Joey Hess
c6fc554c54
use quotemeta when building the regexp
2008-02-10 19:02:12 -05:00
Joey Hess
0e445d62d2
some updates about the recent hole
2008-02-10 19:00:26 -05:00
Joey Hess
886adf9f9f
add news item for ikiwiki 2.32.3
2008-02-10 18:59:31 -05:00
Joey Hess
78c7f4dc71
attribution
2008-02-10 18:46:53 -05:00
Josh Triplett
728dfd9595
Allow the smb: URI scheme.
2008-02-10 15:08:56 -08:00
Josh Triplett
502cd00ec7
Allow the snews: URI scheme.
2008-02-10 15:05:11 -08:00
Joey Hess
598d604fa8
Merge branch 'master' of ssh://git.kitenet.net/srv/git/ikiwiki.info
2008-02-10 18:02:18 -05:00
Joey Hess
11a781d1c5
debian-stable branch
2008-02-10 18:01:48 -05:00
Josh Triplett
ec9d3ab549
Do not allow the steam: URI scheme.
2008-02-10 14:59:08 -08:00
Josh Triplett
3cda22a27f
Match literal '.' in URI schemas containing '.', rather than matching any character
2008-02-10 14:50:30 -08:00
Joey Hess
14414fcd92
web commit by http://users.itk.ppke.hu/~cstamas/ : creating my own page
2008-02-10 17:49:15 -05:00
Joey Hess
e5f97777ad
update
2008-02-10 17:27:59 -05:00
Joey Hess
bbcf878f75
* meta: Check that the urls provided for authorurl, permalink, and openid
...
are safe and can't contain javascript.
2008-02-10 17:17:44 -05:00
Joey Hess
4bfdbd4858
export $safe_url_regexp
2008-02-10 17:07:21 -05:00
Josh Triplett
d20e24b636
Also filter the attributes cite, longdesc, and usemap, which can contain URIs
2008-02-10 13:59:37 -08:00
Josh Triplett
34115a34e0
Move about: fix to version 2.31.3 in the changelog
2008-02-10 13:36:52 -08:00
Joey Hess
2078f706d6
add parens around scheme regexp
2008-02-10 16:29:46 -05:00
Josh Triplett
a7be7bdf56
Do not allow the about: URI scheme
...
Some browsers interpret about: URIs like a limited version of data:
URIs. In particular, some versions of Internet Explorer interpret
arbitrary HTML content in about: URIs.
2008-02-10 13:23:28 -08:00
Joey Hess
71ccaf0751
a few thoughts on data: security
2008-02-10 15:55:42 -05:00
Joey Hess
6aa25f2757
update
2008-02-10 15:38:57 -05:00
Joey Hess
6e077c3617
add news item for ikiwiki 2.31.2
2008-02-10 15:38:11 -05:00
Joey Hess
dfd6bb3854
fix data:image handling
2008-02-10 15:24:03 -05:00
Joey Hess
852994d950
changelog munging
2008-02-10 14:17:27 -05:00
Joey Hess
4e791ed695
document security fix
...
The backported fix for stable is tagged and waiting for the security team
to upload.
2008-02-10 14:00:00 -05:00
Joey Hess
ab04d07733
announcing version 2.31.1
2008-02-10 13:28:52 -05:00
Joey Hess
d7e0c035e5
* htmlscrubber security fix: Block javascript in uris.
...
* Add htmlscrubber test suite.
2008-02-10 13:16:40 -05:00
Joey Hess
196d27cbbc
Merge branch 'master' of ssh://git.kitenet.net/srv/git/ikiwiki.info
2008-02-10 12:21:49 -05:00
Joey Hess
5e47db9356
improved sanitiser test suite
2008-02-10 12:21:20 -05:00
Joey Hess
f185ab4afc
web commit by PatrickWinnertz: add link to my templates
2008-02-10 06:47:25 -05:00
Joey Hess
17246f6b45
add some more tests
2008-02-10 03:42:54 -05:00
Joey Hess
e9a215982b
new test case
2008-02-10 03:38:30 -05:00
Joey Hess
973ea50190
improve wording and fix an example that is intentionall un-prefixed
2008-02-10 02:29:19 -05:00
Joey Hess
c041e97c29
fix versions
2008-02-10 02:13:09 -05:00
Joey Hess
3a13c7508c
prefix-directives branch is merged so no need to list anymore
2008-02-10 02:11:05 -05:00
Josh Triplett
122f6df325
Merge branch 'master' into prefix-directives
...
Conflicts:
debian/changelog
templates/change.tmpl
2008-02-09 23:02:52 -08:00
Josh Triplett
fb82474be0
Tighten page name regex to not allow carriage returns or line feeds
2008-02-09 22:53:28 -08:00
Joey Hess
8b577726ab
add news item for ikiwiki 2.31
2008-02-10 01:12:10 -05:00
Joey Hess
1eeb683f1a
releasing version 2.31
2008-02-10 01:11:48 -05:00
Joey Hess
f1fcb5be9c
* Page templates can now use CTIME to show when the page was created.
2008-02-09 23:05:48 -05:00
Joey Hess
a72a620134
change wording
2008-02-09 22:59:50 -05:00
Joey Hess
18d16309ce
reword to put the more important info (page names) nearer the front
2008-02-09 22:59:01 -05:00
Joey Hess
f16b3f17c0
note that's there's a git branch for this
2008-02-09 22:56:29 -05:00
Joey Hess
6cd7cb9d87
remove random page
2008-02-09 22:54:54 -05:00
Josh Triplett
a35dd1d806
Add --prefix-directives and --no-prefix-directives options to ikiwiki
...
This avoids the need to set prefix_directives with --set.
2008-02-08 18:35:12 -08:00
Josh Triplett
6b35ec682b
Mention user wikilists in README.Debian
2008-02-08 18:12:38 -08:00
Josh Triplett
e183aa198f
Use plural "wikis" for consistency
2008-02-08 17:58:43 -08:00
Joey Hess
6717ea5b95
clarify slightly
2008-02-08 13:57:41 -05:00
Joey Hess
825847af95
reply
2008-02-08 13:52:31 -05:00
Joey Hess
8116a17230
Merge branch 'master' of ssh://git.kitenet.net/srv/git/ikiwiki.info
2008-02-08 13:49:14 -05:00
Joey Hess
35547272c6
web commit by lnussel
2008-02-08 09:03:51 -05:00