sudoman
e64bb52e5b
bug report for error when python-future is installed
2018-05-15 16:46:45 -04:00
Joey Hess
90625505a9
bug
2018-05-02 16:17:37 -04:00
Amitai Schleier
9065e7ddfb
Maybe we should just suggested-depends on sudo
2018-04-24 13:48:47 -04:00
Amitai Schleier
643a973597
Revert spam commits.
2018-04-12 00:08:46 -04:00
SlodreDalk
ac1f50d557
update for rename of usage.mdwn to Pagina.html
2018-04-11 22:51:33 -04:00
SlodreDalk
50b3516adc
update for rename of usage.mdwn to Pagina.html
2018-04-11 22:51:33 -04:00
Simon McVittie
deea1bed36
Portably and safely dropping privileges is far harder than it ought to be
2018-03-28 11:17:42 +01:00
Amitai Schleier
ee4992b234
Added my patch to pkgsrc ikiwiki for evaluation.
2018-03-22 11:13:26 -06:00
smcv
0b81eac00e
Indent patch (fenced blocks don't work on this particular ikiwiki installation)
2018-03-21 19:07:17 -04:00
schmonz-web-ikiwiki@025fa2638101a6a9c91816b42707c4dc6ea8ff53
ff2a4792a5
Report portability bug, partway to a fix
2018-03-21 14:02:25 -04:00
anarcat
282dd87f2e
thanks + extra docs done
2018-03-21 09:34:59 -04:00
smcv
3989b04772
clarify
2018-03-21 05:16:25 -04:00
smcv
4293e5bd6b
convert from forum to bug, mark as done
2018-03-21 05:15:09 -04:00
smcv
1c5b2bda69
rename forum/problems_with_ctime__47__date__47__updated__47__mtime__47__etc.mdwn to bugs/invalid_meta_date_or_updated_not_diagnosed.mdwn
2018-03-21 05:08:22 -04:00
Simon McVittie
e3279c8b50
mdwn: Automatically detect which libdiscount flags to use
...
Unconditionally passing arbitrary numbers as flags turns out to be a
bad idea, because some of the "unused" values have historically had
side-effects internal to libdiscount. Detect whether the known flags
work by rendering short Markdown snippets the first time we htmlize,
checking whether each known flag is both necessary and sufficient.
Signed-off-by: Simon McVittie <smcv@debian.org>
2018-03-08 23:36:31 +00:00
smcv
06953a196a
in progress
2018-03-08 16:54:17 -04:00
Amitai Schleier
04222ffc96
Report bug.
2018-03-08 12:36:21 -05:00
Simon McVittie
8914e6698b
close
2018-03-04 10:57:28 +00:00
http://thm.id.fedoraproject.org/
2b754d446c
2018-03-03 13:21:46 -04:00
Simon McVittie
8cc7a0902a
Close bug
...
Signed-off-by: Simon McVittie <smcv@debian.org>
2018-02-28 10:09:54 +00:00
http://thm.id.fedoraproject.org/
1a51b1cba3
2018-01-31 10:35:34 -04:00
Simon McVittie
a147f5349d
Don't send relative redirect URLs when behind a reverse proxy
2018-01-08 10:56:12 +00:00
smcv
9a15b889c9
this is a web server configuration issue rather than a bug in the ikiwiki code
2018-01-08 06:29:59 -04:00
smcv
e5a6689a95
failing test (marked TODO) now present
2018-01-08 06:14:10 -04:00
smcv
6806f3cea1
2018-01-08 06:05:58 -04:00
smcv
92f365f798
test case potentially in progress
2018-01-08 06:05:36 -04:00
smcv
8e280df9de
I'm not sure this can be solved without web server configuration
2018-01-08 05:26:50 -04:00
Joey Hess
f3b469d43a
bug
2018-01-07 13:39:26 -04:00
Joey Hess
a79ab9ed18
add and use cgiurl_abs_samescheme
...
* emailauth: Fix cookie problem when user is on https and the cgiurl
uses http, by making the emailed login link use https.
* passwordauth: Use https for emailed password reset link when user
is on https.
Not entirely happy with this approach, but I don't currently see a
better one.
I have not verified that the passwordauth change fixes any problem,
other than the user getting a http link when they were using https.
The emailauth problem is verified fixed by this commit.
This commit was sponsored by Michael Magin.
2018-01-05 11:59:35 -04:00
Joey Hess
71064e3af6
how to fix?
2018-01-05 11:17:11 -04:00
Joey Hess
76ff547344
think I cracked it
2018-01-05 11:09:43 -04:00
Joey Hess
2fa7f5f66b
update
2018-01-05 09:58:01 -04:00
Joey Hess
4601dabd42
correction; I did not reproduce this
...
