Merged Jacques Distler's latest changes.

app/controllers/application.rb

@@ -206,7 +206,7 @@ end
 module Mime
   # Fix HTML
   #HTML  = Type.new "text/html", :html, %w( application/xhtml+xml )
-  HTML  = Type.new "text/html", :html
+  self.class.const_set("HTML", Type.new("text/html", :html) )
 
   # Add XHTML
   XHTML  = Type.new "application/xhtml+xml", :xhtml

app/helpers/wiki_helper.rb

@@ -24,23 +24,23 @@ module WikiHelper
   def edit_page
     link_text = (@page.name == "HomePage" ? 'Edit Page' : 'Edit')
     link_to(link_text, {:web => @web.address, :action => 'edit', :id => @page.name}, 
-        {:class => 'navlink', :accesskey => 'E', :id => 'edit'})
+        {:class => 'navlink', :accesskey => 'E', :id => 'edit', :rel => 'nofollow'})
   end
 
   def edit_web
     link_to('Edit Web', {:web => @web.address, :action => 'edit_web'}, 
-        {:class => 'navlink', :accesskey => 'W', :id => 'edit_web'})
+        {:class => 'navlink', :accesskey => 'W', :id => 'edit_web', :rel => 'nofollow'})
   end
             
   def forward
     if @revision_number < @page.revisions.length - 1
       link_to('Forward in time', 
           {:web => @web.address, :action => 'revision', :id => @page.name, :rev => @revision_number + 1},
-          {:class => 'navlink', :accesskey => 'F', :id => 'to_next_revision'}) + 
+          {:class => 'navlink', :accesskey => 'F', :id => 'to_next_revision', :rel => 'nofollow'}) + 
           " <span class='revisions'>(#{@revision.page.revisions.length - @revision_number} more)</span> "
     else
         link_to('Forward in time', {:web => @web.address, :action => 'show', :id => @page.name},
-            {:class => 'navlink', :accesskey => 'F', :id => 'to_next_revision'}) +
+            {:class => 'navlink', :accesskey => 'F', :id => 'to_next_revision', :rel => 'nofollow'}) +
             " <span class='revisions'>(to current)</span>"
     end
   end
@@ -48,7 +48,7 @@ module WikiHelper
   def back_for_revision
     link_to('Back in time',
         {:web => @web.address, :action => 'revision', :id => @page.name, :rev => @revision_number - 1},
-        {:class => 'navlink', :id => 'to_previous_revision'}) + 
+        {:class => 'navlink', :id => 'to_previous_revision', :rel => 'nofollow'}) + 
         " <span class='revisions'>(#{@revision_number - 1} more)</span>"
   end
 
@@ -56,7 +56,7 @@ module WikiHelper
     link_to('Back in time', 
         {:web => @web.address, :action => 'revision', :id => @page.name, 
         :rev => @page.revisions.length - 1},
-        {:class => 'navlink', :accesskey => 'B', :id => 'to_previous_revision'}) +
+        {:class => 'navlink', :accesskey => 'B', :id => 'to_previous_revision', :rel => 'nofollow'}) +
         " <span class='revisions'>(#{@page.revisions.length - 1} #{@page.revisions.length - 1 == 1 ? 'revision' : 'revisions'})</span>"
   end
   
@@ -69,19 +69,19 @@ module WikiHelper
     link_to(@show_diff ? 'Hide changes' : 'See changes', 
         {:web => @web.address, :action => 'revision', :id => @page.name, :rev => @revision_number, 
          :mode => (@show_diff ? nil : 'diff') },
-        {:class => 'navlink', :accesskey => 'C', :id => 'see_changes'})
+        {:class => 'navlink', :accesskey => 'C', :id => 'see_changes', :rel => 'nofollow'})
   end
 
   def see_or_hide_changes_for_page
     link_to(@show_diff ? 'Hide changes' : 'See changes', 
         {:web => @web.address, :action => 'show', :id => @page.name, :mode => (@show_diff ? nil : 'diff') },
-        {:class => 'navlink', :accesskey => 'C', :id => 'see_changes'})
+        {:class => 'navlink', :accesskey => 'C', :id => 'see_changes', :rel => 'nofollow'})
   end
   
   def rollback
     link_to('Rollback', 
         {:web => @web.address, :action => 'rollback', :id => @page.name, :rev => @revision_number},
-        {:class => 'navlink', :id => 'rollback'})
+        {:class => 'navlink', :id => 'rollback', :rel => 'nofollow'})
   end
 
