amitai Schlair bc6efdd735 clarify 2014-10-13 16:21:15 -04:00
Amitai Schlair e42b1409b2 findings and questions 2014-10-13 16:13:33 -04:00
Simon McVittie 17fccbca94 Do not pass ignored sid parameter to checksessionexpiry
checksessionexpiry's signature changed from
(CGI::Session, CGI->param('sid')) to (CGI, CGI::Session) in commit
985b229b, but editpage still passed the sid as a useless third
parameter, and this was later cargo-culted into remove, rename and
recentchanges.
2014-10-12 18:03:57 +01:00
Simon McVittie 4e2bfe1e17 comments: don't log remote IP address for signed-in users
The intention was that signed-in users (for instance via httpauth,
passwordauth or openid) are already adequately identified, but
there's nothing to indicate who an anonymous commenter is unless
their IP address is recorded.
2014-10-12 18:03:28 +01:00
Simon McVittie 08fd2e0806 google search plugin: use https for the search 2014-10-12 17:57:31 +01:00
smcv 4854473690 default User-Agent changed 2014-10-12 12:49:24 -04:00
Simon McVittie 56f8223f95 Set default User-Agent to something that doesn't mention libwww-perl
It appears that both the open-source and proprietary rulesets for
ModSecurity default to blacklisting requests that say they are
from libwww-perl, presumably because some script kiddies use libwww-perl
and are too inept to set a User-Agent that is "too big to blacklist",
like Chrome or the iPhone browser or something. This seems doomed to
failure but whatever.
2014-10-12 17:45:27 +01:00
smcv d7e749572c removed 2014-10-12 12:43:14 -04:00
smcv 202f172346 Added a comment 2014-10-12 12:42:54 -04:00
Amitai Schlair ec085acd82 help Markdown make a list 2014-10-12 12:42:13 -04:00
https://www.google.com/accounts/o8/id?id=AItOawlcaGfdn9Kye1Gc8aGb67PDVQW4mKbQD7E 59bb4bcc13 Added a comment: fixed in a recent release, I think 2014-10-12 12:40:18 -04:00
openmedi ee3b2429f3 2014-10-12 12:06:59 -04:00
Amitai Schlair 67e778f461 Replace shebang paths with the build-time $(PERL).
On non-Debian systems, /usr/bin/perl might not be the best available
Perl interpreter. Use whichever perl was used to run Makefile.PL,
unless it was "/usr/bin/perl", in which case there's nothing to do.
2014-10-12 11:08:13 -04:00
Amitai Schlair 47fff754c8 Extract test subs for each site. No change meant. 2014-10-12 09:30:31 -04:00
Amitai Schlair 508457fc05 Extract run_cgi(). No functional change intended. 2014-10-12 00:01:09 -04:00
Amitai Schlair 0db1679a3d Extract check_generated_content(). Same output. 2014-10-11 09:52:21 -04:00
Amitai Schlair dc872e42c8 Extract check_cgi_mode_bits(). No change intended. 2014-10-10 21:17:39 -04:00
Amitai Schlair cd9297322a Extract thoroughly_rebuild(), a slight test change.
I didn't try to parameterize when a test should fail when we can't
remove ikiwiki.cgi because there already isn't one. (Hooray, natural
language.) Instead, we stop worrying about it and always tolerate
ENOENT.
2014-10-10 20:40:24 -04:00
Amitai Schlair 7d82570fe0 Extract write_setup_file(). No functional change.
Test output differs only by the line numbers of the TODO items.
2014-10-10 20:25:54 -04:00
https://www.google.com/accounts/o8/id?id=AItOawmbuZI4n1RsTe3Yeaqb5F-yhtR7a8BWEIE 9f874c49d7 2014-10-09 23:47:44 -04:00
smcv 79df1b4a50 clarify further 2014-10-09 14:50:00 -04:00
smcv 45e2832d46 clarify 2014-10-09 14:36:13 -04:00
smcv 0d7bf725a8 That's not how that directive is used, and if you want to try stuff out please edit the sandbox instead
This reverts commit 856819a733
2014-10-09 14:31:33 -04:00
https://www.google.com/accounts/o8/id?id=AItOawnquaJWYPCmQoY-kgn8wH1Ey7WOCB6zcRY 856819a733 2014-10-09 14:10:16 -04:00
tarojiro 07e66bb95a 2014-10-08 07:38:46 -04:00
smcv 988b3e756c alternative plan 2014-10-06 17:00:24 -04:00
Amitai Schlair bb8f15e2a7 simplify IPC::Run check (same behavior) 2014-10-06 16:31:52 -04:00
Amitai Schlair 1a0aa6acbd exclude openid/troubleshooting 2014-10-06 13:06:02 -04:00
smcv 0c1b0a31a0 2014-10-05 18:58:56 -04:00
smcv 139b06068e Added a comment 2014-10-05 18:56:57 -04:00
smcv 45e90cb1f6 Added a comment 2014-10-05 18:55:02 -04:00
smcv 5c9822f948 Added a comment 2014-10-05 18:54:07 -04:00
Simon McVittie 3ec47cdd5b more fixes 2014-10-05 23:50:57 +01:00
Simon McVittie 04a88fcfdc Document another fix 2014-10-05 23:49:37 +01:00
Simon McVittie 33f60260b2 In html5 mode, generate a host- or protocol-relative <base> for the CGI
This increases the number of situations in which we do the right thing.
2014-10-05 23:49:37 +01:00
Simon McVittie 3b8da667cc Add reverse_proxy option which hard-codes cgiurl in CGI output
This solves several people's issues with the CGI trying to be
too clever when IkiWiki is placed behind a reverse-proxy.
2014-10-05 23:49:37 +01:00
Simon McVittie d712389ae3 Avoid mixed content when cgiurl is https but url is not 2014-10-05 23:49:37 +01:00
Amitai Schlair 5014a091ba offer myself to the ravenous consulting market 2014-10-05 16:37:55 -04:00
smcv 32f7307d40 remaining bugs after fixing some of the easier situations 2014-10-05 11:09:27 -04:00
Simon McVittie 532f7adfdb Use protocol-relative URIs if cgiurl and url differ only by authority (hostname) 2014-10-05 15:56:19 +01:00
Simon McVittie fe9e94513a Fix a test-case that actually just repeated the previous one instead 2014-10-05 15:49:20 +01:00
Simon McVittie b0a35c817e Force use of $config{url} as top URL in w3mmode 2014-10-05 15:19:55 +01:00
Simon McVittie 210bf742b9 relative URLs test: pass an appropriate PERL5LIB through
We were previously using the system copy of IkiWiki, because the CGI
resets its environment.
2014-10-05 15:19:12 +01:00
Simon McVittie 04aec8ea60 Add WAI-ARIA roles to #main, #comments and #footer when in HTML5 mode
Based on a patch from Patrick.
2014-10-05 14:34:10 +01:00
Simon McVittie 823268e5c7 add the beginnings of a test for CGI/static URL interactions 2014-10-05 14:29:32 +01:00
smcv 5c3200459f review 2014-10-05 09:23:30 -04:00