Commit graph

1564 commits

Author SHA1 Message Date
Michal Wlodkowski 8fb8517156 css updates 2007-02-27 21:56:13 +00:00
Jacques Distler 552cf4cff0 XSS Security fixes 2007-02-25 15:13:50 +00:00
Jacques Distler f208d50032 Bah! 2007-02-24 23:07:25 -06:00
Jacques Distler 507a17aade More lenient URI scheme matching in sanitize. 2007-02-24 22:47:31 -06:00
Jacques Distler f9dcfa5af0 Make list of attributes whose values are scanned for acceptable URI schemes customizable. 2007-02-24 11:55:40 -06:00
Jacques Distler 59c64439d8 More unit tests. 2007-02-24 00:41:35 -06:00
Jacques Distler fff30ec27f Whoops! Forgot a test. 2007-02-23 15:09:12 -06:00
Jacques Distler d8e06f6db9 Sanitize URI schemes. 2007-02-23 13:34:58 -06:00
Jacques Distler 4c903d6a77 Renamed sanitize unit test file. 2007-02-23 11:57:39 -06:00
Jacques Distler e179508377 Sanitization now preserves case-sensitive element and attribute names (necessary to support SVG).
Unit tests, galore.
2007-02-23 11:32:06 -06:00
Jacques Distler 2fa1e08c96 Tweak dependencies of sanitize.rb 2007-02-22 01:16:18 -06:00
Jacques Distler bacae2c468 Finally! XSS-protection, done right.
If you want something done right, ...
2007-02-22 01:06:53 -06:00
Jacques Distler 0aafedb2df More XSS fixes.
Started fixing file uploads.
2007-02-21 12:10:47 -06:00
Jacques Distler 59adca44cc Make error documents XHTML. 2007-02-20 17:42:56 -06:00
Jacques Distler d1923e6387 Sync with latest Maruku. 2007-02-20 10:04:51 -06:00
Jacques Distler 88c6f27e14 Bah! *Someone* will care about those other Text-filters. 2007-02-20 08:18:48 -06:00
Jacques Distler e727507ac8 Zap gremlins.
Close cross-site scripting hole.
2007-02-19 23:15:39 -06:00
Jacques Distler d04ed8001b Some more appearance tweaks. 2007-02-19 17:35:32 -06:00
Jacques Distler e3fafb6e6d Version strings. 2007-02-19 10:01:16 -06:00
Jacques Distler 09e8b609b6 Yuck. Yet more XHTML validity fixes. 2007-02-18 23:14:55 -06:00
Jacques Distler 21a403b04f More XHTML validity and CSS cleanup. 2007-02-18 17:27:36 -06:00
Jacques Distler f1cff1a798 Stylesheet tweaks. 2007-02-18 02:43:26 -06:00
Jacques Distler 666cb32cc3 A little separation of presentation from content. 2007-02-18 01:48:32 -06:00
Jacques Distler fdbd6e288b Sync with latest Maruku. 2007-02-16 23:40:06 -06:00
Jacques Distler bbe2720e8b Whoops! Forgot to update the database. 2007-02-16 12:53:35 -06:00
Jacques Distler 558202d3a7 Make Markdown+itex2MML the default text filter. (After all, that's why people are here...) 2007-02-16 12:27:51 -06:00
Jacques Distler 3bbdf17f0b Whoops! Do that right. 2007-02-16 11:13:31 -06:00
Jacques Distler 373f25bcb7 Removed (temporarily, I hope) the "export web to TeX" and PDF-output features. They were slow and didn't work right. 2007-02-16 11:05:55 -06:00
Jacques Distler 82e56697ee Fix bug in Maruku. 2007-02-16 09:39:49 -06:00
Jacques Distler e636d6fa32 Valid XHTML? Couldn't hurt! 2007-02-15 08:26:47 -06:00
Jacques Distler fc15848517 Configure equation-numbering as we like it. 2007-02-14 22:19:37 -06:00
Jacques Distler ff63e894b2 Sync with latest Maruku.
Finally able to ditch BlueCloth completely.
2007-02-14 20:32:24 -06:00
Jacques Distler 0556f43180 XHTML-safe version of form_spam_protection. 2007-02-14 11:00:11 -06:00
Jacques Distler d291318f3e Sync with latest (2/13/2007) Instiki svn. 2007-02-13 09:55:26 -06:00
Matthias Tarasiewicz c9a9b7d315 adding the form_spam_protection plugin that was missing from the last commit 2007-02-13 13:27:54 +00:00
Matthias Tarasiewicz 113223f364 - AntiSPAM: included form-spam-protection rails plugin (Hivelogic Enkoder)
- update: updated scripts and javascripts to rails 1.2.1
2007-02-13 13:24:03 +00:00
Jacques Distler f896f8fbdc Added support for @xml:lang and blockquote@cite to Maruku.
Added Javascript styling for blockquote@cite.
2007-02-13 03:25:05 -06:00
Jacques Distler d4b947462b Whoops! Missed one. 2007-02-10 23:17:16 -06:00
Jacques Distler 63e217bcfd Moved Maruku (and its dependencies) and XHTMLDiff (and its dependencies) to vendor/plugins/ .
Synced with Instiki SVN.
2007-02-10 23:03:15 -06:00
Matthias Tarasiewicz ad22579668 cookie fix: being logged in on more Webs at once works now [Jaques Distler] 2007-02-10 09:47:36 +00:00
Jacques Distler 64037c67ac Fixed bug in pages_that_reference(page). 2007-02-09 17:44:36 -06:00
Jacques Distler 5f31d12a6f Updated tests to reflect new cookie scheme (from rev 17). 2007-02-09 17:29:17 -06:00
Jacques Distler bba0cf6b10 Ooops! Fixed upgrade of Rails. 2007-02-09 17:12:31 -06:00
Jacques Distler 5536e6e79e Allow user to be logged-inot several password-protected webs simultaneously. 2007-02-09 13:19:03 -06:00
Jacques Distler c358389f25 TeX and CSS tweaks.
Sync with latest Instiki Trunk
(Updates Rails to 1.2.2)
2007-02-09 02:04:31 -06:00
Matthias Tarasiewicz 49032a99c6 svn:external rails updated to 1.2.2
fixed ticket #372 typo in db-query
sqlite3-ruby updated to 1.2.1
2007-02-08 22:01:36 +00:00
Jacques Distler 0ac586ee25 Sync with latest Maruku. 2007-02-04 19:36:33 -06:00
Jacques Distler 5246bada80 Added some more xhtmldiff unit tests. 2007-02-04 16:30:29 -06:00
Jacques Distler 87318e6e62 More display tweaks for redline diff pages. 2007-02-04 10:18:21 -06:00
Jacques Distler 9d511cd480 tweaked stylesheet, to accommodate the way browsers handle some <del> and <ins> insertions. 2007-02-04 01:21:29 -06:00