Jacques Distler
35257b5fae
IPv6-compatible fix for latest Philip Taylor Phun
...
This is better than Revision 228.
2008-03-14 17:25:02 -05:00
Jacques Distler
d46798dd08
Security: Sanitize Remote IP address
...
Dunno quite how, but evidently, request.ip is manipulable. Make sure it consists of a dotted-quad.
Also, correct a typo from the previous revision.
2008-03-14 10:50:06 -05:00
Jacques Distler
f739077976
Yet more well-formedness Phun
...
Error messages need to be escaped.
2008-03-13 18:06:16 -05:00
Jacques Distler
5a0a6b2ca1
More Philip Taylor Phun
...
More checks that page_names are valid utf_8.
2008-01-22 20:22:59 -06:00
Jacques Distler
ebc409e1a0
Ensure the_content REALLY is utf-8
...
Our check that the the_content was valid utf-8 was rather busted.
This one works right. In particular, we needed to expand NCRs before checking.
2008-01-03 15:27:03 -06:00
Jacques Distler
0c16ab4e6f
Better Error for Stale Session
...
Rather than giving a generic 500 error, tell the user to reload the page.
2007-12-30 10:41:19 -06:00
Jacques Distler
a2c7705de5
More of the Same.
2007-12-30 03:58:57 -06:00
Jacques Distler
df28bd545a
Well-Formed Error Pages
...
Apparently, my fans think returning raw text error messages are a bad thing.
Well-formed XHTML for them, I guess ...
2007-12-30 03:28:33 -06:00
Jacques Distler
6873fc8026
Upgrade to Rails 2.0.2
...
Upgraded to Rails 2.0.2, except that we maintain
vendor/rails/actionpack/lib/action_controller/routing.rb
from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.
Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jacques Distler
207fb1f7f2
New Version
...
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jacques Distler
179a0a9cb2
Might as well
...
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler
2484542f12
Security: HTTP GET Bypassed Spam Protection
...
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.
Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler
b0e316e37c
Minor Fixes
...
Get rid of Redefined CONSTANT warning.
Make WEBrick respond to TERM signal. (Launchd, in particular, requires this.)
Rollback superfluous change to rails/actionpack/lib/action_controller/base.rb. Handled by the action_cache plugin.
2007-10-01 22:09:51 -05:00
Jacques Distler
c54a78c026
Links in Published Webs
...
Links in published Webs (in particular, the author-link) should be to the published version of the page.
2007-09-15 14:39:28 -05:00
Jacques Distler
54aada824c
Use Standard PageRenderer for S5 Content
...
From Jason Blevins: use the standard PageRenderer class to render S5 content. This way, WikiWords (etc) are processed in S5 slideshows.
2007-09-14 10:43:03 -05:00
Jacques Distler
5b182bd228
HTML5lib Bug
...
Fixed a bug in the HTML5lib tokenizer (affects S5 slideshows).
Some miscellaneous code cleanup. In particular, don't bother with zapping control characters;
instead, rely on is_utf8? method to raise an exception (which we do anyway).
2007-09-06 10:40:48 -05:00
Jacques Distler
f482036683
S5 Themes Support
...
Added support for S5 Themes. Themes are stored in the public/s5/themes/ directory.
6 themes are included: default, nautilus, blue, flower, i18n, pixel.
2007-09-05 08:38:54 -05:00
Jacques Distler
dbed460843
Fixed S5 output for Safari
...
Safari can now receive S5 slideshows as real XHTML.
2007-07-27 13:47:19 -05:00
Jacques Distler
3ca33e52b5
Cleanup
...
Got rid of redcloth_for_tex.
Fixed almost all the busted tests.
2007-06-13 01:56:44 -05:00
Jacques Distler
2da672ec5b
Many Minor Fixes
...
Fixed a whole bunch of minor stuff.
Had a go at getting some of the plethora of broken tests to pass.
2007-06-12 17:37:55 -05:00
Jacques Distler
3df61e352d
Fix for IE7+MathPlayer.
...
Based on
http://lists.w3.org/Archives/Public/www-math/2007May/0044.html
I've altered the Content-Type header sent to IE+MathPlayer. Rationale is
explained in
http://lists.w3.org/Archives/Public/www-math/2007May/0045.html
2007-05-29 17:10:20 -05:00
Jacques Distler
dc629f5c07
Do Content-negotiation for Cached Content
...
The action_cache plugin broke our content-negotiation.
Fixed.
2007-05-28 12:48:42 -05:00
Jacques Distler
6b21ac484f
HTML5lib Sanitizer
...
Replaced native Sanitizer with HTML5lib version.
Synced with latest Maruku.
