Faster

Update dnsbl_check plugin to latest version.
Update Maruku to latest version.
In the wiki_controller, only apply the dnsbl_check before_filter 
  to the :edit, :new, and :save actions, instead of all actions.
  This makes mundane "show" requests faster, but does not 
  compromise spam-fighting ability.

app/controllers/admin_controller.rb

@@ -2,6 +2,7 @@ class AdminController < ApplicationController
 
   layout 'default'
   cache_sweeper :web_sweeper
+  before_filter :dnsbl_check
 
   def create_system
     if @wiki.setup?

app/controllers/application.rb

@@ -3,7 +3,7 @@
 class ApplicationController < ActionController::Base
 #  require 'dnsbl_check'
   protect_forms_from_spam
-  before_filter :dnsbl_check, :connect_to_model, :check_authorization, :setup_url_generator, :set_content_type_header, :set_robots_metatag
+  before_filter :connect_to_model, :check_authorization, :setup_url_generator, :set_content_type_header, :set_robots_metatag
   after_filter :remember_location, :teardown_url_generator
 
   # For injecting a different wiki model implementation. Intended for use in tests

app/controllers/file_controller.rb

@@ -7,7 +7,7 @@ class FileController < ApplicationController
 
   layout 'default'
   
-  before_filter :check_allow_uploads
+  before_filter :dnsbl_check, :check_allow_uploads
 
   def file
     @file_name = params['id']

app/controllers/wiki_controller.rb

@@ -7,6 +7,7 @@ require 'resolv'
 class WikiController < ApplicationController
 
   before_filter :load_page
+  before_filter :dnsbl_check, :only => [:edit, :new, :save]
   caches_action :show, :published, :authors, :tex, :s5, :print, :recently_revised, :list, 
         :atom_with_content, :atom_with_headlines, :if => Proc.new { |c| c.send(:do_caching?) }
   cache_sweeper :revision_sweeper

test/functional/wiki_controller_test.rb

@@ -602,6 +602,21 @@ class WikiControllerTest < Test::Unit::TestCase
     assert !home_page.locked?(Time.now)
   end
 
+  def test_dnsbl_filter_deny_action
+    @request.remote_addr = "127.0.0.2"
+    r = process 'save', 'web' => 'wiki1', 'id' => 'NewPage', 'content' => "Contents of a new page\r\n",
+      'author' => 'AuthorOfNewPage'
+
+    assert_equal 403, r.response_code
+  end
+
+  def test_dnsbl_filter_allow_action
+    @request.remote_addr = "127.0.0.2"
+    r = process 'show', 'id' => 'Oak', 'web' => 'wiki1'
+    assert_response :success
+    assert_tag :content => /All about oak/
+  end
+
   def test_spam_filters
     revisions_before = @home.revisions.size
     @home.lock(Time.now, 'AnAuthor')

vendor/plugins/dnsbl_check/README

@@ -1,6 +1,7 @@
-This plugin checks if the client is listed in RBLs (Real-time Blackhole Lists).
-These are lists of IP addresses misbehaving. There are many RBLs, some are more
-aggressive than others. More information at http://en.wikipedia.org/wiki/DNSBL
+This plugin checks if a user of your web application is listed in DNSBLs
+(DNS Blackhole Lists). These are lists of misbehaving IP addresses.
+There are many DNSBLs, some are more aggressive than others.
+More information at http://en.wikipedia.org/wiki/DNSBL
 
 This filter will result in one DNS request for every blocklist that you have
 configured. This might be problematic for sites under heavy load, although this
@@ -10,23 +11,23 @@ request takes a few miliseconds to complete, after all.
 
 INSTALLATION
 
-1. Download dnsbl_check-(version).tar.gz. You agree to the license.
-2. Go to your application's 'vendor/plugins' directory
-3. Untar (un-winzip) the above file: tar xvfz dnsbl_check.tar.gz
-4. Restart your application.
+1. execute "script/plugin install http://www.spacebabies.nl/svn/dnsbl_check"
+2. add "before_filter :dnsbl_check" to controllers that need checking
+3. restart your application.
 
