Commit Graph

1683 Commits (ef1ebf6079bd2a91d1d799bafacf6a51d4633db3)

Author SHA1 Message Date
Joey Hess 196851d4e2 typo 2010-04-06 23:37:46 -04:00
Joey Hess 425ffc34f7 update for sort changes 2010-04-06 23:35:14 -04:00
Joey Hess bab8fec524 Merge remote branch 'smcv/ready/sort-package'
Conflicts:
	debian/NEWS
2010-04-06 23:15:33 -04:00
Joey Hess 25f3dd8818 add note about minor back compat issue 2010-04-06 23:02:18 -04:00
Joey Hess c0ca196758 tweak wording and versions and add changelog entry 2010-04-06 22:58:22 -04:00
Joey Hess f6fd7639da Merge remote branch 'smcv/ready/link-types' 2010-04-06 22:50:19 -04:00
Simon McVittie 48178c48ed Auto-rebuild wikis on upgrade due to the taglink change
debian/NEWS and debian/postinst should be edited before release to have
an appropriate version number.
2010-04-06 20:59:45 +01:00
Joey Hess a01028ae81 txt: Add a special case for robots.txt. 2010-04-05 17:02:10 -04:00
Joey Hess 09d4e9d6bb comments: Fix missing entity encoding in title.
The meta title data set by comments needs to be encoded the same way that
meta encodes it. (NB The security implications of the missing encoding
are small.)

Note that meta's encoding of title, description, and guid data, and not
other data, is probably a special case that should be removed. Instead,
these values should be encoded when used. I have avoided doing so here
because that would mean forcing a wiki rebuild on upgrade to have the data
consitently encoded.
2010-04-05 16:34:49 -04:00
Joey Hess 992c2c6bca changelog 2010-04-04 12:17:36 -04:00
Joey Hess 195943e588 slightly more consistent capitalisation of ikiwiki
For a while, I was avoiding capitalizing ikiwiki at the beginning of a
sentence. I now think that's a bad idea (unless explicitly referring to
the `ikiwiki` command). Still, I don't go all the way and always cap it,
as a proper noun. That would make the logo look bad. ;)

I also tend to avoid capping it as IkiWiki, except when referring to the
perl internals, which do use that capitalization. (Too late to change
that.) However, it's also reasonable to do so in a WikiLink, as a nod to
historical camelcase wikis.
2010-04-03 16:07:32 -04:00
Joey Hess 0f82fe5225 releasing version 3.20100403 2010-04-03 15:15:04 -04:00
Simon McVittie a875ee8be7 Split out sortnaturally into a plugin 2010-04-03 14:28:21 +01:00
Joey Hess 59ba938822 template: Search for templates in the templatedir, if they are not found as pages in the wiki. 2010-04-02 16:54:06 -04:00
Joey Hess 104919ee07 htmlscrubber: Allow colons in url fragments after '?'
Colons are not allowed at the start of urls, because it can be interpreted
as a protocol, and allowing arbitrary protocols can be unsafe
(CVE-2008-0809). However, this check was too restrictive, not allowing
use of eg, "video.ogv?t=0:03:00/0:04:00" to seek to a given place in a
video, or "somecgi?foo=bar:baz" to pass parameters with colons.

It's still not allowed to have a filename with a colon in it (ie
"foo:bar.png") -- to link to such a file, a fully qualified url must be
used.
2010-04-02 16:05:14 -04:00
Joey Hess 4dcea6207d page.tmpl: Add Cache-Control must-revalidate to ensure that users (especially of Firefox) see fresh page content.
Since Firefox version 3, it's done aggressive caching of visited pages, and
does not, by default, check if the cached content is still valid when
reloading or revisiting a page. By default, Firefox seems to not re-contact
the web server at all. Compare with eg, Epiphany and Chromium, which appear
to always check, and get back a 304 when the page is unchanged.

This header makes Firefox do the right thing, at least for html files. It
still over-caches if css, javascript, images, etc, are changed.
2010-03-31 17:52:58 -04:00
Joey Hess aa116d67ab update 2010-03-29 13:37:16 -04:00
Joey Hess 6e7bfbe7bb auto-blog.setup: Set tagbase by default, since most bloggers will want it.
Also modified first_post page to use a tag format that will work whether
or not tagbase is set.
2010-03-28 19:23:34 -04:00
Joey Hess 1273f1de52 Add preprocessed 'use lib' line to ikiwiki-transition and ikiwiki-calendar if necessary for unusual install. 2010-03-26 13:11:02 -04:00
Joey Hess 0d524ad672 Fix incorrect influence info returned by a failing link() pagespec, that could lead to bad dependency handling in certian situations. 2010-03-26 01:38:53 -04:00
Joey Hess 243b0dd082 fix the other half of the filecheck filename bug 2010-03-26 00:16:21 -04:00
Joey Hess 3d671ea8c1 filecheck: Fix bug that prevented the pagespecs from matching when not called by attachment plugin. 2010-03-25 14:39:09 -04:00
Joey Hess eb06a01355 use perl YAML for dumping
Only it understands $YAML::UseHeader
2010-03-24 16:12:35 -04:00
Joey Hess c64c4b9962 Add --set-yaml switch for setting more complex config file options. 2010-03-24 14:39:50 -04:00
Joey Hess 4415686d05 add YAML suggests 2010-03-24 14:30:54 -04:00
Joey Hess 440e18bc15 reset setuptype first, actually
so setup file can override default
2010-03-21 14:59:21 -04:00
Joey Hess bba513a3e5 Add support for setup files written in YAML.
Not the default. (Yet?)
2010-03-19 15:52:53 -04:00
Joey Hess dddd6aa990 Allow wrappers to be built using tcc. 2010-03-18 17:44:46 -04:00
Joey Hess 823ec815d4 Add a include setting, which can be used to make ikiwiki process wiki source files, such as .htaccess, that would normally be skipped for security or other reasons. Closes: #447267 (Thanks to Aaron Wilson for the original patch.) 2010-03-14 14:58:13 -04:00
Joey Hess 30c30a0cdd Add complete German basewiki and directives translation done by Sebastian Kuhnert. 2010-03-14 13:15:55 -04:00
Joey Hess c0ad4929de Improve openid url munging; do not display anchors and cgi parameters, as used by yahoo and google urls. 2010-03-13 20:10:50 -05:00
Joey Hess a01e0679f4 openid: Use Openid Simple Registration or OpenID Attribute Exchange to get the user's email address and username.
The info is stored in the session database, not the user database.
There should be no reason to need it when a user is not logged in.

