Commit graph

224 commits

Author SHA1 Message Date
Jacques Distler 9f2cb8bbe5 Update LaTeX output for itex2MML 1.3.7 2009-03-07 20:49:14 -06:00
Jacques Distler 6c0decc4ea Railsisms
Use some ActiveRecord convenience methods.
2009-03-05 21:42:41 -06:00
Jacques Distler 13d096c688 Set X-Sendfile Header Only for Local Proxy Requests
If the request.remote_addr is not LOCALHOST, don't set the
X-Sendfile header.
2009-03-05 12:14:03 -06:00
Jacques Distler bd9fa0ed0c Bump Version Number
Update CHANGELOG and bump version number to 0.16.4.
2009-03-04 15:54:30 -06:00
Jacques Distler c7418af48d Support for HTML5 <audio>
As with <video>,

   [[foo.wav:audio]]

works now, producing an HTML5 <audio> element.
2009-03-03 12:17:14 -06:00
Jacques Distler 8ea8b6a8f7 <video> and x-sendfile
Using <object> and <embed> were forbidden for obvious
security reasons. Instiki now permits embedding video
via the HTML5 <video> element (Ogg/Theora encoded videos
only, with .ogg or .ogv extensions). You can even upload
videos with

    [[foo.ogg:video]]

Instiki now support x-sendfile. See the Proxying page for
configuring Apache (with the x-sendfile module). Lighttpd
should work similarly.

Update Rails to latest Edge (hopefully converging on RC2!).
2009-03-02 02:32:25 -06:00
Jacques Distler 7f2b16e78d File Upload Fixes
Dunno why this was buggered again. ":back" doesn't seem to function as it used to.
Also, when uploading a file from page "foo", it's important to return to "foo" after
a successful upload, rather than redirecting to the HomePage.

Finally, a favicon tweak.
2009-02-18 01:40:11 -06:00
Jacques Distler d7c445178b Favicon
Add a favicon for Instiki.
Also, add an id for the svg path (which makes it reusable).
2009-02-13 17:22:58 -06:00
Jacques Distler 8802d90690 XHTML Validity
Use a SPAN instead of a DIV in the logo. H1 allows only inline content.
2009-02-11 01:39:53 -06:00
Jacques Distler 53751a61f0 Fix Maruku Hanging Bug
A Maruku-syntax <div> with an unclosed IAL (and, it seems, at least one equation)
would cause Instiki to hang. Badly. Requiring a 'kill -9' to terminate it.
Reverting the OpenDiv and CloseDiv Regexps to my, more simple-minded, versions
fixes the problem.
2009-02-09 22:20:34 -06:00
Jacques Distler dcab2f870e Smoother
Adobe Illustrator's path optimizer produces much smoother
results than Sam's program (and it's WYSIWYG).
2009-02-08 19:36:44 -06:00
Jacques Distler 1ad8885974 Optimize SVG
Thanks to Sam Ruby, SVG logo is half the size it was before.
Also, use the "wrapper div" trick to make the logo work in
older browsers.
2009-02-08 10:27:08 -06:00
Jacques Distler 8a60e741d7 Only Display the Logo in XHTML-capable Text-Filters
Textile and RDoc users can't see the SVG anyway, so don't
bother rendering it.
2009-02-08 03:45:38 -06:00
Jacques Distler 6b49228aad Logo for Instiki
Added an SVG logo for Instiki.
2009-02-08 03:17:20 -06:00
Jacques Distler 4e14ccc74d Instiki 0.16.3: Rails 2.3.0
Instiki now runs on the Rails 2.3.0 Candidate Release.
Among other improvements, this means that it now 
automagically selects between WEBrick and Mongrel.

Just run

    ./instiki --daemon
2009-02-04 14:26:08 -06:00
Jacques Distler 1cdf0536c1 Fix BlahTeX/PNG
The BlahTeX/PNG code was busted by Revision 344.
Fixed now.
Ari better supply me with a test suite, so this doesn't happen again.
2009-01-27 11:35:05 -06:00
Jacques Distler 34fd7b425f Webs that Don't Allow File Uploads
... should still allow you to manually upload files
and have them render.

Fixed.
2009-01-26 01:39:04 -06:00
Jacques Distler 5d15e3f39d Security: Instiki 0.16.2
On Webs with file uploads enabled, uploaded files were stored
(in version 0.16.1 and earlier) in the public/ directory.

