Jacques Distler
70025a4ba3
More SVG Sanitization
2007-10-31 01:00:45 -05:00
Jacques Distler
eca126f589
Sanitize <svg:image>
...
This element is unsafe.
2007-10-29 13:51:41 -05:00
Jacques Distler
f24c60c3fb
Better handling of SVG attributes which admit uri refs
...
Just strip out the URI ref, leaving alternates.
2007-10-27 23:08:13 -05:00
Jacques Distler
5208bbf0af
Sanitize url refs in SVG attributes
...
Add some tests.
Sync with latest HTML5lib (includes above sanitization improvements).
2007-10-27 17:34:29 -05:00
Jacques Distler
8ce5016b41
UTF-8 Bug
...
Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling.
Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.
2007-10-26 00:48:43 -05:00
Jacques Distler
a92b593949
SVG in Equations
...
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler
36f55fc9aa
Add support for the MathML <semantics> Element
2007-10-21 02:19:10 -05:00
Jacques Distler
207fb1f7f2
New Version
...
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jacques Distler
148afb77e0
Sync with latest Maruku
...
Apparently, Maruku had trouble with the latest release of Ruby (1.8.6, patchlevel 110). This should fix it.
2007-10-10 22:06:44 -05:00
Jacques Distler
55fdc9fff4
Sync with latest HTML5lib
2007-10-06 11:55:58 -05:00
Jacques Distler
c67382d340
Start on LaTeX
...
Pave the way for Jason's LaTeX macro support.
Also, uniformize the capitalization of "ETag".
2007-10-04 02:50:08 -05:00
Jacques Distler
b0e316e37c
Minor Fixes
...
Get rid of Redefined CONSTANT warning.
Make WEBrick respond to TERM signal. (Launchd, in particular, requires this.)
Rollback superfluous change to rails/actionpack/lib/action_controller/base.rb. Handled by the action_cache plugin.
2007-10-01 22:09:51 -05:00
Jacques Distler
06d96349e4
Don't stomp on test/fixtures, when dumping the database to YAML
...
Tweak the manage_fixtures plugin to use the dump/fixtures instead of test/fixtures directory.
2007-09-23 01:50:40 -05:00
Jacques Distler
e8769c0b83
Add the manage_fixtures plugin for easy database migration
2007-09-20 00:36:07 -05:00
Jacques Distler
ed68d975df
Update to latest HTML5lib
...
Fix that Tokenizer bug for real this time.
2007-09-09 22:26:19 -05:00
Jacques Distler
5b182bd228
HTML5lib Bug
...
Fixed a bug in the HTML5lib tokenizer (affects S5 slideshows).
Some miscellaneous code cleanup. In particular, don't bother with zapping control characters;
instead, rely on is_utf8? method to raise an exception (which we do anyway).
2007-09-06 10:40:48 -05:00
Jacques Distler
f482036683
S5 Themes Support
...
Added support for S5 Themes. Themes are stored in the public/s5/themes/ directory.
6 themes are included: default, nautilus, blue, flower, i18n, pixel.
2007-09-05 08:38:54 -05:00
Jacques Distler
81d3cdc8e4
Minor S5 tweaks and Sync with Latest HTML5lib
2007-08-30 12:19:10 -05:00
Jacques Distler
1bc5da0053
Use XHTMLSerializer, where appropriate.
2007-07-04 18:53:03 -05:00
Jacques Distler
8ccaad85a5
Sync with latest HTML5lib and latest Maruku
2007-07-04 17:36:59 -05:00
Jacques Distler
8e92e4a3ab
Sync with latest HTML5lib
2007-06-22 03:12:08 -05:00
Jacques Distler
df2898d940
Fix Caching bug (bis)
...
Nope! It's not a Rails bug. It's an action_cache plugin bug, after all. Fixed now.
2007-06-15 09:59:32 -05:00
Jacques Distler
31f691329a
Fix Caching Bug
...
Files with "+"s in their names (e.g. from Wiki pages with spaces in their names) were not being expired properly. This is actually a Rails bug, but I fixed it by patching the action_cache plugin.
2007-06-15 09:18:06 -05:00
Jacques Distler
3de374d6c1
More fixes, sync with HTML5lib
...
Do a better job with the wrapper <div>s added by xhtmldiff and Maruku's to_html_tree method.
More tests fixed.
2007-06-13 23:05:15 -05:00
Jacques Distler
3ca33e52b5
Cleanup
...
Got rid of redcloth_for_tex.
Fixed almost all the busted tests.
2007-06-13 01:56:44 -05:00
Jacques Distler
2da672ec5b
Many Minor Fixes
...
Fixed a whole bunch of minor stuff.
