Commit Graph

2336 Commits (ed26f287b207573cc2c2593809b3811f3f832c8c)

Author SHA1 Message Date
Joey Hess f7a2a4b4d4 qualify template_file 2010-04-02 16:55:29 -04:00
Joey Hess 59ba938822 template: Search for templates in the templatedir, if they are not found as pages in the wiki. 2010-04-02 16:54:06 -04:00
Joey Hess 104919ee07 htmlscrubber: Allow colons in url fragments after '?'
Colons are not allowed at the start of urls, because it can be interpreted
as a protocol, and allowing arbitrary protocols can be unsafe
(CVE-2008-0809). However, this check was too restrictive, not allowing
use of eg, "video.ogv?t=0:03:00/0:04:00" to seek to a given place in a
video, or "somecgi?foo=bar:baz" to pass parameters with colons.

It's still not allowed to have a filename with a colon in it (ie
"foo:bar.png") -- to link to such a file, a fully qualified url must be
used.
2010-04-02 16:05:14 -04:00
Joey Hess e466d11fd3 add warning about incomplete tla support 2010-03-29 13:17:32 -04:00
Joey Hess 891238e075 add warning messages about bzr and mercurial hooks that are not correctly setup 2010-03-29 11:54:18 -04:00
Joey Hess 799b93d258 don't check $@ after pagespec_translate
pagespec_translate may set $@ if it fails to parse a pagespec, but
due to memoization, this is not reliable. If a memoized call is repeated,
and $@ is already set for some other reason previously, it will remain
set through the call to pagespec_translate.

Instead, just check if pagespec_translate returns undef.
2010-03-28 20:23:22 -04:00
Joey Hess 0c6e467aa6 use __TINYC__ define to avoid tinyc compat fixes breaking FreeBSD
To review, tcc does not really use environ, so you have to use clearenv
there. But POSIX, in their wisdom, didn't standardise clearenv yet,
so on FreeBSD, one still needs to manipulate environ on their own.

(If you use tcc on FreeBSD, this may leave you unsatisfied.)
2010-03-28 18:27:23 -04:00
Joey Hess 0d07bca315 fix printing of $@, which is clobbered by the call to gettext
problem reported by viric
2010-03-28 17:17:07 -04:00
Joey Hess 243b0dd082 fix the other half of the filecheck filename bug 2010-03-26 00:16:21 -04:00
Joey Hess 3d671ea8c1 filecheck: Fix bug that prevented the pagespecs from matching when not called by attachment plugin. 2010-03-25 14:39:09 -04:00
Joey Hess baa07e0b52 remove a few leftover manual folding indicators 2010-03-25 14:23:16 -04:00
Joey Hess 0219529699 fix unicode with YAML::Syck
Syck-- it doesn't use unicode by default?! Hello, 2010 calling..
2010-03-24 16:19:50 -04:00
Joey Hess eb06a01355 use perl YAML for dumping
Only it understands $YAML::UseHeader
2010-03-24 16:12:35 -04:00
Joey Hess a76206d480 fix back-compat with old Net::OpenID
Debian stable's Net::OpenID does not support getting extension fields.
2010-03-24 15:32:35 -04:00
Joey Hess 3166479fe4 fall back from YAML::Any to just YAML
for portabilty to old YAML in Debian stable that lacks the former.
2010-03-24 14:53:32 -04:00
Joey Hess 271449062a use YAML::Any to allow faster versions to be used if available 2010-03-24 14:30:38 -04:00
Joey Hess 440e18bc15 reset setuptype first, actually
so setup file can override default
2010-03-21 14:59:21 -04:00
Joey Hess 85778f59fd check for 'require' instead of 'use' 2010-03-21 14:52:21 -04:00
Joey Hess aea5bf9b40 reset setuptype to standard after an automator setup file is loaded
so a standard file is generated (by default)
2010-03-21 14:51:47 -04:00
Joey Hess dc128dd829 fix newlines in commented defaults 2010-03-19 17:54:58 -04:00
Joey Hess 3b08789e6f load YAML on demand
so as not to break test suite if YAML is not avilable
2010-03-19 16:09:07 -04:00
Joey Hess 07bb08d094 shorten setuptype 2010-03-19 15:55:10 -04:00
Joey Hess bba513a3e5 Add support for setup files written in YAML.
Not the default. (Yet?)
2010-03-19 15:52:53 -04:00
Joey Hess 19a794b482 parameterized indent 2010-03-19 15:44:28 -04:00
Joey Hess 10f8a2c858 improve comments 2010-03-19 15:36:33 -04:00
Joey Hess bbe1f2e493 move generic comment into IkiWiki::Setup 2010-03-19 15:35:21 -04:00
Joey Hess 522daa7ea8 factored out generic commented line dumping 2010-03-19 15:27:15 -04:00
Joey Hess 8a5084bc62 whitespace 2010-03-19 15:09:08 -04:00
Joey Hess b1dade8d96 allow multiple setup file types, and support safe parsing
Finally removed the last hardcoding of IkiWiki::Setup::Standard.
Take the first "IkiWiki::Setup::*" in the setup file to define the
setuptype, and remember that type to use in dumping later. (But it can be
overridden using --set, etc.)

