Commit graph

155 commits

Author SHA1 Message Date
Jacques Distler
7c51accaab Update Windows sqlite3.dll
For whatever the heck it's worth...
2009-12-22 21:00:23 -06:00
Jacques Distler
a71e64a172 Update Vendored sqlite3-ruby 2009-12-22 20:48:32 -06:00
Jacques Distler
9874650e4b Silence Some Stupid Warnings in Ruby 1.9 2009-12-18 23:53:43 -06:00
Jacques Distler
fe877a10b4 Make html_ext Available as a Helper
... and protected.
2009-12-16 00:59:33 -06:00
Jacques Distler
d3e79ea84a Make truncate() Unicode-aware 2009-12-14 17:41:28 -06:00
Jacques Distler
a58bee7437 Another Textarea Tweak and a Ruby 1.9 Fix 2009-12-12 15:28:05 -06:00
Jacques Distler
023d84c4a4 Ack! This is better 2009-12-08 09:08:25 -06:00
Jacques Distler
faac8951a3 More Ruby 1.9 String Encoding Fun 2009-12-08 08:50:01 -06:00
Jacques Distler
171c12d2c1 Efficiency
This version of String#purify
is 12% faster, under Ruby 1.9,
than before.
2009-12-05 10:50:58 -06:00
Jacques Distler
34b63a8375 Fix a Ruby 1.9 Character Encoding Bug
Wow, this stuff is complicated!
Some things really want to be UTF-8;
others really want to be byte strings.
2009-12-01 12:03:15 -06:00
Jacques Distler
a6429f8c22 Ruby 1.9 Compatibility
Completely removed the html5lib sanitizer.
Fixed the string-handling to work in both
Ruby 1.8.x and 1.9.2. There are still,
inexplicably, two functional tests that
fail. But the rest seems to work quite well.
2009-11-30 16:28:18 -06:00
Jacques Distler
371aab6f96 Sync with Latest itex2MML and MathML::Entities
Support the latest changes in
http://www.w3.org/TR/2009/WD-xml-entity-names-20091117/
2009-11-18 12:04:07 -06:00
Jacques Distler
c99ca26a8d Better log rotation for Passenger
Touch the tmp/restart.txt file, when
rotatingthe log files. Otherwise, multiple
workers may try to rotate the log files
at the same time, with sub-optimal results.

Also, an aesthetic tweak to the url_generator.
2009-10-28 00:03:25 -05:00
Jacques Distler
f559d8a06d Intra-Web Links in S5 Slideshows on Published Webs
Never really thought through where those should go.
They now point to the published version.
2009-10-23 10:05:02 -05:00
Jacques Distler
d880d81b0a Simplification
The last commit means we can
simplify the url_generator.rb a bit more.
It's still an ugly beast.
2009-10-23 00:18:23 -05:00
Jacques Distler
761f8bbb51 Links From Published Webs
Damn, but it's hard to get this right.
I think I've finally done it, though.
We'll see ...
2009-10-22 17:57:13 -05:00
Jacques Distler
97a35e280b DB Migration
% rake upgrade_instiki

fixes some potential problems in the database column types.

Revision content can now be up to 16MB.
Under MySQL, the previous limit was 64KB.

Page names can now be up to 255 bytes.
Under MySQL, the previous limit was 60 bytes.

Additional CSS styles can now be up to 64KB.
Under MySQL, the previous limit was 255 bytes.

Thanks to Andrew Stacey for reporting these.
2009-10-21 00:42:48 -05:00
Jacques Distler
a483b4e71e Also fix S5 slides.js
It needs to use relative URLs, too.
2009-10-11 10:20:43 -05:00
Jacques Distler
23e9c6beb2 Use AssetTagHelpers in S5 Template
Otherwise S5  breaks when Instiki is
deployed to a non-root URL (e.g., by
setting RailsBaseURI in Passenger).

Also a stylistic tweak in lib/node.rb
2009-10-11 09:49:01 -05:00
Jacques Distler
dd8c912c6c Update lib/node.rb
Grab some fixes from html_scanner, and add few of our own.
2009-10-10 03:52:33 -05:00
Jacques Distler
d5e35d2861 Some more Sanitizer tweaks
Mostly stylistic things, but allow some constants to be defined by the calling program.
2009-10-10 02:44:44 -05:00
Jacques Distler
d14db51d9e More Sanitizer Refactoring
Make the Sanitizer more efficient.
Also, update some unit tests.
2009-10-09 23:18:17 -05:00
Jacques Distler
9b7071d190 Update Sanitizer Docs
They were a bit out-of-sync with what the sanitizer
actually does.
2009-10-09 14:02:07 -05:00
Jacques Distler
e7b77dd3d3 Sanitizer Refactoring
A bit of cleanup for the Sanitizer.
2009-10-09 13:02:02 -05:00
Jacques Distler
2f3ff9f651 Efficiency
There's a moderate efficiency gain to be had by
using Set#include?, rather than Array#include?
in the sanitizer.
2009-10-08 16:22:50 -05:00
Jacques Distler
e0df6c8a6a Updated Tests and Sanitizer Fixes for Revision 439 2009-09-25 15:59:43 -05:00
Jacques Distler
b438bc64f6 Update More MathML Entity Mappings
Bring up-to-date with Editor's copy of
XML Entity definitions for Characters
(W3C Working Draft 13 September 2009)
http://www.w3.org/2003/entities/2007doc/overview.html
2009-09-25 14:34:22 -05:00
Jacques Distler
31ed55f055 Update MathML Entity Mappings
Update list of XHTML+MathML named entities
to match
http://www.w3.org/TR/2008/WD-xml-entity-names-20080721/
2009-09-24 16:21:22 -05:00
Jacques Distler
7185af32fc Fix an Eyesore
That just looked sloppy. I blame copy/paste.
2009-09-09 15:01:25 -05:00
Jacques Distler
3ff68ef42f Don't Expand NCRs
That operation is not idempotent (among other defects).
Instead, just check that the NCRs corespond to valid utf-8.
(Reported by Andrew Stacey)
2009-09-09 09:16:00 -05:00
Jacques Distler
116255dc0d Purify Categories
Apply the same methodology, as in Revision 432,
to the category chunk-handler. This completes
the replacement of all the code that looks like

