39 lines
1.9 KiB
Markdown
39 lines
1.9 KiB
Markdown
ikiwiki 3.20141016 released with [[!toggle text="these changes"]]
|
|
[[!toggleable text="""
|
|
[ Joey Hess ]
|
|
|
|
* Fix crash that can occur when only_committed_changes is set and a
|
|
file is deleted from the underlay.
|
|
|
|
[ Simon McVittie ]
|
|
|
|
* core: avoid dangerous use of CGI->param in list context, which led
|
|
to a security flaw in Bugzilla; as far as we can tell, ikiwiki
|
|
is not vulnerable to a similar attack, but it's best to be safe
|
|
* core: new reverse_proxy option prevents ikiwiki from trying to detect
|
|
how to make self-referential URLs by using the CGI environment variables,
|
|
for instance when it's deployed behind a HTTP reverse proxy
|
|
(Closes: [[!debbug 745759]])
|
|
* core: the default User-Agent is now "ikiwiki/$version" to work around
|
|
ModSecurity rules assuming that only malware uses libwww-perl
|
|
* core: use protocol-relative URLs (e.g. //www.example.com/wiki) so that
|
|
https stays on https and http stays on http, particularly if the
|
|
html5 option is enabled
|
|
* core: avoid mixed content when a https cgiurl links to http static pages
|
|
on the same server (the static pages are assumed to be accessible via
|
|
https too)
|
|
* core: force the correct top URL in w3mmode
|
|
* google plugin: Use search form
|
|
* docwiki: replace Paypal and Flattr buttons with text links
|
|
* comments: don't record the IP address in the wiki if the user is
|
|
logged in via passwordauth or httpauth
|
|
* templates: add ARIA roles to some page elements, if html5 is enabled.
|
|
Thanks, Patrick
|
|
* debian: build-depend on libmagickcore-6.q16-2-extra | libmagickcore-extra
|
|
so we can thumbnail SVGs in the docwiki
|
|
* debian: explicitly depend and build-depend on libcgi-pm-perl
|
|
* debian: drop unused python-support dependency
|
|
* debian: rename debian/link to debian/links so the intended symlinks appear
|
|
* debian: fix some wrong paths in the copyright file
|
|
"""]]
|