urosm
/
ikiwiki
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
18,716 Commits
1 Branch
0 Tags
26 MiB
Perl 91.7%
JavaScript 3.6%
Python 2.9%
CSS 1%
Shell 0.4%
Other 0.4%
 
 
 
 
 
 
Go to file
Simon McVittie f4ec7b06d9 Make sure we do not pass multiple CGI parameters in function calls 
When CGI->param is called in list context, such as in function
parameters, it expands to all the potentially multiple values
of the parameter: for instance, if we parse query string a=b&a=c&d=e
and call func($cgi->param('a')), that's equivalent to func('b', 'c').
Most of the functions we're calling do not expect that.

I do not believe this is an exploitable security vulnerability in
ikiwiki, but it was exploitable in Bugzilla.
 		2014-10-16 22:24:47 +01:00
Bundle
IkiWiki Make sure we do not pass multiple CGI parameters in function calls 2014-10-16 22:24:47 +01:00
cpan
debian Replace PayPal and Flattr buttons with text links 2014-10-16 09:47:07 +01:00
doc Added a comment: It was an Apache problem... 2014-10-16 10:57:26 -04:00
icons Replace Verisign logo with one done in Inkscape 2014-02-14 12:27:18 +00:00
plugins plugins/proxy.py: be compatible with Python 3 2014-09-04 11:42:05 +01:00
po Merge branch 'ready/templatebody' 2014-09-15 21:52:03 +01:00
t Extract test subs for each site. No change meant. 2014-10-12 09:30:31 -04:00
templates google search plugin: use https for the search 2014-10-12 17:57:31 +01:00
themes Style enclosures like content. 2013-02-21 00:45:10 -05:00
underlays rename so linitian can find the unminified versions 2014-08-15 13:11:32 -04:00
.gitattributes
.gitignore Ignore MYMETA.json, produced by recent MakeMaker 2014-02-21 16:39:17 +00:00
.perlcriticrc
CHANGELOG
IkiWiki.pm Set default User-Agent to something that doesn't mention libwww-perl 2014-10-12 17:45:27 +01:00
Makefile.PL Replace shebang paths with the build-time $(PERL). 2014-10-12 11:08:13 -04:00
NEWS
README
auto-blog.setup
auto.setup
docwiki.setup
gitremotes
ikiwiki-calendar.in
ikiwiki-makerepo
ikiwiki-mass-rebuild
ikiwiki-transition.in
ikiwiki-update-wikilist update ikiwiki-update-wikilist docs to suggest putting it in /etc/sudoers 2012-08-09 11:48:30 -04:00
ikiwiki-w3m.cgi
ikiwiki.in
ikiwiki.spec prep release 2014-08-31 14:17:49 -07:00
mdwn2man
pm_filter
wikilist

README 

Use ./Makefile.PL to generate a Makefile, "make" will build the
documentation wiki and a man page, and "make install" will install ikiwiki.

All other documentation is in the ikiwiki documentation wiki, which is also
available online at <http://ikiwiki.info/>


A few special variables you can set while using the Makefile.PL:

  PROFILE=1 turns on profiling for the build of the doc wiki.
  (Uses Devel::NYTProf)

  NOTAINT=0 turns on the taint flag in the ikiwiki program. (Not recommended
  unless your perl is less buggy than mine -- see
  http://bugs.debian.org/411786)

  MAKE, FIND, and SED can be used to specify where you have the GNU
  versions of those tools installed, if the normal make, find, and sed
  are not GNU.

  There are also other variables supported by MakeMaker, including PREFIX,
  INSTALL_BASE, and DESTDIR. See ExtUtils::MakeMaker(3).

  In particular, INSTALL_BASE is very useful if you want to install ikiwiki
  to some other location, as it configures it to see the perl libraries
  there. See `doc/tips/nearlyfreespeech.mdwn` for an example of using this to
  install ikiwiki and its dependencies in a home directory.