Commit graph

592 commits

Author SHA1 Message Date
Jacques Distler
5e7d2cf973 Rails 2.3.1
Update to the release version of Rails 2.3.1.
2009-03-05 07:54:17 -06:00
Jacques Distler
bd9fa0ed0c Bump Version Number
Update CHANGELOG and bump version number to 0.16.4.
2009-03-04 15:54:30 -06:00
Jacques Distler
d8a2a3657d Tests
Add tests for x-sendfile, <audio> and <video> support.
2009-03-03 22:27:26 -06:00
Jacques Distler
c7418af48d Support for HTML5 <audio>
As with <video>,

   [[foo.wav:audio]]

works now, producing an HTML5 <audio> element.
2009-03-03 12:17:14 -06:00
Jacques Distler
8ea8b6a8f7 <video> and x-sendfile
Using <object> and <embed> were forbidden for obvious
security reasons. Instiki now permits embedding video
via the HTML5 <video> element (Ogg/Theora encoded videos
only, with .ogg or .ogv extensions). You can even upload
videos with

    [[foo.ogg:video]]

Instiki now support x-sendfile. See the Proxying page for
configuring Apache (with the x-sendfile module). Lighttpd
should work similarly.

Update Rails to latest Edge (hopefully converging on RC2!).
2009-03-02 02:32:25 -06:00
Jacques Distler
133c21b801 Bugfixes and Rails Edge
Update to Rails 2.3.1.
  (Actually, not quite. Doesn't look like 2.3.1 will be released
   today, but I REALLY want to push these bugfixes out.)
Removed bundled Rack (Rails 2.3.1 comes bundled with Rack 1.0).
Add
     config.action_view.cache_template_loading = true
  to production environment.
Fix FastCGI bug (http://rubyforge.org/tracker/index.php?func=detail&aid=24191&group_id=186&atid=783).
Fix WikiWords bug (http://rubyforge.org/pipermail/instiki-users/2009-February/001181.html).
2009-02-27 19:23:00 -06:00
Jacques Distler
0ddef97328 Fix Caching Problem in 0.16.3
This fixes the caching problem

  http://golem.ph.utexas.edu/instiki/show/Known+Bugs?rev=13#Caching

which afflicts some installations of 0.16.3. With the patch, it's no
longer necessary that the Instiki directory be owned by the instiki
user (yay!).
2009-02-18 22:22:18 -06:00
Jacques Distler
7f2b16e78d File Upload Fixes
Dunno why this was buggered again. ":back" doesn't seem to function as it used to.
Also, when uploading a file from page "foo", it's important to return to "foo" after
a successful upload, rather than redirecting to the HomePage.

Finally, a favicon tweak.
2009-02-18 01:40:11 -06:00
Jacques Distler
d7c445178b Favicon
Add a favicon for Instiki.
Also, add an id for the svg path (which makes it reusable).
2009-02-13 17:22:58 -06:00
Jacques Distler
8802d90690 XHTML Validity
Use a SPAN instead of a DIV in the logo. H1 allows only inline content.
2009-02-11 01:39:53 -06:00
Jacques Distler
53751a61f0 Fix Maruku Hanging Bug
A Maruku-syntax <div> with an unclosed IAL (and, it seems, at least one equation)
would cause Instiki to hang. Badly. Requiring a 'kill -9' to terminate it.
Reverting the OpenDiv and CloseDiv Regexps to my, more simple-minded, versions
fixes the problem.
2009-02-09 22:20:34 -06:00
Jacques Distler
dcab2f870e Smoother
Adobe Illustrator's path optimizer produces much smoother
results than Sam's program (and it's WYSIWYG).
2009-02-08 19:36:44 -06:00
Jacques Distler
1ad8885974 Optimize SVG
Thanks to Sam Ruby, SVG logo is half the size it was before.
Also, use the "wrapper div" trick to make the logo work in
older browsers.
2009-02-08 10:27:08 -06:00
Jacques Distler
8a60e741d7 Only Display the Logo in XHTML-capable Text-Filters
Textile and RDoc users can't see the SVG anyway, so don't
bother rendering it.
2009-02-08 03:45:38 -06:00
Jacques Distler
6b49228aad Logo for Instiki
Added an SVG logo for Instiki.
2009-02-08 03:17:20 -06:00
Jacques Distler
b30002261a Use bundled Rack
WEBrick in Rack doesn't respond to TERM signals.
This is a problem (especially on MacOSX). Make
sure we use our bundled version instead.
2009-02-04 16:39:13 -06:00
Jacques Distler
4e14ccc74d Instiki 0.16.3: Rails 2.3.0
Instiki now runs on the Rails 2.3.0 Candidate Release.
Among other improvements, this means that it now 
automagically selects between WEBrick and Mongrel.

