Jacques Distler
|
503f956084
|
Fix Two XSS Vulnerabilities
Unescaped page names (in 'edit' an 'new' views).
Unsanitized HTTP_CLIENT_IP header.
|
2008-03-14 23:22:46 +00:00 |
|
Jacques Distler
|
ab63a21ccd
|
Fix Rails 1.2.5 deprecation warnings.
|
2007-10-15 19:12:36 +00:00 |
|
Matthias Tarasiewicz
|
2c8a3ec4d7
|
added instiki.bat for older windows versions
|
2007-10-15 07:08:45 +00:00 |
|
Matthias Tarasiewicz
|
7298fe97d2
|
updated trunk to rails 1.2.5
|
2007-10-15 07:05:58 +00:00 |
|
Matthias Tarasiewicz
|
69b9c77482
|
documentation updates
|
2007-10-15 06:45:51 +00:00 |
|
Matthias Tarasiewicz
|
5e095d59cb
|
finally removed pdf and latex export which caused the export button to fail with mongrel. PDF export will be added later on without pdflatex.
|
2007-10-14 14:11:37 +00:00 |
|
Matthias Tarasiewicz
|
806a1fc682
|
added /tmp folder plus structure to make instiki work with mongrel_cluster
|
2007-10-09 15:13:22 +00:00 |
|
Jacques Distler
|
5cbdccec2a
|
MIME-Types for WEBrick
|
2007-10-08 04:16:31 +00:00 |
|
Jacques Distler
|
ab7f429a10
|
Security: Enforce POSTs
Spammers can bypass form_spam_protect plugin by using GET instead of POST.
Fix this, by ensuring that unsafe operations are POSTs, rather than GETs.
|
2007-10-07 17:59:20 +00:00 |
|
Matthias Tarasiewicz
|
4199843e08
|
changing back some 'require_dependency' to 'require' since it is not needed for all (info from jacques distler)
|
2007-09-28 08:40:24 +00:00 |
|
Jacques Distler
|
10b0561aca
|
Category lists and WikiReferences restrict to current Web.
Fix one sanitization test.
|
2007-09-28 03:57:52 +00:00 |
|
Matthias Tarasiewicz
|
2cd2b2746e
|
change of 'require_dependencies' to 'require' which should fix the 'superclass mismatch error' that occurred.
|
2007-09-27 06:09:58 +00:00 |
|
Jacques Distler
|
a3d3f1c536
|
Fix XSS vulnerabilities in chunk-handling
|
2007-09-23 19:30:39 +00:00 |
|
Matt MacGillivray
|
36b86a9d41
|
Removed deprecation errors for rails 1.2.3. Corrected test case failures as a result of updated features and functionality
|
2007-05-07 22:46:00 +00:00 |
|
Matthias Tarasiewicz
|
322a09274f
|
in response to #406 - commented out parts in the css that would render the admin part ununsable. still needs research.
|
2007-04-08 20:12:23 +00:00 |
|
Matthias Tarasiewicz
|
40a71e80d9
|
fixes #439 by patch from alex eagle
|
2007-04-08 19:37:47 +00:00 |
|
Matthias Tarasiewicz
|
ca9e155c17
|
reverted redcloth to 3.0.3 (fixes formatting bugs)
upgraded integrated rails to 1.2.3
|
2007-03-18 10:20:35 +00:00 |
|
Michal Wlodkowski
|
8fb8517156
|
css updates
|
2007-02-27 21:56:13 +00:00 |
|
Jacques Distler
|
552cf4cff0
|
XSS Security fixes
|
2007-02-25 15:13:50 +00:00 |
|
Matthias Tarasiewicz
|
c9a9b7d315
|
adding the form_spam_protection plugin that was missing from the last commit
|
2007-02-13 13:27:54 +00:00 |
|
Matthias Tarasiewicz
|
113223f364
|
- AntiSPAM: included form-spam-protection rails plugin (Hivelogic Enkoder)
- update: updated scripts and javascripts to rails 1.2.1
|
2007-02-13 13:24:03 +00:00 |
|
Matthias Tarasiewicz
|
ad22579668
|
cookie fix: being logged in on more Webs at once works now [Jaques Distler]
|
2007-02-10 09:47:36 +00:00 |
|
Matthias Tarasiewicz
|
49032a99c6
|
svn:external rails updated to 1.2.2
fixed ticket #372 typo in db-query
sqlite3-ruby updated to 1.2.1
|
2007-02-08 22:01:36 +00:00 |
|
Matthias Tarasiewicz
|
7378ce9610
|