Also, support setup file types that are not evaled.
2010-03-19 14:52:17 -04:00
Joey Hess cbf269eee2 audited use POSIX
The POSIX perl module exports a huge number of functions by default, so
make sure all imports are qualified. (And remove one that was not
necessary.)
2010-03-19 13:12:28 -04:00
Joey Hess dddd6aa990 Allow wrappers to be built using tcc. 2010-03-18 17:44:46 -04:00
Joey Hess b4ab74e722 C warning cleanup 2010-03-18 17:40:18 -04:00
Joey Hess a01e0679f4 openid: Use Openid Simple Registration or OpenID Attribute Exchange to get the user's email address and username.
The info is stored in the session database, not the user database.
There should be no reason to need it when a user is not logged in.

Also, hide the email field in the preferences page for openid users.

Note that the email and username are not yet actually used for anything.
The email will be useful for gravatar, while the username might be used
for a more pretty display of the openid.
2010-03-13 19:08:15 -05:00
Joey Hess e56ec7a96c websetup: Add websetup_unsafe to allow marking other settings as unsafe. 2010-03-13 15:08:00 -05:00
Joey Hess edec9514f4 typo 2010-03-12 15:01:24 -05:00
Joey Hess 2ad3e60ee8 htmlscrubber: Security fix: In data:image/* uris, only allow a few whitelisted image types. No svg. 2010-03-12 14:50:26 -05:00
Joey Hess 45dfdcb257 search: Avoid '$' in the wikiname appearing unescaped on omega's query template, where it might crash omega.
Really, a more general fix, this deals with any $ that might appear on the
misctemplate.
2010-03-11 16:10:04 -05:00
Joey Hess ac3aac560f moderatedcomments: Added moderate_pagespec
* moderatedcomments: Added moderate_pagespec that can be used
  to control which users or comment locations are moderated.
  This can be used, just for example, to moderate http://myopenid.com/*
  if you're getting a lot of spammers from one particular openid
  provider (who should perhaps answer your emails about them),
  while not moderating other users.
* moderatedcomments: The moderate_users setting is deprecated. Instead,
  set moderate_pagespec to "!admin()" or "user(*)" instead.
2010-03-11 15:44:10 -05:00
Joey Hess 6eb71547dd typo 2010-03-09 19:55:50 -05:00
Joey Hess 6d27bbd026 Fix utf8 issues in calls to md5_hex.
This prevented comments containing some utf-8, including euro sign, from
being submitted. Since md5_hex is a C implementation, the string has to be
converted from perl's internal encoding to utf-8 when it is called. Some
utf-8 happened to work before, apparently by accident.

Note that this will change the checksums returned.

unique_comment_location is only used when posting comments, so the checksum
does not need to be stable there.

I only changed page_to_id for completeness; it is passed a comment page
name, and they can currently never contain utf-8.

In teximg, the bug could perhaps be triggered if the tex source contained
utf-8. If that happens, the checksum will change, and some extra work might
be performed on upgrade to rebuild the image.
2010-03-09 19:55:19 -05:00
Joey Hess 60d2dd318f Add new --clean option; this makes ikiwiki remove all built files in the destdir, as well as wrappers and the .ikiwiki directory. 2010-02-28 00:12:47 -05:00
Joey Hess 6aaa6e0d24 Fix admin openid detection in setup automator, and avoid prompting for a password. 2010-02-27 16:36:57 -05:00
Joey Hess a12c386c86 Add force_overwrite setting to make setup automator overwrite existing files/directories.
This can be useful if you're driving the setup automator from another
program.
2010-02-27 16:26:18 -05:00
Joey Hess 068e47aa45 catch failure to open the filetypes file 2010-02-24 20:28:52 -05:00
Joey Hess c21eb47e62 comments: Display number of comments in comment action link.
This was not doable before, but when I added transitive dependency handling
in the big dependency rewrite, it became possible to include a comment
count when inlining.

This also improves the action link when a page has no comments. It will
link direct to the cgi to allow posting the first comment. And if the page
is locked to prevent posting new comments, the link is no longer shown.
2010-02-14 19:11:18 -05:00
Joey Hess 9a0b9bdc88 minor refactor/optimisation 2010-02-14 18:09:28 -05:00
Joey Hess 34fff64e7b setup file ordering 2010-02-12 06:35:52 -05:00
Joey Hess 20ba12802b add section information 2010-02-12 04:22:15 -05:00
Joey Hess 805b3afff7 formatting sillyness 2010-02-12 04:09:57 -05:00
Joey Hess 73242f0890 remove unnecessary IkiWiki:: 2010-02-12 04:01:04 -05:00