Also, hide the email field in the preferences page for openid users.

Note that the email and username are not yet actually used for anything.
The email will be useful for gravatar, while the username might be used
for a more pretty display of the openid.
2010-03-13 19:08:15 -05:00
Joey Hess e56ec7a96c websetup: Add websetup_unsafe to allow marking other settings as unsafe. 2010-03-13 15:08:00 -05:00
Joey Hess 2ad3e60ee8 htmlscrubber: Security fix: In data:image/* uris, only allow a few whitelisted image types. No svg. 2010-03-12 14:50:26 -05:00
Joey Hess 9c274a001a formatting 2010-03-11 16:29:00 -05:00
Joey Hess d1ebdcd0a2 redundancy 2010-03-11 16:28:32 -05:00
Joey Hess 45dfdcb257 search: Avoid '$' in the wikiname appearing unescaped on omega's query template, where it might crash omega.
Really, a more general fix, this deals with any $ that might appear on the
misctemplate.
2010-03-11 16:10:04 -05:00
Joey Hess f259f33a0a Fix missing span on recentchanges page template. 2010-03-11 15:49:48 -05:00
Joey Hess ac3aac560f moderatedcomments: Added moderate_pagespec
* moderatedcomments: Added moderate_pagespec that can be used
  to control which users or comment locations are moderated.
  This can be used, just for example, to moderate http://myopenid.com/*
  if you're getting a lot of spammers from one particular openid
  provider (who should perhaps answer your emails about them),
  while not moderating other users.
* moderatedcomments: The moderate_users setting is deprecated. Instead,
  set moderate_pagespec to "!admin()" or "user(*)" instead.
2010-03-11 15:44:10 -05:00
Joey Hess 6d27bbd026 Fix utf8 issues in calls to md5_hex.
This prevented comments containing some utf-8, including euro sign, from
being submitted. Since md5_hex is a C implementation, the string has to be
converted from perl's internal encoding to utf-8 when it is called. Some
utf-8 happened to work before, apparently by accident.

Note that this will change the checksums returned.

unique_comment_location is only used when posting comments, so the checksum
does not need to be stable there.

I only changed page_to_id for completeness; it is passed a comment page
name, and they can currently never contain utf-8.

In teximg, the bug could perhaps be triggered if the tex source contained
utf-8. If that happens, the checksum will change, and some extra work might
be performed on upgrade to rebuild the image.
2010-03-09 19:55:19 -05:00
Joey Hess 0385e4080d releasing version 3.20100302 2010-03-02 22:23:07 -05:00
Joey Hess 60d2dd318f Add new --clean option; this makes ikiwiki remove all built files in the destdir, as well as wrappers and the .ikiwiki directory. 2010-02-28 00:12:47 -05:00
Joey Hess 6aaa6e0d24 Fix admin openid detection in setup automator, and avoid prompting for a password. 2010-02-27 16:36:57 -05:00
Joey Hess a12c386c86 Add force_overwrite setting to make setup automator overwrite existing files/directories.
This can be useful if you're driving the setup automator from another
program.
2010-02-27 16:26:18 -05:00
Joey Hess b3c3c42b26 Loosen regexp, to allow empty quoted parameters in directives. 2010-02-26 11:49:51 -05:00
Joey Hess c21eb47e62 comments: Display number of comments in comment action link.
This was not doable before, but when I added transitive dependency handling
in the big dependency rewrite, it became possible to include a comment
count when inlining.

This also improves the action link when a page has no comments. It will
link direct to the cgi to allow posting the first comment. And if the page
is locked to prevent posting new comments, the link is no longer shown.
2010-02-14 19:11:18 -05:00
Joey Hess 0b9b3f3e0a releasing version 3.20100212 2010-02-12 17:07:54 -05:00
Joey Hess a63929f6cc Group related plugins into sections in the setup file, and drop unused rcs plugins from the setup file. 2010-02-11 22:24:15 -05:00
Joey Hess c923e0ba33 Allow globs to be used in user() pagespecs. 2010-02-11 20:39:10 -05:00
Joey Hess e11876b700 httpauth: Add httpauth_pagespec setting that can be used to limit pages to only being edited via users authed with httpauth. 2010-02-11 18:25:10 -05:00