reverted to rails 1.1.6 since there were problems reported
|
2007-01-18 19:31:07 +00:00 |
|
Matthias Tarasiewicz
|
1877f66f17
|
big update to the web_list - statistics: last update, last document, created or revised; plus css updates to make small fonts look better in firefox
|
2007-01-18 17:57:16 +00:00 |
|
Matthias Tarasiewicz
|
2e558d5222
|
fixed the correct display of authors per web. added singular/plural for authors and pages. css optimizations
|
2007-01-18 13:33:52 +00:00 |
|
Matthias Tarasiewicz
|
4eefc3c979
|
updated to rails 1.2 stable
|
2007-01-18 08:42:39 +00:00 |
|
Matthias Tarasiewicz
|
95d794cfcb
|
fixes Ticket #259 html_options minor fix
|
2007-01-17 21:28:20 +00:00 |
|
Matthias Tarasiewicz
|
85a568fe79
|
added back jcode
|
2007-01-17 21:00:17 +00:00 |
|
Matthias Tarasiewicz
|
4f312bc336
|
removed jcode unicode reference, since this is included in rails 1.2
|
2007-01-17 20:53:46 +00:00 |
|
Matthias Tarasiewicz
|
692a1beffe
|
updated rubyzip from 0.5.8 to 0.9.1 and moved plugin into the right folder
|
2007-01-17 12:47:46 +00:00 |
|
Matthias Tarasiewicz
|
78ebbed446
|
updating environment.rb to reflect sqlite3-ruby move
|
2007-01-17 12:26:46 +00:00 |
|
Matthias Tarasiewicz
|
80028814a6
|
moved sqlite3-ruby in the right directory (preparing for proper rails 1.2 directory structure)
|
2007-01-17 12:25:48 +00:00 |
|
Matthias Tarasiewicz
|
1596d84333
|
updated recloth to 3.0.4
|
2007-01-17 12:08:16 +00:00 |
|
Matthias Tarasiewicz
|
69945c9d9d
|
updated svn:external rails to 1.2rc1 to implement changes like unicode and other rails 1.2 features
|
2007-01-17 11:37:02 +00:00 |
|
Matthias Tarasiewicz
|
c39ca54b8c
|
config_load path for dnsbl_check
|
2007-01-16 07:28:48 +00:00 |
|
Matthias Tarasiewicz
|
1005d92bd1
|
web list does not show a link to a published version if it has none [Jesse Newland]
visual display if webs are pass-protected (div background)
|
2007-01-16 07:23:53 +00:00 |
|
Matthias Tarasiewicz
|
8bfe83fa20
|
fix PDF output not to contain garbage chars [Jesse Newland]
|
2007-01-16 07:21:16 +00:00 |
|
Matthias Tarasiewicz
|
bdf5ab51ef
|
ANTISPAM: included dnsbl_check - DNS Blackhole Lists check [thanks to joost from http://www.spacebabies.nl ]
|
2007-01-16 07:16:56 +00:00 |
|
Matthias Tarasiewicz
|
d7508a34ab
|
updated packaged sqlite3-ruby to 1.2.0
|
2007-01-16 07:13:14 +00:00 |
|
Matthias Tarasiewicz
|
4481c8bdf6
|
ANTISPAM: added spam_patterns from the main instiki site wikispam
|
2007-01-16 07:07:31 +00:00 |
|
Matthias Tarasiewicz
|
9aaf45a810
|
added support for delete_web
|
2007-01-16 07:05:04 +00:00 |
|
Matthias Tarasiewicz
|
26024acddc
|
added Rails 1.2 compatibility information, after checking
|
2007-01-14 06:11:14 +00:00 |
|
Alexey Verkhovsky
|
8323b12795
|
get_page_and_revision handles the case of no rev parameter explicitly, rather than by chance
|
2006-09-19 19:13:02 +00:00 |
|
Alexey Verkhovsky
|
453968a08b
|
made gray a lighter shade
|
2006-09-14 16:49:15 +00:00 |
|
Alexey Verkhovsky
|
84a8f66505
|
documented the last change
|
2006-09-07 04:10:01 +00:00 |
|
Alexey Verkhovsky
|
4b29a843e5
|
Fixes #248
|
2006-09-07 04:07:51 +00:00 |
|
Alexey Verkhovsky
|
839dc364dd
|
fixes #280
|
2006-09-07 03:11:53 +00:00 |
|
Alexey Verkhovsky
|
8f48a19827
|
documented the last change
|
2006-09-07 03:04:34 +00:00 |
|
Alexey Verkhovsky
|
1454fbf14a
|
expire page cache for diff
|
2006-09-07 02:56:55 +00:00 |
|