   

app/views/wiki/page.rhtml

@@ -34,11 +34,11 @@
     | Views: 
     <%= link_to('Print',
             { :web => @web.address, :action => 'print', :id => @page.name },
-            { :accesskey => 'p', :id => 'view_print' }) %>
+            { :accesskey => 'p', :id => 'view_print', :rel => 'nofollow' }) %>
   <% if @web.markup == :markdownMML or @web.markup == :markdown %>
     | 
     <%= link_to 'TeX', {:web => @web.address, :action => 'tex', :id => @page.name}, 
-            {:id => 'view_tex'} %>
+            {:id => 'view_tex', :rel => 'nofollow' } %>
    <% if WikiReference.pages_in_category(@web, 'S5-slideshow').map.include?(@page.name) %>
     |
     <%= link_to 'S5', {:web => @web.address, :action => 's5', :id => @page.name},

test/unit/chunks/category_test.rb

@@ -19,4 +19,11 @@ class CategoryTest < Test::Unit::TestCase
 	)
   end
 
+  def test_multiple_categories_sanitized
+	match(Category, 'category: test, multiple,<span>a & b</span> <script>alert("XSS!");</script>', :list => ['test', 'multiple', '&lt;span&gt;a &amp; b&lt;/span&gt; &lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;'], :hidden => nil)
+	match(Category, 'category : chunk test , multi category,<span>a & b</span> <script>alert("XSS!");</script>', 
+		:list => ['chunk test','multi category','&lt;span&gt;a &amp; b&lt;/span&gt; &lt;script&gt;alert(&quot;XSS!&quot;);&lt;/script&gt;'], :hidden => nil
+	)
+  end
+
 end

test/unit/chunks/nowiki_test.rb

@@ -12,4 +12,10 @@ class NoWikiTest < Test::Unit::TestCase
 	)
   end
 
+  def test_sanitized_nowiki
+	match(NoWiki, 'This sentence contains <nowiki><span>a & b</span> <script>alert("XSS!");</script></nowiki>. Do not touch!',
+		:plain_text => '<span>a &amp; b</span> &lt;script&gt;alert("XSS!");&lt;/script&gt;'
+	)
+  end
+
 end

vendor/plugins/manage_fixtures/CHANGELOG

@@ -0,0 +1,15 @@
+-----
+2.1.0
+- Added table import functionality
+  - Changed default db:fixtures:import_all to use tables instead of models
+  - db:fixtures:import_for_tables TABLES=foos,bars
+
+2.0.0
+- Added two new export tasks
+  - db:fixtures:import_all
+  - db:fixtures:import_for_models MODELS=Foo,Bar
+
+1.0.0
+
+- imported original code by Chris McGrath [octopod]
+- added namespace support for the tasks [nshb]

vendor/plugins/manage_fixtures/MIT-LICENSE

@@ -0,0 +1,21 @@
+Copyright (c) 2006 Chris McGrath
+
+The MIT License
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

vendor/plugins/manage_fixtures/README

@@ -0,0 +1,68 @@
+= Description
+
+This plugin is a super lightweight tool used to manage all your fixtures, whether it is exporting or importing them.
+
+So if you want to export all your data from your production server into your development environment, this will simplify the process without having to load up your database manager. 
+
+Similarly, if you want to import a selected set of Models, you can do that using the appropriate tasks.
+
+= INSTALLATION
+
+  [%] script/plugin discover
+  [%] script/plugin install manage_fixtures
+
+= USAGE
+
+Create YAML test fixtures from data in an existing database. Defaults to development database. Set RAILS_ENV to override. 
+  [%] rake db:fixtures:export_all
+
+Create YAML test fixtures for a specific table(s) from data in an existing database. Defaults to development database. Set RAILS_ENV to override. 
+  [%] rake db:fixtures:export_for_tables TABLES=foos[,bars] 
+
+Create YAML text fixtures based on a specific SQL query
+  [%] rake db:fixtures:export_using_query SQL="select * from foo where id='bar'" FIXTURE_NAME=foo
+
+Import the YAML test fixtures for specific models from data in an existing database. Defaults to development database. Set RAILS_ENV to override.
+  [%] rake db:fixtures:import_for_models MODELS=Foo[,Bar,Land]
+
+Import all YAML test fixtures for all of the tables from data in an existing database. Defaults to development database. Set RAILS_ENV to override.
+  [%] rake db:fixtures:import_all
+
+Import all YAML test fixtures for all of the tables from data in an existing database. Defaults to development database. Set RAILS_ENV to override.
+  [%] rake db:fixtures:import_for_tables TABLES=foos[,bars,land]
+
+= AUTHORS
+
+Nathaniel Brown - nshb@inimit.com
+Chris McGrath
+
+= BUGS
+
+Please report any bugs or feature enhancements to http://dev.toolbocks.com
+
+= LICENSE
+
+Copyright (c) 2006 Nathaniel Brown
+Copyright (c) 2006 Chris McGrath
+
+This is the MIT license, the license Ruby on Rails itself is licensed 
+under.
+
+Permission is hereby granted, free of charge, to any person obtaining 
+a copy of this software and associated documentation files (the 
+"Software"), to deal in the Software without restriction, including 
+without limitation the rights to use, copy, modify, merge, publish, 
+distribute, sublicense, and/or sell copies of the Software, and to permit
+persons to whom the Software is furnished to do so, subject to the 
+following conditions:
+
+The above copyright notice and this permission notice shall be included 
+in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE
+OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 