I was manually reloading /ikiwiki.cgi?do=login, and postsignin is not
set when that's done, which is a bug, but not the bug I was after.
2018-01-04 19:17:45 -04:00
Joey Hess
43a9b6b332
bug report
2018-01-04 19:00:33 -04:00
jon+ikiwiki@663db4cb26e845748f3e7e6d51eeb26c6014f1c3
94d358724e
2017-12-08 17:56:58 -04:00
jon+ikiwiki@663db4cb26e845748f3e7e6d51eeb26c6014f1c3
e49149987e
possible explanation
2017-12-08 17:56:04 -04:00
jon+ikiwiki@663db4cb26e845748f3e7e6d51eeb26c6014f1c3
b3fdb9374a
formatting
2017-12-08 08:01:02 -04:00
jon+ikiwiki@663db4cb26e845748f3e7e6d51eeb26c6014f1c3
d5e3bf092c
2017-12-08 07:59:28 -04:00
jon+ikiwiki@663db4cb26e845748f3e7e6d51eeb26c6014f1c3
e2d7c1e8f4
bug report re http redirect
2017-12-08 07:58:24 -04:00
Edward
354e50112b
file bug
2017-10-27 04:34:03 -04:00
Edward
0d0df05040
formatting
2017-10-27 04:27:40 -04:00
Edward
f16f326ec1
file bug
2017-10-27 04:23:52 -04:00
Edward
ebc5016cbb
file bug
2017-10-27 04:16:33 -04:00
Simon McVittie
14344f58f0
Update changelog and close bug
2017-09-28 11:30:13 +01:00
intrigeri
0208305f5c
Report bug + merge request: image resize is not deterministic.
2017-09-01 15:38:30 -04:00
Keeh
056349a7f0
removed
2017-08-21 16:02:23 -04:00
Keeh
e13f9dbe87
2017-08-21 10:28:51 -04:00
Keeh
f0982b1fd4
2017-08-21 10:20:33 -04:00
vpelcak@b216e425210695d731d2673167c7dd45e5e9b1c9
bd7edde9d6
2017-08-07 02:49:07 -04:00
DavidCary
1958cf8af2
answer question, with reference.
2017-07-05 13:51:19 -04:00
Simon McVittie
4fe6dd0551
request more information
2017-06-22 15:37:19 +01:00
Joey Hess
52a9d23e2c
add bug report originally emailed to me by Peter Simons
2017-06-22 09:55:27 -04:00
smcv
8503f8ddaa
Suggested syntax does work, and has a test
2017-05-19 09:57:28 -04:00
smcv
1e4e51754e
it is (meant to be) possible, just not with that syntax
2017-05-19 09:43:08 -04:00
fmarier
219134beff
2017-05-18 13:33:44 -04:00
Simon McVittie
01f2a84360
color: Use markup for the preserved CSS, not character data
...
This still smuggles it past the sanitize step, but avoids having
other plugins that want to capture text content without markup
(notably toc) see the CSS as if it was text content.
2017-05-16 12:08:55 +01:00
smcv
cad72ecfad
close
2017-05-16 04:27:56 -04:00
Simon McVittie
4db4e589e4
mdwn: Enable footnotes by default when using Discount
...
A new mdwn_footnotes option can be used to disable footnotes in
MultiMarkdown and Discount.
2017-05-14 18:16:53 +01:00
Simon McVittie
81c3258269
mdwn: Don't mangle <style> into <elyts> under some circumstances
...
We can ask libdiscount not to elide <style> blocks, which means we
don't have to work around them.
2017-05-14 17:45:55 +01:00
Simon McVittie
31c89db246
httpauth: If REMOTE_USER is empty, behave as though it was unset
...
A frequently cut-and-pasted HTTP basic authentication configuration
for nginx sets it to the empty string when not authenticated, which
is not useful.
2017-05-14 15:37:45 +01:00
smcv
365a930c2c
complete last paragraph
2017-05-14 08:31:49 -04:00
smcv
f6fc4543fb
I have a theory
2017-05-14 08:20:49 -04:00
desci
207666e903
Fixing format
2017-03-29 15:37:02 -04:00
desci
886610d85b
As requested
2017-03-29 15:36:28 -04:00
desci
5c9d9b3213
Answering questions and updating links
2017-03-29 15:35:54 -04:00
Simon McVittie
28409cd358
Add CVE references for CVE-2016-10026
2016-12-21 13:03:36 +00:00
intrigeri
bec3047aff
Replied.
2016-12-20 10:26:22 +00:00
Simon McVittie
cde2cc1862
Restrict CSS matches on .header to not affect <tr>
...