 
 VERSION HISTORY
 
-0.1			18 June 2006		Initial release
-0.2			10 June 2006		Renamed to dnsbl_check, bugfix
-0.3			20 June 2006		Removed sorbs from distribution, was not supposed to be included (too aggressive)
-0.4			18 July 2006		Explicit return false added, moved to a per-controller basis (not global anymore)
-1.0			16 August 2006		Renamed 0.4 to 1.0. I have been using the plugin very succesfully for months now.
-1.1			17 October 2006	Multithreaded version
-1.2			23 October 2006	Using the native Ruby resolver library for better multithreaded support
-1.2.1			25 October 2006	Accepts a wider range of dns responses
-1.2.2			11 December 2006	dnsbls are seemingly under attack, added code to cope with failing service
+0.1	18 June 2006		Initial release
+0.2	10 June 2006		Renamed to dnsbl_check, bugfix
+0.3	20 June 2006		Removed sorbs from distribution, was not supposed to be included (too aggressive)
+0.4	18 July 2006		Explicit return false added, moved to a per-controller basis (not global anymore)
+1.0	16 August 2006		Renamed 0.4 to 1.0. I have been using the plugin very succesfully for months now.
+1.1	17 October 2006		Multithreaded version
+1.2	23 October 2006		Using the native Ruby resolver library for better multithreaded support
+1.2.1	25 October 2006		Accepts a wider range of dns responses
+1.2.2	11 December 2006	dnsbls are seemingly under attack, added code to cope with failing service
+1.3	30 November 2007	Chique 403 template, moved to Subversion based installation
 
 
 MORE INFORMATION

vendor/plugins/dnsbl_check/lib/dnsbl_check.rb

@@ -16,7 +16,7 @@
 # OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
 # WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 #
-# Version 1.2
+# Version 1.3
 # http://www.spacebabies.nl/dnsbl_check
 require 'resolv'
 
@@ -27,6 +27,7 @@ module DNSBL_Check
   private
   # Filter to check if the client is listed. This will be run before all requests.
   def dnsbl_check
+    return true if respond_to?(:logged_in?) && logged_in?
     return true if $dnsbl_passed.include? request.remote_addr
 
     passed = true
@@ -48,7 +49,8 @@ module DNSBL_Check
 
     # Add client ip to global passed cache if no dnsbls objected. else deny service.
     if passed
-      $dnsbl_passed = $dnsbl_passed[0,49].unshift request.remote_addr
+#      $dnsbl_passed = $dnsbl_passed[0,99].unshift request.remote_addr
+      $dnsbl_passed.push request.remote_addr
       logger.warn("#{request.remote_addr} added to DNSBL passed cache")
     else
       render :text => 'Access denied', :status => 403

vendor/plugins/maruku/AUTHORS

@@ -1,9 +1,11 @@
-Authors:
+Code and patches from:
 
 * [Andrea Censi](http://www.dis.uniroma1.it/~acensi)
 * [Jacques Distler](http://golem.ph.utexas.edu/~distler)
 * Paul Dlug
 * [Ari Stern](http://www.acm.caltech.edu/~astern)
+* Damir Zekic (z3c)
+* Alexandr Mankuta (cheba)
 
 Bug reporting, feature requests and praise:
 
@@ -12,6 +14,6 @@ Bug reporting, feature requests and praise:
 * Aggelos Orfanakos
 * Louis Marascio
 * Elliot Cable
-
+* ....
 
 (if you think your name should be here, I probably forgot to add it: tell me!)

vendor/plugins/maruku/lib/maruku/ext/div.rb

@@ -1,7 +1,20 @@
 
 
-OpenDiv = /^[ ]{0,3}\+\-\-+\s*(.*)$/
-CloseDiv = /^[ ]{0,3}\=\-\-+\s*(.*)$/
+#+-----------------------------------{.warning}------
+#| this is the last warning!
+#|
+#| please, go away!
+#|
+#| +------------------------------------- {.menace} --
+#| | or else terrible things will happen
+#| +--------------------------------------------------
+#+---------------------------------------------------
+
+OpenDiv = /^[ ]{0,3}\+\-\-+\s*(\{([^{}]*|".*"|'.*')*\})?\s*\-*\s*$/
+CloseDiv = /^[ ]{0,3}\=\-\-+\s*(\{([^{}]*|".*"|'.*')*\})?\s*\-*\s*$/
+# note these are not enough for parsing the above example:
+#OpenDiv = /^[ ]{0,3}\+\-\-+\s*(.*)$/
+#CloseDiv = /^[ ]{0,3}\=\-\-+\s*(.*)$/
 StartPipe = /^[ ]{0,3}\|(.*)$/ # $1 is rest of line
 DecorativeClosing = OpenDiv
 

vendor/plugins/maruku/lib/maruku/input/parse_span_better.rb

@@ -442,7 +442,8 @@ module MaRuKu; module In; module Markdown; module SpanLevelParser
 	SPACE = ?\ # = 32
 	
 #	R_REF_ID = Regexp.compile(/([^\]\s]*)(\s*\])/)
-	R_REF_ID = Regexp.compile(/([^\]\s]*)(\s*\])/)
+#	R_REF_ID = Regexp.compile(/([^\]\s]*)(\s*\])/)
+	R_REF_ID = Regexp.compile(/([^\]]*)\]/)
 	
 	# Reads a bracketed id "[refid]". Consumes also both brackets.
 	def read_ref_id(src, con)