vendor/plugins/manage_fixtures/index.html

@@ -0,0 +1,13 @@
+<html><head><title>Revision 427: /plugins/manage_fixtures</title></head>
+<body>
+ <h2>Revision 427: /plugins/manage_fixtures</h2>
+ <ul>
+  <li><a href="../">..</a></li>
+  <li><a href="CHANGELOG">CHANGELOG</a></li>
+  <li><a href="MIT-LICENSE">MIT-LICENSE</a></li>
+  <li><a href="README">README</a></li>
+  <li><a href="lib/">lib/</a></li>
+  <li><a href="tasks/">tasks/</a></li>
+ </ul>
+ <hr noshade><em>Powered by <a href="http://subversion.tigris.org/">Subversion</a> version 1.4.4 (r25188).</em>
+</body></html>

vendor/plugins/manage_fixtures/lib/index.html

@@ -0,0 +1,9 @@
+<html><head><title>Revision 427: /plugins/manage_fixtures/lib</title></head>
+<body>
+ <h2>Revision 427: /plugins/manage_fixtures/lib</h2>
+ <ul>
+  <li><a href="../">..</a></li>
+  <li><a href="manage_fixtures.rb">manage_fixtures.rb</a></li>
+ </ul>
+ <hr noshade><em>Powered by <a href="http://subversion.tigris.org/">Subversion</a> version 1.4.4 (r25188).</em>
+</body></html>

vendor/plugins/manage_fixtures/lib/manage_fixtures.rb

@@ -0,0 +1,76 @@
+def write_yaml_fixtures_to_file(sql, fixture_name)
+  i = "000"
+  File.open("#{RAILS_ROOT}/dump/fixtures/#{fixture_name}.yml", 'w' ) do |file|
+    data = ActiveRecord::Base.connection.select_all(sql)
+    file.write data.inject({}) { |hash, record|
+      hash["#{fixture_name}_#{i.succ!}"] = record
+      hash
+    }.to_yaml
+  end
+end
+
+def import_table_fixture(table)
+  filename = File.join(RAILS_ROOT,'dump','fixtures',table + '.yml')
+  success = Hash.new
+  records = YAML::load( File.open(filename))
+
+  records.sort.each do |r|
+    row = r[1]
+    columns = []
+    values = []
+  
+    row.each_pair do |column, value|
+      if column.to_sym
+        columns << ActiveRecord::Base.connection.quote_column_name(column)
+        values << ActiveRecord::Base.connection.quote(value)
+      else
+        p "Column not found" + column.to_s
+      end
+    end
+    
+    insert_sql = "INSERT INTO #{table} (" + columns.join(', ') + ") VALUES (" + values.join(', ') + ")"
+
+      begin
+        if ActiveRecord::Base.connection.execute(insert_sql)
+          success[table.to_sym] = (success[table.to_sym] ? success[table.to_sym] + 1 : 1)
+        end
+      rescue
+        p "#{table} failed to import: " + insert_sql
+      end
+  end
+
+  p "Total of #{success[table.to_sym]} #{table} records imported successfully"
+end
+
+def import_model_fixture(model)
+  filename = File.join(RAILS_ROOT,'dump','fixtures',model.tableize + '.yml')
+  success = Hash.new
+  records = YAML::load( File.open(filename))
+    @model = Class.const_get(model)
+    @model.transaction do
+      records.sort.each do |r|
+        row = r[1]
+        @new_model = @model.new
+
+        row.each_pair do |column, value|
+          if column.to_sym
+            @new_model.send(column + '=', value)
+          else
+            p "Column not found" + column.to_s
+          end
+        end
+
+
+        begin
+          if @new_model.save
+            success[model.to_sym] = (success[model.to_sym] ? success[model.to_sym] + 1 : 1)
+          end
+        rescue
+          p "#{@new_model.class.to_s} failed to import: " + r.inspect
+          p @new_model.errors.inspect
+        end
+      end
+
+     p "Total of #{success[model.to_sym]} #{@new_model.class.to_s} records imported successfully"
+    end
+end