This was a security threat. A miscreant could upload a .html file.
When a user clicked on the link to the file, it was opened (unsanitized)
in the browser.

As of version 0.16.2, uploaded files are stored in the webs/
directory. Now, when the user clicks on the link, the file is sent
with the

    Content-Disposition: attachment

header set, which causes the file to be downloaded, rather than opened
in the browser. As always, files downloaded from the internets should be
treated with caution. At least, this way, they are not aoutomatically 
opened in the browser.

To move your existing uploaded files to the new location, do a

     rake upgrade_instiki
2009-01-26 00:21:30 -06:00
Jacques Distler 0b2a6935a2 Export XHTML Pages
When a Web uses one of the Markdown Text Filters, and you export
all the pages as a zip file, you'd like the MathML and SVG to
render when the pages are viewed locally. This means saving them
with a .xhtml extension. Users of non-XHTML-capable browsers or
Textile users should still get .html files.
2009-01-23 11:02:16 -06:00
Jacques Distler 4936bea13f Boneheaded
Remove some nonexistent callbacks, added in Revisions 265, 288.
2009-01-11 13:49:58 -06:00
Jacques Distler b9f5c32755 Cache file_list Action
Also, slightly smarter cache expiry, upon uploading/deleting a file.
2009-01-10 22:33:30 -06:00
Jacques Distler b6fbf039f4 Ack! Try that again. 2009-01-10 00:38:00 -06:00
Jacques Distler 82e7aa52c7 Referring Pages for File List
For the file_list  action, include the pages which link to the given file(s).
This required rejiggering so that that information is actually retained in the database.
Unfortunately, you'll actually need to revise the page(s) in question, because that's the
only time this information is updated in the database.
2009-01-10 00:18:25 -06:00
Jacques Distler f456691609 Correct Type on file_list View 2009-01-08 20:44:22 -06:00
Jacques Distler 8832dd3438 Version 0.16.1
Make this version (minimally) usable with Textile Markup:

   For Webs with "Textile", "RDoc" or "Mixed" markup option selected,
   send text/html instead of application/xhtml+xml. This makes this
   software minimally usable with those markup dialects.

"Markdown+itex2MML", "Markdown+BlahTeX/PNG" and "Markdown" should work
as before, sending application/xhtml+xml to capable browsers.

Bump the version number.
2009-01-04 16:40:50 -06:00
Jacques Distler bdcb506418 Two Bugs
1) Orphaned pages in a Category were not being listed correctly
2) "list" view was not being expired correctly on deletion of orphaned pages.
2009-01-01 02:38:12 -06:00
Jacques Distler b74d298196 Manage Uploaded Files
Allow alternate sort-orders (by filename, by date).
Restrict to files in the given Web.
2008-12-31 11:30:33 -06:00
Jacques Distler 1d3f7007c6 Manage Uploaded Files
A less abstruse interface for deleting files (this time, many at-a-shot).
Available from the Edit Web page.
2008-12-31 03:54:23 -06:00
Jacques Distler 5700d4513f Preliminary (?) Interface for Deleting Uploaded Files.
The simplest thing which could possibly work ...
2008-12-30 03:03:02 -06:00
Jacques Distler 1b8bf36702 Also Expire Caches
Removing orphaned pages, or deleting a Web should also expire all associated
caches.
2008-12-29 10:17:35 -06:00
Jacques Distler 397859ba8a Clean Deletions
Deleting a page removes all revisions of that page.
Deleting a Web removes all pages (and all revisions thereof)
  and all wiki_files belonging to that Web.
2008-12-28 21:36:37 -06:00
Jacques Distler 61c3fb1ab9 Bump Version Number
Version 0.16

Also, allow Includes of single-letter pages.
2008-12-24 13:11:53 -06:00
Jacques Distler 1192f70f44 @import In Published View
In the Stylesheet Tweaks, the owner of a Web can specify an @import rule
to pull in CSS styles form an external file. This worked in the "show"
view, but was broken in the "published" view.

Fixed.

Also, update a functional test to match Revision 313.
2008-12-22 12:19:18 -06:00
Jacques Distler 0c681c7775 Incorrect System Password on Create Web
Entering an incorrect password on the Create Web form should redirect
back to the form, with a flash error.