Just run

    ./instiki --daemon
2009-02-04 14:26:08 -06:00
Jacques Distler
43aadecc99 Links in Published Webs
Links in the 'show' action should be to the 'show' action.
Links in the 'published' action should be to the 'published' action.
Try to focus, Distler!
2009-02-01 16:17:14 -06:00
Jacques Distler
1cdf0536c1 Fix BlahTeX/PNG
The BlahTeX/PNG code was busted by Revision 344.
Fixed now.
Ari better supply me with a test suite, so this doesn't happen again.
2009-01-27 11:35:05 -06:00
Jacques Distler
b4b1dde8fd Update Tests
Functional Test for the new behaviour of Revisions 344-345.
2009-01-26 08:57:13 -06:00
Jacques Distler
34fd7b425f Webs that Don't Allow File Uploads
... should still allow you to manually upload files
and have them render.

Fixed.
2009-01-26 01:39:04 -06:00
Jacques Distler
5d15e3f39d Security: Instiki 0.16.2
On Webs with file uploads enabled, uploaded files were stored
(in version 0.16.1 and earlier) in the public/ directory.

This was a security threat. A miscreant could upload a .html file.
When a user clicked on the link to the file, it was opened (unsanitized)
in the browser.

As of version 0.16.2, uploaded files are stored in the webs/
directory. Now, when the user clicks on the link, the file is sent
with the

    Content-Disposition: attachment

header set, which causes the file to be downloaded, rather than opened
in the browser. As always, files downloaded from the internets should be
treated with caution. At least, this way, they are not aoutomatically 
opened in the browser.

To move your existing uploaded files to the new location, do a

     rake upgrade_instiki
2009-01-26 00:21:30 -06:00
Jacques Distler
b80995dbdc Equation Numbering in Maruku+itex2MML
This was spooged by Revision #263 (to accommodate) BlahTeX/PNG support.
Hopefully this way will work in both modes.
2009-01-24 11:40:53 -06:00
Jacques Distler
0b2a6935a2 Export XHTML Pages
When a Web uses one of the Markdown Text Filters, and you export
all the pages as a zip file, you'd like the MathML and SVG to
render when the pages are viewed locally. This means saving them
with a .xhtml extension. Users of non-XHTML-capable browsers or
Textile users should still get .html files.
2009-01-23 11:02:16 -06:00
Jacques Distler
13b7e1d766 A Real Fix For the "Backslashes in Included Equations" Bug
Ruby's String.sub!(pattern, replacement) routine is fundamentally
broken. But the block version works fine.

Using the broken routine in the Chunk handler was a subtle mistake.
2009-01-17 00:28:38 -06:00
Jacques Distler
294ac909c4 Don't hide equations, except in MarkdownMML and MarkdownPNG
In other engines, e.g. textile, the equation delimiters have no
special meaning. So they should not be used to hide content from
wiki processing.
2009-01-16 12:51:43 -06:00
Jacques Distler
a6d80426a9 Revert Revision 338
That didn't work with nested includes:
A: [[!include B]]
B: [[!include C]]
C:   fubar!

Added a test for that issue.
2009-01-15 22:42:09 -06:00
Jacques Distler
41006d20ef Fix the "Backslashes in Included Equations" Bug
See
  http://golem.ph.utexas.edu/instiki/revision/Known+Bugs?rev=3#IncludedEqs

Who knew that

      @pre_rendered = String.new(self)

was not the same as

      @pre_rendered = String.new
      @pre_rendered = self

?
2009-01-14 22:55:59 -06:00
Jacques Distler
074711d4c5 Hide Equations From WikiChunk Processing
WikiWord (and the like) could wreak havoc in equations. Protect them
(the way <a>, <pre> and <code> blocks are protected).

