Commit graph

283 commits

Author SHA1 Message Date
Jacques Distler 503f956084 Fix Two XSS Vulnerabilities
Unescaped  page names (in 'edit' an 'new' views).
Unsanitized HTTP_CLIENT_IP header.
2008-03-14 23:22:46 +00:00
Jacques Distler ab63a21ccd Fix Rails 1.2.5 deprecation warnings. 2007-10-15 19:12:36 +00:00
Matthias Tarasiewicz 5e095d59cb finally removed pdf and latex export which caused the export button to fail with mongrel. PDF export will be added later on without pdflatex. 2007-10-14 14:11:37 +00:00
Jacques Distler ab7f429a10 Security: Enforce POSTs
Spammers can bypass form_spam_protect plugin by using GET instead of POST.

Fix this, by ensuring that unsafe operations are POSTs, rather than GETs.
2007-10-07 17:59:20 +00:00
Jacques Distler 10b0561aca Category lists and WikiReferences restrict to current Web.
Fix one sanitization test.
2007-09-28 03:57:52 +00:00
Matt MacGillivray 36b86a9d41 Removed deprecation errors for rails 1.2.3. Corrected test case failures as a result of updated features and functionality 2007-05-07 22:46:00 +00:00
Michal Wlodkowski 8fb8517156 css updates 2007-02-27 21:56:13 +00:00
Matthias Tarasiewicz 113223f364 - AntiSPAM: included form-spam-protection rails plugin (Hivelogic Enkoder)
- update: updated scripts and javascripts to rails 1.2.1
2007-02-13 13:24:03 +00:00
Matthias Tarasiewicz ad22579668 cookie fix: being logged in on more Webs at once works now [Jaques Distler] 2007-02-10 09:47:36 +00:00
Matthias Tarasiewicz 49032a99c6 svn:external rails updated to 1.2.2
fixed ticket #372 typo in db-query
sqlite3-ruby updated to 1.2.1
2007-02-08 22:01:36 +00:00
Matthias Tarasiewicz 1877f66f17 big update to the web_list - statistics: last update, last document, created or revised; plus css updates to make small fonts look better in firefox 2007-01-18 17:57:16 +00:00
Matthias Tarasiewicz 2e558d5222 fixed the correct display of authors per web. added singular/plural for authors and pages. css optimizations 2007-01-18 13:33:52 +00:00
Matthias Tarasiewicz 95d794cfcb fixes Ticket #259 html_options minor fix 2007-01-17 21:28:20 +00:00
Matthias Tarasiewicz 1005d92bd1 web list does not show a link to a published version if it has none [Jesse Newland]
visual display if webs are pass-protected (div background)
2007-01-16 07:23:53 +00:00
Matthias Tarasiewicz 8bfe83fa20 fix PDF output not to contain garbage chars [Jesse Newland] 2007-01-16 07:21:16 +00:00
Matthias Tarasiewicz bdf5ab51ef ANTISPAM: included dnsbl_check - DNS Blackhole Lists check [thanks to joost from http://www.spacebabies.nl ] 2007-01-16 07:16:56 +00:00
Alexey Verkhovsky 8323b12795 get_page_and_revision handles the case of no rev parameter explicitly, rather than by chance 2006-09-19 19:13:02 +00:00
Alexey Verkhovsky 839dc364dd fixes #280 2006-09-07 03:11:53 +00:00
Alexey Verkhovsky 1454fbf14a expire page cache for diff 2006-09-07 02:56:55 +00:00
Alexey Verkhovsky 709d28dc4b /wiki/published renders a home page 2006-05-04 04:45:05 +00:00
Alexey Verkhovsky cbca2ba318 Fixed a silly bug 2006-05-04 04:31:55 +00:00
Alexey Verkhovsky 98b2efdb5b Blow away page caches when web settings are changed 2006-04-02 06:17:05 +00:00
Alexey Verkhovsky 56dc390ddb Improved cache sweeping for All Pages and Recently Revised (categories stuff again) 2006-04-02 05:47:41 +00:00