Fixed.
2008-12-21 15:41:35 -06:00
Jacques Distler 7828d79d35 Password Mismatch
When setting a password for a Web (on the "Edit Web" page),
ensure that the password matches. Previously, the "verify"
field was a placebo.
2008-12-20 17:54:54 -06:00
Jacques Distler 2ab04421a3 BlahTeX/PNG Support (from Ari Stern) 2008-12-17 23:42:28 -06:00
Jacques Distler 05b76f7625 Philip Taylor Freakout Edition
Doubtless, he would have been fleetingly ecstatic.
Alas, he a) probably doesn't subscribe to the bzr feed,
and b) is probably asleep at the moment.
2008-12-17 01:42:24 -06:00
Jacques Distler 23e28f3702 Exports are expensive
Dnsbl filter them as well.
2008-12-17 00:26:52 -06:00
Jacques Distler a503e2b8ac Gentler
Be a little gentler in recovering from Instiki::ValidationErrors, when saving a page.
Previously, we threw away all the user's changes upon the redirect. Now we attempt
to salvage what he wrote.
2008-12-17 00:07:21 -06:00
Jacques Distler 5d2b0da4d5 Faster
Update dnsbl_check plugin to latest version.
Update Maruku to latest version.
In the wiki_controller, only apply the dnsbl_check before_filter 
  to the :edit, :new, and :save actions, instead of all actions.
  This makes mundane "show" requests faster, but does not 
  compromise spam-fighting ability.
2008-12-16 00:40:30 -06:00
Jacques Distler 9237858256 Tweak Diff View of HomePage 2008-12-15 16:31:39 -06:00
Jacques Distler 14561d998d A little whitespace cleanup in Views 2008-12-15 13:19:22 -06:00
Jacques Distler 3bef45277f Small Refactoring
Streamline check that non-idempotent actions are submitted via POST.
2008-12-14 23:29:40 -06:00
Jacques Distler 8f8c07505c Expire Pages that Include a Modified Page
Modifying a page should expire all pages that include it.
2008-12-09 03:33:53 -06:00
Jacques Distler 6e2d11e00d Don't Cache Pages With Flash Messages on Them
This was a long-standing annoyance. Fortunately, Rails 2.1 and later offers
a way to avoid it.
2008-12-09 02:20:59 -06:00
Jacques Distler 34fcd7943a Some Tests
Some functional tests for 'delete orphaned pages by category'.
2008-12-07 00:24:25 -06:00
Jacques Distler 3a78ef3dbf Delete Orphan Pages in Category
If a Web has categories defined, you can delete orphaned pages in a given category
(in addition to being able to delete all orphaned pages).
2008-12-06 16:11:47 -06:00
Jacques Distler 61799bc63f Delete_Web
Add a user interface to delete a Web.
2008-12-06 06:06:46 -06:00
Jacques Distler 810d65c05f Fix Link (from Jason Blevins) 2008-12-03 16:25:06 -06:00
Jacques Distler 2a8fdbe88a Ack! Do that right. 2008-12-02 11:26:25 -06:00
Jacques Distler 17915a7f76 Fix Web_list 2008-12-02 11:12:15 -06:00
Jacques Distler 03e459de43 Feeds Page on Published Web
Readers of Published Webs were allowed to subscribe to the Atom feeds.
Now let them actually access the 'feeds' page, from which they may do so.
2008-12-02 01:18:00 -06:00
Jacques Distler 5d47fdff8b Make Interweb Links Work Right
Links to a published web should be to the 'publish' action, not to the
'show' action. Previously, the published status of the source, not the target
was used.

Also, correct display of the Navigation Links for the 'published' action.
2008-12-01 22:58:09 -06:00
Jacques Distler 8da6c70275 Fix Deprecation Warning
One more Rails 2.2.2 Deprecation warning.
2008-11-25 08:17:52 -06:00
Jacques Distler 2e81ca2d30 Rails 2.2.2
Updated to Rails 2.2.2.
Added a couple more Ruby 1.9 fixes, but that's pretty much at a standstill,
until one gets Maruku and HTML5lib working right under Ruby 1.9.
2008-11-24 15:53:39 -06:00
Jacques Distler 3efc067f06 Redirect_to_url Deperecated
Silently dropped, more precisely, from Rails 2.2. Just use redirect_to instead.
2008-11-06 22:57:53 -06:00
Jacques Distler daa12e575d Mo Better Exception Handling
A little more cleanup of Instiki's exception handling.
Add some tests.
2008-11-06 10:38:25 -06:00
Jacques Distler bceb1864df Fixes
Fix Session CookieOverflow bug when rescuing an InstikiValidation error.
Fix some random things which will cause problems with Ruby 1.9. (Plenty
more where those came from.)
2008-11-05 22:24:14 -06:00
Jacques Distler dfb0f5f347 Cheat Sheet
Add a link to info about the Theorem Environment to the cheat sheet.
2008-10-27 07:55:34 -05:00
Jacques Distler 7600aef48b Upgrade to Rails 2.2.0
As a side benefit, fix an (non-user-visible) bug in display_s5().
Also fixed a bug where removing orphaned pages did not expire cached summary pages.
2008-10-27 01:47:01 -05:00
Jacques Distler 2fb41f12ce Automatic Theorem Numbering
Can now refer to numbered theorems by \ref{...}, as in LaTeX
2008-10-20 00:24:22 -05:00
Jacques Distler 34082fbf94 Theorem Environments
Implement amsthm-like Theorem environments with Maruku.
Support is based on Maruku "div"s with special class-names.
Classes
    num_*
produce numbered environments, and