2007-05-25 20:52:27 -05:00
Jacques Distler
3b6cd309ff
Sync with Instiki Trunk
...
Sync with Revision 519 of Instiki trunk (2007/5/7).
2007-05-11 11:47:38 -05:00
Jacques Distler
493803cfd1
Atom Feeds (bis)
...
Remove some vestiges of RSS 2.0.
2007-04-13 17:20:14 -05:00
Jacques Distler
3a57d3aade
Atom Feeds
...
Replaced Instiki's RSS 2.0 feeds with Atom 1.0 feeds.
2007-04-13 17:04:03 -05:00
Jacques Distler
19889c98d4
Safari's DOM support in XHTML is horribly broken. Send it S5 slideshows as text/html. (Sorry: no inline SVG for you!)
...
Turn on Maruku's Math support in S5 slideshows, only if corresponding Web is Math-enabled.
2007-03-30 12:25:59 -05:00
Jacques Distler
0db06a9fa3
To be really XML-safe, don't emit XHTML+MathML named entities. (Ported MathML::Entities to Ruby.)
2007-03-29 03:30:10 -05:00
Jacques Distler
ff3e03a45a
Switched from XHTML+MathML to XHTML+MathML+SVG DOCTYPE. Silly, I know ...
2007-03-16 01:10:52 -05:00
Jacques Distler
c704f899af
File uploads now work.
2007-03-10 22:31:24 -06:00
Jason R. Blevins
e2b93c9e29
Made S5 view publically viewable for published webs.
...
Added an S5 view link to the bottom of the published view page.
2007-03-10 18:03:40 -05:00
Jason R. Blevins
12743280fb
All WikiReference methods now limit results to the current web.
...
Category lists are now restricted to the current web.
2007-03-10 16:09:20 -05:00
Jacques Distler
144540a761
Fixed caching bug with category 'list' and 'recently_revised' views.
...
Re-enabled filesystem caching.
2007-03-10 00:18:18 -06:00
Jacques Distler
db76c79cfb
Whoops! harmless typo.
2007-03-09 08:04:24 -06:00
Jacques Distler
a656772622
Deal with clients that don't send an HTTP_ACCEPT header.
...
Cache S5, TeX and Print views.
Temporary hack: don't cache list and recently_revised pages.
2007-03-08 21:57:21 -06:00
Jacques Distler
d74116dc67
Ensure that input is bona fide utf-8.
2007-03-07 21:06:39 -06:00
Jacques Distler
6a7645c45c
Fixed inline SVG in S5.
...
More S5 Stylesheet tweaks.
2007-03-01 10:50:06 -06:00
Jacques Distler
41ff4724b8
Converging on S5 support.
2007-03-01 03:05:35 -06:00
Jacques Distler
02c6ed2fa0
More progress on S5.
...
Forgot to add gremlin zapping in app/views/wiki/edit.rhtml.
2007-02-28 18:38:52 -06:00
Jacques Distler
8359047fd5
Start on adding S5 support to Instiki.
2007-02-28 13:31:34 -06:00
Jason R. Blevins
b65a5b8e30
Bug fix. Previously, all categories were visible from all webs. Now category lists are restricted to the current web.
2007-02-27 22:27:20 -05:00
Jacques Distler
e3fafb6e6d
Version strings.
2007-02-19 10:01:16 -06:00
Jacques Distler
0556f43180
XHTML-safe version of form_spam_protection.
2007-02-14 11:00:11 -06:00
Jacques Distler
d291318f3e
Sync with latest (2/13/2007) Instiki svn.
2007-02-13 09:55:26 -06:00
Jacques Distler
5536e6e79e
Allow user to be logged-inot several password-protected webs simultaneously.
2007-02-09 13:19:03 -06:00
Jacques Distler
eeef7952c3
Fixed the Content-negotiation for sending XHTML.
...
Fixed a non-well-formed page.
Maruku's metadata processing seems to be busted. May have to revert.
2007-02-01 17:22:15 -06:00
Jacques Distler
488dd334f7
Support for IE+MathPlayer.
...
Sync with latest Maruku.
2007-01-24 10:53:10 -06:00
Jacques Distler
29b4c4b837
Do content-negotiation to decide whether to send application/xhtml+xml or text/html.
...
Fixed the bozotic spam filter. Can you believe one can't use the word "texas" in Instiki?
2007-01-23 03:25:24 -06:00
Jacques Distler
b19e1e4f47
Bring up to current.
2007-01-22 08:36:51 -06:00
Jacques Distler
69b62b6f33
Checkout of Instiki Trunk 1/21/2007.
2007-01-22 07:43:50 -06:00