Alexey Verkhovsky dd6572ac85 CSS tweaks around page editing 2006-04-02 03:32:39 +00:00
Alexey Verkhovsky 5f3cf38851 Fixed connect_to_model filter extension in wiki_controller (using inheritance here was daft); accelerated tests somewhat 2006-03-24 07:53:20 +00:00
Alexey Verkhovsky 64313ca208 Fixing FileController#import; sort of works, but fails on some interesting tests 2006-03-23 07:14:51 +00:00
Alexey Verkhovsky cb869abf0d accept--charset attribute added to all forms 2006-03-23 04:51:13 +00:00
Alexey Verkhovsky d051b174f8 Quick amd dirty spam filtering. We'll build something better in due time. 2006-03-20 01:36:45 +00:00
Alexey Verkhovsky d6fedc7f84 Converting linefeeds to Unix-style 2006-03-19 21:49:53 +00:00
Alexey Verkhovsky 6f0434bf83 All tests pass, including Watir suite 2006-03-19 07:54:54 +00:00
Alexey Verkhovsky ad4c289ec5 Added disposition to HTTP headers for sending files 2006-03-12 04:53:39 +00:00
Alexey Verkhovsky e44d16aef9 Fixed rendering of Recently Revised 2006-03-11 22:59:55 +00:00
Alexey Verkhovsky f8b3e2b11d See Changes as a separate page (still implemented within show and revision actions) 2006-03-11 22:10:32 +00:00
Alexey Verkhovsky c435bf2f2b [FIXES BVILD] Further improvement to diff.rb (I hope not to touch this beast again any time soon); See Changes ripped out from WikiController#show, will become a separate action 2006-03-11 21:27:49 +00:00
Alexey Verkhovsky 3285737917 Fixed an NPE in ApplicationController#authorized? 2006-01-23 06:56:30 +00:00
Alexey Verkhovsky ba9232bbde Admin settings are correctly displayed on edit_web form (closes #256) 2006-01-22 23:27:57 +00:00
Alexey Verkhovsky 90fc099a78 Changes in RHTML templates to go wioth the earlier commit 2005-11-14 14:02:36 +00:00
Alexey Verkhovsky a2cb920489 Fixed All Pages with a category 2005-11-14 11:07:14 +00:00
Alexey Verkhovsky 614a48c6ff Exclude links to files and pages from All Pages (so that they don't show up in Wanted Pages etc). 2005-11-14 11:00:46 +00:00
Alexey Verkhovsky 0b1a80a852 [BUILD STILL BROKEN] File uploads roughly speaking work (to about same extent as in 0.10) 2005-11-14 08:38:37 +00:00
Alexey Verkhovsky ac72f9b807 Small correction to the last commit 2005-11-13 17:48:54 +00:00
Alexey Verkhovsky 1f07ec78de Put cursor in the text area when opening wiki/edit 2005-11-13 17:48:21 +00:00
Alexey Verkhovsky 07b7d9210a Added a button to the login view (apparently needed by people on obscure PDA browsers) 2005-11-13 17:38:43 +00:00
Alexey Verkhovsky 8bdee631f6 [BREAKS BUILD] Some work on File uploads, half-done, committing as a backup 2005-11-13 13:37:47 +00:00
Alexey Verkhovsky c7295287a4 Extract the inbound links list from page.rhtml and revision.rhtml into a partial 2005-11-04 06:19:10 +00:00
Alexey Verkhovsky dea8d70c48 Improved behavior of JavaScript in the author field [from I2 patch by court3nay] 2005-11-04 05:23:34 +00:00
Alexey Verkhovsky 35b77f6440 A bit of spit and polish 2005-11-02 09:04:53 +00:00
Alexey Verkhovsky 7f8d3adfb5 Copied over 0.14.2 ./public contents 2005-11-02 07:34:11 +00:00
Alexey Verkhovsky 3703c1e1b3 Upgrade to Rails 0.14.2; fixed a failing functional test 2005-11-02 04:55:06 +00:00
Alexey Verkhovsky d3b25c8a19 Added meta robots tag to the default layout; added error handling to published pages 2005-11-01 07:31:44 +00:00