deac/instiki
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
527 commits 3 branches 18 tags 34 MiB
Commit graph

85 commits

Author SHA1 Message Date
Jacques Distler 503f956084 Fix Two XSS Vulnerabilities 
Unescaped  page names (in 'edit' an 'new' views).
Unsanitized HTTP_CLIENT_IP header.
 2008-03-14 23:22:46 +00:00
Jacques Distler ab7f429a10 Security: Enforce POSTs 
Spammers can bypass form_spam_protect plugin by using GET instead of POST.

Fix this, by ensuring that unsafe operations are POSTs, rather than GETs.
 2007-10-07 17:59:20 +00:00
Jacques Distler 10b0561aca Category lists and WikiReferences restrict to current Web. 
Fix one sanitization test.
 2007-09-28 03:57:52 +00:00
Matt MacGillivray 36b86a9d41 Removed deprecation errors for rails 1.2.3. Corrected test case failures as a result of updated features and functionality 2007-05-07 22:46:00 +00:00
Matthias Tarasiewicz 8bfe83fa20 fix PDF output not to contain garbage chars [Jesse Newland] 2007-01-16 07:21:16 +00:00
Alexey Verkhovsky 8323b12795 get_page_and_revision handles the case of no rev parameter explicitly, rather than by chance 2006-09-19 19:13:02 +00:00
Alexey Verkhovsky 709d28dc4b /wiki/published renders a home page 2006-05-04 04:45:05 +00:00
Alexey Verkhovsky cbca2ba318 Fixed a silly bug 2006-05-04 04:31:55 +00:00
Alexey Verkhovsky 5f3cf38851 Fixed connect_to_model filter extension in wiki_controller (using inheritance here was daft); accelerated tests somewhat 2006-03-24 07:53:20 +00:00
Alexey Verkhovsky d051b174f8 Quick amd dirty spam filtering. We'll build something better in due time. 2006-03-20 01:36:45 +00:00
Alexey Verkhovsky 6f0434bf83 All tests pass, including Watir suite 2006-03-19 07:54:54 +00:00
Alexey Verkhovsky e44d16aef9 Fixed rendering of Recently Revised 2006-03-11 22:59:55 +00:00
Alexey Verkhovsky f8b3e2b11d See Changes as a separate page (still implemented within show and revision actions) 2006-03-11 22:10:32 +00:00
Alexey Verkhovsky c435bf2f2b [FIXES BVILD] Further improvement to diff.rb (I hope not to touch this beast again any time soon); See Changes ripped out from WikiController#show, will become a separate action 2006-03-11 21:27:49 +00:00
Alexey Verkhovsky a2cb920489 Fixed All Pages with a category 2005-11-14 11:07:14 +00:00
Alexey Verkhovsky 614a48c6ff Exclude links to files and pages from All Pages (so that they don't show up in Wanted Pages etc). 2005-11-14 11:00:46 +00:00
Alexey Verkhovsky 0b1a80a852 [BUILD STILL BROKEN] File uploads roughly speaking work (to about same extent as in 0.10) 2005-11-14 08:38:37 +00:00
Alexey Verkhovsky dea8d70c48 Improved behavior of JavaScript in the author field [from I2 patch by court3nay] 2005-11-04 05:23:34 +00:00
Alexey Verkhovsky 3703c1e1b3 Upgrade to Rails 0.14.2; fixed a failing functional test 2005-11-02 04:55:06 +00:00
Alexey Verkhovsky d3b25c8a19 Added meta robots tag to the default layout; added error handling to published pages 2005-11-01 07:31:44 +00:00
Alexey Verkhovsky 9e7306fb0a Outdated TODO deleted 2005-10-28 14:14:31 +00:00
Alexey Verkhovsky af25237a90 Render HTML pages for ExportHTML 'manually' 2005-10-27 05:29:24 +00:00
Alexey Verkhovsky 50b2cbd693 Fix to #255 - Author cookie expiry 2005-10-20 01:18:15 +00:00
Alexey Verkhovsky 223a1f9de3 Speeding up some stuff 2005-09-27 13:46:02 +00:00
Alexey Verkhovsky 16454549fe Fixed a nasty bug that caused Instiki to go into an endless loop on call to /wiki/print/ 2005-09-27 03:30:01 +00:00