vendor/plugins/manage_fixtures/tasks/fixtures.rake

@@ -0,0 +1,83 @@
+require File.join(File.dirname(__FILE__), '..', 'lib', 'manage_fixtures.rb')
+
+desc "use rake db:fixtures:export_using_query SQL=\"select * from foo where id='bar'\" FIXTURE_NAME=foo"
+namespace :db do  
+  namespace :fixtures do
+    task :export_using_query => :environment do
+      write_yaml_fixtures_to_file(ENV['SQL'], ENV['FIXTURE_NAME'])
+    end
+  end
+end
+ 
+desc 'use rake db:fixtures:export_for_tables TABLES=foos[,bars,lands] Create YAML test fixtures for a specific table(s) from data in an existing database. Defaults to development database. Set RAILS_ENV to override. ' 
+namespace :db do  
+  namespace :fixtures do
+    task :export_for_tables => :environment do 
+      sql = "SELECT * FROM %s" 
+      tables = ENV['TABLES'] 
+      ActiveRecord::Base.establish_connection 
+      tables.each do |table_name| 
+        write_yaml_fixtures_to_file(sql % table_name, table_name)
+      end 
+    end
+  end
+end 
+ 
+ 
+desc ' Create YAML test fixtures from data in an existing database. Defaults to development database. Set RAILS_ENV to override. ' 
+namespace :db do  
+  namespace :fixtures do
+    task :export_all => :environment do 
+      sql = "SELECT * FROM %s" 
+      skip_tables = ["schema_info"] 
+      ActiveRecord::Base.establish_connection 
+      (ActiveRecord::Base.connection.tables - skip_tables).each do |table_name| 
+        i = "000" 
+        File.open("#{RAILS_ROOT}/test/fixtures/#{table_name}.yml", 'w' ) do |file| 
+          write_yaml_fixtures_to_file(sql % table_name, table_name)
+        end 
+      end 
+    end
+  end
+end 
+
+desc 'use rake db:fixtures:import_for_models MODELS=Foo[,Bar,Land] to import the YAML test fixtures for a specific models from data in an existing database. Defaults to development database. Set RAILS_ENV to override. '
+namespace :db do
+  namespace :fixtures do
+    task :import_for_models => :environment do
+      models = ENV['MODELS']
+      ActiveRecord::Base.establish_connection
+      models.each do |model_name|
+        import_model_fixture(model_name)
+      end
+    end
+  end
+end
+
+
+desc 'use rake db:fixtures:import_for_tables TABLES=foos[,bars,lands] to import the YAML test fixtures for a specific tables from data in an existing database. Defaults to development database. Set RAILS_ENV to override. '
+namespace :db do
+  namespace :fixtures do
+    task :import_for_tables => :environment do
+      tables = ENV['TABLES']
+      ActiveRecord::Base.establish_connection
+      tables.each do |table_name|
+        import_table_fixture(table_name)
+      end
+    end
+  end
+end
+
+desc 'use rake db:fixtures:import_all to import all YAML test fixtures for all of the tables from data in an existing database. Defaults to development database. Set RAILS_ENV to override. '
+namespace :db do
+  namespace :fixtures do
+    task :import_all => :environment do
+      ActiveRecord::Base.establish_connection
+      Dir.glob(File.join(RAILS_ROOT,'test','fixtures',"*.yml")).each do |f|
+        table_name = f.gsub(File.join(RAILS_ROOT,'test','fixtures', ''), '').gsub('.yml', '')
+        import_table_fixture(table_name)
+      end
+    end
+  end
+end
+

vendor/plugins/manage_fixtures/tasks/index.html

@@ -0,0 +1,9 @@
+<html><head><title>Revision 427: /plugins/manage_fixtures/tasks</title></head>
+<body>
+ <h2>Revision 427: /plugins/manage_fixtures/tasks</h2>
+ <ul>
+  <li><a href="../">..</a></li>
+  <li><a href="fixtures.rake">fixtures.rake</a></li>
+ </ul>
+ <hr noshade><em>Powered by <a href="http://subversion.tigris.org/">Subversion</a> version 1.4.4 (r25188).</em>
+</body></html>

vendor/rails/actionpack/lib/action_controller/base.rb

@@ -829,14 +829,6 @@ module ActionController #:nodoc:
         else
           response.body = text
         end
-        if response.headers['Status'] == "200 OK" && response.body.size > 0 
-          response.headers['Etag'] = "\"#{MD5.new(text).to_s}\"" 
-           
-          if request.headers['HTTP_IF_NONE_MATCH'] == response.headers['Etag'] 
-            response.headers['Status'] = "304 Not Modified" 
-            response.body = '' 
-          end 
-        end 
          
         response.body 
       end

vendor/rails/railties/lib/webrick_server.rb

@@ -59,6 +59,7 @@ class DispatchServlet < WEBrick::HTTPServlet::AbstractServlet
     server.mount('/', DispatchServlet, options)
 
     trap("INT") { server.shutdown }
+    trap("TERM") { server.shutdown }
     
     server.start
   end