    un_*

produce un-numbered environments, where * is one of

   theorem     (for Theorem)
   lemma       (for Lemma)
   prop        (for Proposition)
   cor         (for Corollary)
   def         (for Definition)
   example     (for Example)
   remark      (for Remark)
   note        (for Note)

In addition, the class

   proof

produces a Proof environment.

The LaTeX export works as expected, and these also work in the S5 view.

Bumped version number.
2008-10-17 16:26:17 -05:00
Jacques Distler d2c4c8737c Match itex2MML 1.3.6
Add support for \sslash macro.
2008-09-05 16:45:07 -05:00
Jacques Distler e43c9429c0 Two Bugfixes
Make session secret persist across restarts. (Been meaning to do this for
a while: no more "stale cookie" warnings fter restarting the server.

Avoid cookie overflow in session store.
2008-09-01 15:35:34 -05:00
Jacques Distler 863d60c578 Fix IE7+MathPlayer Bug
IE7+MathPlayer do *not* like the charset parameter to be set in the
Content-Type header. Forcing Rails to omit that parameter is surprisingly
difficult.
2008-08-20 00:22:12 -05:00
Jacques Distler c427807274 Blahtex
Sync with latest Maruku.
Pave the way for Blahtex (PNG-based math) support (from Ari Stern).
   (no visible functionality, yet, but that will come)
2008-07-26 04:14:41 -05:00
Jacques Distler fd554cce90 Recently_revised and List views fixed
The upgrade to Rails 2.1 RC1 busted the /list/ and /rencently_revised/ views.
These are now fixed.
2008-05-23 11:04:00 -05:00
Jacques Distler 800880f382 Rough In New Sanitizer
Start work (which may not pan out) on a new sanitizer. Right now, it passes
all but 1 of the HTML5lib Sanitizer's unit tests. But it doesn't do much
of anything to ensure well-formedness. This is not an issue for Maruku-processed
content, but it is a concern for <nowiki> blocks.

(One solution would be to use the HTML5lib parser on <nowiki> blocks.)

In any case, this baby is 3 times as fast as the HTML5lib sanitizer.
2008-05-20 17:02:10 -05:00
Jacques Distler 5292899c9a Rails 2.1 RC1
Updated Instiki to Rails 2.1 RC1 (aka 2.0.991).
2008-05-17 23:22:34 -05:00
Jacques Distler 41346bf8bd Efficiency: Entity handling
Previously, used a regexp to find and convert named entities in the content.
Now use a more efficient algorithm.
Similar tweak for converting NCRs before checking whether text is valid utf-8.
2008-05-17 01:43:11 -05:00
Jacques Distler 6d46e16ee1 Release 0.14pre(MML+)
Rev Version Number.
2008-03-17 11:37:22 -05:00
Jacques Distler 35257b5fae IPv6-compatible fix for latest Philip Taylor Phun
This is better than Revision 228.
2008-03-14 17:25:02 -05:00
Jacques Distler d46798dd08 Security: Sanitize Remote IP address
Dunno quite how, but evidently, request.ip is manipulable. Make sure it consists of a dotted-quad.
Also, correct a typo from the previous revision.
2008-03-14 10:50:06 -05:00
Jacques Distler 827fb77ad3 Missed One
One more place where @page.name appears.
2008-03-14 00:18:11 -05:00
Jacques Distler 609c5541b9 Yet More Philip Taylor Phun
Escape page names.

