Commit graph

1291 commits

Author SHA1 Message Date
Jason R. Blevins 12743280fb All WikiReference methods now limit results to the current web.
Category lists are now restricted to the current web.
2007-03-10 16:09:20 -05:00
Jacques Distler 626c135d1e Security: ensure file upload directory is not world-writable.
(There still seem to be bugs in the file upload function.)
2007-03-10 11:26:30 -06:00
Jacques Distler 46a456b3ad Security: ensure that the file system cache is not world-writable 2007-03-10 11:05:52 -06:00
Jacques Distler 4ae46b32d8 Sync with latest maruku. 2007-03-10 02:06:54 -06:00
Jacques Distler 144540a761 Fixed caching bug with category 'list' and 'recently_revised' views.
Re-enabled filesystem caching.
2007-03-10 00:18:18 -06:00
Jacques Distler edf335060a Fix new.rhtml 2007-03-09 08:28:19 -06:00
Jacques Distler db76c79cfb Whoops! harmless typo. 2007-03-09 08:04:24 -06:00
Jacques Distler 46e78c2317 Sync with latest Instiki trunk (to the extent that the bizarre stuff being committed there makes any sense). 2007-03-08 22:35:49 -06:00
Jacques Distler a656772622 Deal with clients that don't send an HTTP_ACCEPT header.
Cache S5, TeX and Print views.
Temporary hack: don't cache list and recently_revised pages.
2007-03-08 21:57:21 -06:00
Jacques Distler d74116dc67 Ensure that input is bona fide utf-8. 2007-03-07 21:06:39 -06:00
Jacques Distler 8300133c8d Sync with latest Maruku. 2007-03-07 12:49:06 -06:00
Jacques Distler 7b1c7c0da6 S5 CSS tweak: .incremental code. 2007-03-06 00:30:12 -06:00
Jacques Distler 7cfa9bf1ba Page footer now includes link to my branch of Instiki. 2007-03-05 09:32:53 -06:00
Jacques Distler cf525b8bb9 Zap gremlins in author names. 2007-03-04 22:56:52 -06:00
Jacques Distler 541ef91df4 Update to latest Maruku. Fixes alt text bug. 2007-03-04 15:32:21 -06:00
Jacques Distler 632a9d90fc Another S5 stylesheet tweak. 2007-03-04 14:06:53 -06:00
Jacques Distler aed5c10c70 More S5 tweaks: incremental builds for definition-lists and some CSS tweaks. 2007-03-04 02:01:36 -06:00
Jacques Distler 6f81cb1207 Fix well-formedness issue in rollback.rhtml and validity in that and edit.rhtml. 2007-03-02 18:46:40 -06:00
Jacques Distler 43dbd8712e Another tweak to Maruku's S5 output (IE compatibility). 2007-03-02 08:26:37 -06:00
Jacques Distler 5a352d0f5e Sync with latest Maruku. 2007-03-01 22:46:49 -06:00
Jacques Distler 6ee59e7e49 More S5 tweaks. 2007-03-01 15:15:41 -06:00
Jacques Distler e93cedb155 Fixed S5 page numbering. 2007-03-01 11:15:45 -06:00
Jacques Distler 6a7645c45c Fixed inline SVG in S5.
More S5 Stylesheet tweaks.
2007-03-01 10:50:06 -06:00
Jacques Distler 41ff4724b8 Converging on S5 support. 2007-03-01 03:05:35 -06:00
Jacques Distler 02c6ed2fa0 More progress on S5.
Forgot to add gremlin zapping in app/views/wiki/edit.rhtml.
2007-02-28 18:38:52 -06:00
Jacques Distler 8359047fd5 Start on adding S5 support to Instiki. 2007-02-28 13:31:34 -06:00
Jason R. Blevins b65a5b8e30 Bug fix. Previously, all categories were visible from all webs. Now category lists are restricted to the current web. 2007-02-27 22:27:20 -05:00
Michal Wlodkowski 8fb8517156 css updates 2007-02-27 21:56:13 +00:00
Jacques Distler 552cf4cff0 XSS Security fixes 2007-02-25 15:13:50 +00:00
Jacques Distler f208d50032 Bah! 2007-02-24 23:07:25 -06:00
Jacques Distler 507a17aade More lenient URI scheme matching in sanitize. 2007-02-24 22:47:31 -06:00
Jacques Distler f9dcfa5af0 Make list of attributes whose values are scanned for acceptable URI schemes customizable. 2007-02-24 11:55:40 -06:00
Jacques Distler 59c64439d8 More unit tests. 2007-02-24 00:41:35 -06:00
Jacques Distler fff30ec27f Whoops! Forgot a test. 2007-02-23 15:09:12 -06:00
Jacques Distler d8e06f6db9 Sanitize URI schemes. 2007-02-23 13:34:58 -06:00
Jacques Distler 4c903d6a77 Renamed sanitize unit test file. 2007-02-23 11:57:39 -06:00
Jacques Distler e179508377 Sanitization now preserves case-sensitive element and attribute names (necessary to support SVG).
Unit tests, galore.
2007-02-23 11:32:06 -06:00
Jacques Distler 2fa1e08c96 Tweak dependencies of sanitize.rb 2007-02-22 01:16:18 -06:00
Jacques Distler bacae2c468 Finally! XSS-protection, done right.
If you want something done right, ...
2007-02-22 01:06:53 -06:00
Jacques Distler 0aafedb2df More XSS fixes.
Started fixing file uploads.
2007-02-21 12:10:47 -06:00
Jacques Distler 59adca44cc Make error documents XHTML. 2007-02-20 17:42:56 -06:00
Jacques Distler d1923e6387 Sync with latest Maruku. 2007-02-20 10:04:51 -06:00
Jacques Distler 88c6f27e14 Bah! *Someone* will care about those other Text-filters. 2007-02-20 08:18:48 -06:00
Jacques Distler e727507ac8 Zap gremlins.
Close cross-site scripting hole.
2007-02-19 23:15:39 -06:00
Jacques Distler d04ed8001b Some more appearance tweaks. 2007-02-19 17:35:32 -06:00
Jacques Distler e3fafb6e6d Version strings. 2007-02-19 10:01:16 -06:00
Jacques Distler 09e8b609b6 Yuck. Yet more XHTML validity fixes. 2007-02-18 23:14:55 -06:00
Jacques Distler 21a403b04f More XHTML validity and CSS cleanup. 2007-02-18 17:27:36 -06:00
Jacques Distler f1cff1a798 Stylesheet tweaks. 2007-02-18 02:43:26 -06:00
Jacques Distler 666cb32cc3 A little separation of presentation from content. 2007-02-18 01:48:32 -06:00