For some reason, this doesn't seem to work in inline equations.
Maruku is doing something funny there ... => one failing Unit Test.
2009-01-14 16:11:07 -06:00
Jacques Distler
4936bea13f Boneheaded
Remove some nonexistent callbacks, added in Revisions 265, 288.
2009-01-11 13:49:58 -06:00
Jacques Distler
b9f5c32755 Cache file_list Action
Also, slightly smarter cache expiry, upon uploading/deleting a file.
2009-01-10 22:33:30 -06:00
Jacques Distler
5c20871ec4 Remove last vestige of CGI.unescapeHTML 2009-01-10 02:00:26 -06:00
Jacques Distler
b6fbf039f4 Ack! Try that again. 2009-01-10 00:38:00 -06:00
Jacques Distler
82e7aa52c7 Referring Pages for File List
For the file_list  action, include the pages which link to the given file(s).
This required rejiggering so that that information is actually retained in the database.
Unfortunately, you'll actually need to revise the page(s) in question, because that's the
only time this information is updated in the database.
2009-01-10 00:18:25 -06:00
Jacques Distler
f456691609 Correct Type on file_list View 2009-01-08 20:44:22 -06:00
Jacques Distler
94476d9865 More Tests
Enable unit tests for the HTML5lib Sanitizer (used in the <nowiki>
environment).
2009-01-05 22:13:09 -06:00
Jacques Distler
52c1f74ecc Add a couple of XSS tests.
Some more tests from Clint Ruoho. The main branch of Instiki (and, I guess,
the old sanitizer) are vulnerable.

Also: under Ruby 1.8.x, CGI.unescapeHTML screws up horribly decoding NCRs
which represent high-bit ASCII characters. UTF-8 agrees with 7-bit ASCII,
but CGI.unescapeHTML doesn't seem to know that they disagree for i>127.
2009-01-05 16:25:27 -06:00
Jacques Distler
8832dd3438 Version 0.16.1
Make this version (minimally) usable with Textile Markup:

   For Webs with "Textile", "RDoc" or "Mixed" markup option selected,
   send text/html instead of application/xhtml+xml. This makes this
   software minimally usable with those markup dialects.

"Markdown+itex2MML", "Markdown+BlahTeX/PNG" and "Markdown" should work
as before, sending application/xhtml+xml to capable browsers.

Bump the version number.
2009-01-04 16:40:50 -06:00
Jacques Distler
bdcb506418 Two Bugs
1) Orphaned pages in a Category were not being listed correctly
2) "list" view was not being expired correctly on deletion of orphaned pages.
2009-01-01 02:38:12 -06:00
Jacques Distler
074599fc9b Tweak Spam Patterns 2008-12-31 13:04:15 -06:00
Jacques Distler
b74d298196 Manage Uploaded Files
Allow alternate sort-orders (by filename, by date).
Restrict to files in the given Web.
2008-12-31 11:30:33 -06:00
Jacques Distler
1d3f7007c6 Manage Uploaded Files
A less abstruse interface for deleting files (this time, many at-a-shot).
Available from the Edit Web page.
2008-12-31 03:54:23 -06:00
Jacques Distler
788d1eb075 Stylesheet Tweak
Make the "Delete File" link more visually distinct.
2008-12-30 10:20:43 -06:00
Jacques Distler
5700d4513f Preliminary (?) Interface for Deleting Uploaded Files.
The simplest thing which could possibly work ...
2008-12-30 03:03:02 -06:00
Jacques Distler
1b8bf36702 Also Expire Caches
Removing orphaned pages, or deleting a Web should also expire all associated
caches.
2008-12-29 10:17:35 -06:00
Jacques Distler
397859ba8a Clean Deletions
Deleting a page removes all revisions of that page.
Deleting a Web removes all pages (and all revisions thereof)
  and all wiki_files belonging to that Web.
2008-12-28 21:36:37 -06:00
Jacques Distler
c3c33b68dd Multiple leading capital letters in a WikiWord
CMyApp  is a WikiWord (at least, on other Wiki systems, like TWiki).
Should allow that here

Also, choose a more obscure name for the thread-local variable tracking
included chunks.
2008-12-25 17:41:35 -06:00
Jacques Distler
61c3fb1ab9 Bump Version Number
Version 0.16

Also, allow Includes of single-letter pages.
2008-12-24 13:11:53 -06:00
Jacques Distler
0f843bc537 Slicker
Clean up the recursive-include code a bit.
2008-12-24 11:09:05 -06:00
Jacques Distler
3a109d1c82 Thread Safety
Use "Thread.current[:included_by]" instead of  the Class variable,
"@@included_by".

The former will work on some newfangled multi-threaded Webserver stack,
which uses separate threads to handle multiple simlutaneous requests
(one request/thread). Dunno that the rest of the application is
thread-safe, but using a class variable, in this context, probably isn't.

Thanks to Sam Ruby for the suggestion.
2008-12-23 16:27:34 -06:00