Grrr.
2008-03-13 23:02:12 -05:00
Jacques Distler f739077976 Yet more well-formedness Phun
Error messages need to be escaped.
2008-03-13 18:06:16 -05:00
Jacques Distler 435bbfcd36 Further Tweaks
Follow up on revisions 221,222.
2008-02-29 09:46:21 -06:00
Jacques Distler ad620f63d3 Web Style Tweaks are CDATA
Make sure they're properly escaped.
2008-02-29 02:40:22 -06:00
Jacques Distler 9b7b6fb805 Latest Maruku and Tweak for itex2MML 1.3.4
Instiki's LaTeX output also supports \Perp.
2008-02-29 01:30:46 -06:00
Jacques Distler 9a633c0792 Another small tweak to atom template 2008-01-28 01:25:33 -06:00
Jacques Distler d0f7db4247 Fix atom:updated Times
Use page.revised_at instead of page.updated_at.
Thanks to Jason Blevins for pointing out the problem.
2008-01-28 01:13:28 -06:00
Jacques Distler 5a0a6b2ca1 More Philip Taylor Phun
More checks that page_names are valid utf_8.
2008-01-22 20:22:59 -06:00
Jacques Distler 51474e06c8 Styling Hook
Add a distinct class-name for the footer in the page view.
2008-01-19 15:06:17 -06:00
Jacques Distler 72b4f97382 Garbage Collection of :form_keys
In each session, keep only the 30 most recent :form_keys generated by form_spam_protection.
This should be more than enough for ordinary usage, but prevents the session data from
becoming inordinately large.

Also, burnt-orange rulz!
2008-01-17 03:20:19 -06:00
Jacques Distler ebc409e1a0 Ensure the_content REALLY is utf-8
Our check that the the_content was valid utf-8 was rather busted.
This one works right. In particular, we needed to expand NCRs before checking.
2008-01-03 15:27:03 -06:00
Jacques Distler 14e3728183 A Tweak to the Error-Page Layout 2007-12-30 20:34:08 -06:00
Jacques Distler 0c16ab4e6f Better Error for Stale Session
Rather than giving a generic 500 error, tell the user to reload the page.
2007-12-30 10:41:19 -06:00
Jacques Distler a2c7705de5 More of the Same. 2007-12-30 03:58:57 -06:00
Jacques Distler df28bd545a Well-Formed Error Pages
Apparently, my fans think returning raw text error messages are a bad thing.
Well-formed XHTML for them, I guess ...
2007-12-30 03:28:33 -06:00
Jacques Distler 6873fc8026 Upgrade to Rails 2.0.2
Upgraded to Rails 2.0.2, except that we maintain

   vendor/rails/actionpack/lib/action_controller/routing.rb

from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.

Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jacques Distler 18da1a1d71 Accommodate \nequiv in LaTeX output 2007-11-02 10:15:17 -05:00
Jacques Distler a92b593949 SVG in Equations
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler 207fb1f7f2 New Version
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jacques Distler 0eb1ab56b0 More LaTeX Macros
Put in dummy macros for \statusline and \toggle.
Added colour definitions for HTML named colours.

Remaining  unimplemented:

   \color{#HHH} and \color{#HHHHHH}
   \bgcolor
   \array
   \righttoleftarrow
   \lefttorightarrow
2007-10-11 11:30:17 -05:00
Jacques Distler 0eb723e125 Accessibility: Use Uploaded File Descriptions
The file upload dialog asks for a description of the image or file to be uploaded. Use this as the default alt-text for the image and as a title attribute for a file link.
2007-10-09 02:51:38 -05:00
Jacques Distler 179a0a9cb2 Might as well
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler 2484542f12 Security: HTTP GET Bypassed Spam Protection
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.

Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler f0090cf4ab Whoops!
Committed the wrong version of tex.rhtml. This is the right one.
2007-10-04 15:46:20 -05:00
Jacques Distler 4be4125861 Remaining LaTeX macros
Added the remaining LaTeX macros from our list.
What remains is to decide on how to resolve the conflicting definitions of

   \binom{}{}

and to supply suitable characters for

   \righttoleftarrow
   \lefttorightarrow

The plain TeX syntax {A \over B} is unsupported (passed through verbatim, and will cause a LaTeX error).
2007-10-04 13:43:57 -05:00
Jason Blevins bcfa5b1f31 First commit of new Latex macros. 2007-10-04 09:55:11 -04:00