Alexey Verkhovsky 4c14f07100 Fixed caching of RSS feeds; changed from caches_page to caches_action to make authentication and other filters work 2005-09-12 01:12:00 +00:00
Alexey Verkhovsky cc99790a4a Caching and sweeping pages. RSS feeds behave funny 2005-09-11 18:02:56 +00:00
Alexey Verkhovsky c4f593151e [FIXES BUILD] Fixed categories behavior and added id generation in import_storage. Something is still wrong with orphaned pages though 2005-09-11 16:49:08 +00:00
Alexey Verkhovsky ac819d4d68 BREAKS BUILD: all pages etc are much faster, but categories functionality is broken (it was responsible for calling the renderer once per every page on All Pages) 2005-09-11 09:34:41 +00:00
Alexey Verkhovsky cd68db01d2 Store wiki references found during rendering 2005-09-11 05:44:34 +00:00
Alexey Verkhovsky bfecd09b56 Fixed includes; started wrking onn caching strategy 2005-09-11 04:23:50 +00:00
Alexey Verkhovsky 7e500dfe57 Controllers create renderer objects and pass them on to page.revise and page.rollback methods 2005-09-10 06:12:57 +00:00
Alexey Verkhovsky 427f989d69 Extacted rendering logic from the model 2005-09-09 05:31:27 +00:00
Alexey Verkhovsky 61eacae836 Fix for exports and other file downloads 2005-08-15 00:07:43 +00:00
Alexey Verkhovsky 5b075ca338 Renamed revised_on to revised_at everywhere (for consistency) 2005-08-14 23:27:55 +00:00
Alexey Verkhovsky 052754b068 Dropped number from revision table. Also dropped timestamp. We will rely on autoincremented ID for sorting, and will for now store the time of last edit of the revision in revised_at. Later we will refactor content into a separate table (so as not to load the whole 300 kb of text and cached HTML every time we need page.revisions in code). Rake tests all pass, but watir tests indicate that some revision traversing links are still broken 2005-08-14 22:26:54 +00:00
Rick Okin 26c046cdfa move to AR 2005-08-09 02:20:28 +00:00
Alexey Verkhovsky 04a8f80273 Further tweaking of markup error handling code 2005-05-29 18:40:25 +00:00
Alexey Verkhovsky a1527f60b0 Added explicit sorting of authors and pages in Authors page 2005-05-29 14:18:05 +00:00
Alexey Verkhovsky 4053380fd4 Improved error handling in wiki/save (ticket:153) 2005-05-09 05:16:20 +00:00
Alexey Verkhovsky 7be6cbecba HTML-escaping of error and info messages 2005-05-09 04:31:02 +00:00
Alexey Verkhovsky 8755935bf6 Fixed wiki/export_html, ticket:147 2005-05-05 09:42:25 +00:00
Alexey Verkhovsky 8827f61b70 Export with no layout option in the export_html 2005-05-03 02:13:42 +00:00
Alexey Verkhovsky ee396a3237 Fixed HTML export to work with current Rails (the implementation uses some non-public Rails methods, and since some point Rails 'forgot' to use layout in there) 2005-05-02 00:51:37 +00:00
Alexey Verkhovsky 24f418e5b5 Renamed redirect_show to redirect_to_page and redirect_home 2005-04-28 23:07:42 +00:00
Alexey Verkhovsky 7152a78476 Synchronized file names with their hyperlink paths in export files 2005-04-08 05:40:11 +00:00
Alexey Verkhovsky e3a48c2732 Corrected some export file names (to have a slash between directory and file name) 2005-04-08 05:29:20 +00:00
Alexey Verkhovsky 4f04ff39e9 Fixed a subtle bug in RedclothForTex 2005-04-07 05:15:46 +00:00
Alexey Verkhovsky a74b3f8934 Extracted categories menu to a helper, and got rid of hrefs 2005-04-07 03:24:02 +00:00
Alexey Verkhovsky 6f8b5b44d3 RSS feeds are now smart about password-protected webs 2005-04-03 07:31:11 +00:00