Had a go at getting some of the plethora of broken tests to pass.
2007-06-12 17:37:55 -05:00
Jacques Distler
0ddd422059
Sync with latest HTML5lib
2007-06-11 23:33:06 -05:00
Jacques Distler
c2bfdefa57
Another XSS fix
...
Yet another interesting XSS attack from
http://ha.ckers.org/xss.html
2007-06-11 00:03:51 -05:00
Jacques Distler
aac197430c
More XSS vectors defanged
2007-06-10 15:07:26 -05:00
Jacques Distler
a6cbf38304
Table elements, too
...
Last fixup for the sanitizer tests.
2007-06-09 22:53:35 -05:00
Jacques Distler
6b2ec7354b
Rationalize Sanitizer Tests
2007-06-09 22:21:50 -05:00
Jacques Distler
3bf560c3b3
Updated to Latest HTML5lib
...
Synced with latest HTML5lib.
Added some RDoc-compatible documentation to the sanitizer.
2007-06-08 17:26:00 -05:00
Jacques Distler
86a7577975
Renamed one function.
2007-06-06 14:36:54 -05:00
Jacques Distler
0012efcfb4
Fixed Porting Error in HTML5lib Serializer
2007-06-06 08:44:57 -05:00
Jacques Distler
8846b2cda5
Sync with Latest HTML5lib
...
Some more tweaks
2007-06-06 08:12:03 -05:00
Jacques Distler
fd183eac04
More Tests
...
Put the Serializer version of the Sanitizer through its paces.
2007-06-06 00:56:43 -05:00
Jacques Distler
e1acebe6e4
Bugfix
...
Me stoopid.
2007-06-05 18:06:26 -05:00
Jacques Distler
bd8ba1f4b1
REXML Trees
...
Synced with latest HTML5lib.
Added preliminary support (currently disabled) for sanitizing REXML trees.
2007-06-05 16:34:49 -05:00
Jacques Distler
4dd70af5ae
HTML5lib is Back.
...
Synced with latest version of HTML5lib, which fixes problem with Astral plane characters.
I should really do some tests, but the HTML5lib Sanitizer seems to be 2-5 times slower than the old sanitizer.
2007-05-30 10:45:52 -05:00
Jacques Distler
dc629f5c07
Do Content-negotiation for Cached Content
...
The action_cache plugin broke our content-negotiation.
Fixed.
2007-05-28 12:48:42 -05:00
Jacques Distler
5db9b7d3ea
Fixed action_cache Plugin
...
The action_cache plugin had Conditional GET (If-Modified-Since) support. I added ETag (If-None-Match) support.
2007-05-26 14:11:53 -05:00
Jacques Distler
d62b880e3f
ETags and Action Caching
...
Added the action_cache plugin
http://agilewebdevelopment.com/plugins/action_cache
which does action-caching with ETags support. The built-in Rails ETags "solution" sucks, because it forces a page-rerender, even when the content is unchanged.
2007-05-25 22:52:42 -05:00
Jacques Distler
6b21ac484f
HTML5lib Sanitizer
...
Replaced native Sanitizer with HTML5lib version.
Synced with latest Maruku.
2007-05-25 20:52:27 -05:00
Jacques Distler
457ec8627c
ETag Support from Edge-Rails
...
Added ETag support from
http://dev.rubyonrails.org/changeset/6158
2007-05-18 16:53:58 -05:00
Jacques Distler
19889c98d4
Safari's DOM support in XHTML is horribly broken. Send it S5 slideshows as text/html. (Sorry: no inline SVG for you!)
...
Turn on Maruku's Math support in S5 slideshows, only if corresponding Web is Math-enabled.
2007-03-30 12:25:59 -05:00
Jacques Distler
9b9d134ad9
Fix upgrade to Rails 1.2.3.
...
Fix log-rotation (the previous attempt didn't quite work as advertised).
2007-03-21 15:37:29 -05:00
Jacques Distler
7adac51d6d
Sync with latest Instiki trunk. Changes:
...
1) Upgrade Rails to 1.2.3
2) Revert RedCloth to previous version (who %#$@ cares?)
3) Preserve the Rails Security fix to vendor/rails/actionpack/lib/action_controller/caching.rb from Revision 80.
2007-03-18 11:56:12 -05:00
Jacques Distler
46a456b3ad
Security: ensure that the file system cache is not world-writable
2007-03-10 11:05:52 -06:00
Jacques Distler
4ae46b32d8
Sync with latest maruku.
2007-03-10 02:06:54 -06:00
Jacques Distler
8300133c8d
Sync with latest Maruku.
2007-03-07 12:49:06 -06:00