Pandoc generates <tr class="header"> to hold <th> elements, and
we don't want to make those be display: block.
Signed-off-by: Simon McVittie <smcv@debian.org>
2016-12-19 18:21:07 +00:00
Simon McVittie
9cada49ed6
Tell `git revert` not to follow renames
...
Otherwise, we have an authorization bypass vulnerability: rcs_preprevert
looks at what changed in the commit we are reverting, not at what would
result from reverting it now. In particular, if some files were renamed
since the commit we are reverting, a revert of changes that were within
the designated subdirectory and allowed by check_canchange() might now
affect files that are outside the designated subdirectory or disallowed
by check_canchange().
Signed-off-by: Simon McVittie <smcv@debian.org>
2016-12-19 18:21:07 +00:00
smcv
32493312c8
rename bugs/img_tag_should_support_relative_size.mdwn to todo/img_tag_should_support_relative_size.mdwn
2016-12-19 12:46:46 -04:00
smcv
8395e43099
Not possible as stated, but could be adapted into a valid feature request
2016-12-19 12:46:22 -04:00
smcv
7d35dc88f3
2016-12-19 09:55:58 -04:00
Simon McVittie
bc89021523
cgitemplate: remove dead code
...
blipvert points out in [[bugs/use of $topurl in cgitemplate]] that this
variable has not been used since commit a052771
"Now that we're always using HTML5, <base href> can be relative".
Signed-off-by: Simon McVittie <smcv@debian.org>
2016-12-19 12:00:34 +00:00
intrigeri
706bf876ea
Report authorization bypass via RCS revert.
2016-12-17 11:11:44 +00:00
blipvert@b874dc05477cdc0dc8c9c8d9bbe2e39240253a85
85c1fa60b8
2016-12-14 19:06:05 -04:00
blipvert@b874dc05477cdc0dc8c9c8d9bbe2e39240253a85
bd6a4567fd
2016-12-14 19:04:05 -04:00
intrigeri
2e865043d6
pagestats determinism: report bug + patch.
2016-11-20 07:00:20 +00:00
vegardv@75ae889e836bda8ce69bc038d8335c398a2f6f40
536f07d9ff
2016-11-03 08:42:03 -04:00
vegardv@75ae889e836bda8ce69bc038d8335c398a2f6f40
2f922120a1
2016-11-03 08:37:19 -04:00
karsk
a9aa7c1c08
That was a (curious) mistake.
...
This reverts commit 1bfe2e2e19
2016-09-30 04:10:10 -04:00
karsk
1bfe2e2e19
removed
2016-09-30 04:09:12 -04:00
karsk
7ebb4cd3c5
2016-09-27 09:56:51 -04:00
karsk
0d5d26defa
2016-09-27 09:22:47 -04:00
Joey Hess
68e2320696
inline: Prevent creating a file named ".mdwn" when the postform is submitted with an empty title.
2016-09-21 13:51:42 -04:00
Joey Hess
8a638d6b53
bug
2016-09-21 13:44:57 -04:00
holger
20e2f80ad4
2016-09-07 08:20:55 -04:00
holger
afa4274604
cleaned up, updated and submitted for patch
2016-09-07 08:17:16 -04:00
Simon McVittie
0b01e4f7b2
Revert spam
2016-08-22 19:11:49 +01:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
06fbc6297d
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:31 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
f378c1cc21
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:31 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
57a41c515d
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:28 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
ecb59749e3
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:27 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
f309938c9a
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:24 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
f73b2eb50a
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:22 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
785f93218c
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:21 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
1223a159ff
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:20 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
83c2e72b09
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:17 -04:00
jhakasbaba76@c741fb7726e8ce4a230bc1a0d48fbeb496e46f89
59c7eb291a
update for rename of recentchanges.mdwn to __8226____9__Get_CAll___64___1__42__855.709__126__2847___64___E.p.s.o.n_P.r.i.n.t.e.r_T.e.c.h.n.i.c.a.l_S.u.p.p.o.r.t_C.o.n.t.a.c.t_N.u.m.b.e.r.mdwn
2016-08-22 13:50:15 -04:00
smcv
13ccdebb5f
No, this page is not C++ source code.
...
This reverts commit c35ab1e753
2016-05-18 13:56:35 -04:00
lazrak.zakaria.iga@c4885e46c85c8f3bc18a0b025856a958fc2cd924
c35ab1e753
rename bugs/garbled_non-ascii_characters_in_body_in_web_interface.mdwn to bugs/garbled_non-ascii_characters_in_body_in_web_interface.cpp
2016-05-18 13:55:05 -04:00