  if string.is_utf8?
    do something
  else
    complain
  end

with code that looks like

  string.purify
  do something
2009-09-07 20:38:09 -05:00
Jacques Distler
c79fef9c01 Clean, rather than Complain
Previously, if the user tried to submit content which was
malformed utf-8, Instiki would complain loudly to him.

A slightly more user-friendly approach was suggested by
the latest Rails 2.3.4, and a conversation with Sam Ruby
(who suggested some improvements).

Now, instead of complaining, we remove the offending bytes,
leaving a well-formed utf-8 string, which we pretend is what
the user meant to submit.
2009-09-07 16:02:36 -05:00
Jacques Distler
342298ed0e Wikilinks to Published Webs
Should be to the published action. This
didn't work right for inter-web links.
(Reported by Mike Shulman)

Also, change some .length's to .size's
(for Andrew Stacey)
2009-09-03 23:09:10 -05:00
Jacques Distler
888e93a7fd Streamline Rake Task
Refactor the upgrade_instiki rake task.
Based on the (very nice) JHerdman's
  64d305f2a8
but defaults to 'production' environment, instead.
Instiki users don't know about production/development/test.
Instiki defaults to 'production'. So should its associated rake tasks.
2009-08-29 23:31:39 -05:00
Jacques Distler
c05d69bcff Make upgrade_instiki Rake Task Database-Agnostic
Reported by James Herdman.
2009-08-27 16:57:37 -05:00
Jacques Distler
0e0f666fb4 Rollbacks and Relative URLs
Ensure "rollback" locks page for editing. (reported by Toby Bartels)
Generate relative URLs, when possible. (Patch by Dennis Knauf)
2009-07-27 22:49:12 -05:00
Jacques Distler
9b857d3501 Test page_name, not text
Fix from Jason Blevins.
2009-06-12 19:47:56 -05:00
Jacques Distler
c98d44606a Wikilinks with '." in the Page Name
Rails won't let you put "." in the page name.
This prevents creating new-page Wikilinks with
such names.
2009-06-11 13:16:10 -05:00
Jacques Distler
305b37b401 Another Bug-fix and some tests
Man, but this needs more tests ... !
2009-06-06 21:08:08 -05:00
Jacques Distler
0943b7e510 Expire Caches for Redirected Links
[[!redirect foo]] should expire all pages which reference "foo".
Sounds simple, but this was a really gnarly bug to fix.
2009-06-05 00:39:12 -05:00
Jacques Distler
d7832ba262 Wiki Redirects and Page Renaming
Added the ability to rename existing pages.
[[!redirects Some Page Name]] redirects Wikilinks [[Some Page Name]] to
  the current page (assuming "Some Page Name" does not exist).
  Real pages trump redirects (though this may change, depending on 
  user feedback).
2009-06-02 22:17:15 -05:00
Jacques Distler
681065631c Add Support for SVG Clipping Paths
Add support in the sanitizer for <clipPath>, @clip-path and @clip-rule.
Suggested by Andrew Stacey.
2009-05-07 16:53:56 -05:00
Jacques Distler
d5a65e6ac8 History Pages
From Jason Blevins:
  Create a "History" page for each wiki page.
  Link to it, and to the "Diff" page from "Recently Revised".
Also, correct a bug in listing/deleting links to uploaded
video and audio files.
2009-03-30 23:50:06 -05:00
Jacques Distler
d425a70fad Yikes!
Yet more dangerously greedy Regexps in Maruku,
and one of my own.
2009-03-27 09:25:08 -05:00
Jacques Distler
c7418af48d Support for HTML5 <audio>
As with <video>,

   [[foo.wav:audio]]

works now, producing an HTML5 <audio> element.
2009-03-03 12:17:14 -06:00
Jacques Distler
8ea8b6a8f7 <video> and x-sendfile
Using <object> and <embed> were forbidden for obvious
security reasons. Instiki now permits embedding video
via the HTML5 <video> element (Ogg/Theora encoded videos
only, with .ogg or .ogv extensions). You can even upload
videos with

    [[foo.ogg:video]]

Instiki now support x-sendfile. See the Proxying page for
configuring Apache (with the x-sendfile module). Lighttpd
should work similarly.

Update Rails to latest Edge (hopefully converging on RC2!).
2009-03-02 02:32:25 -06:00
Jacques Distler
133c21b801 Bugfixes and Rails Edge
Update to Rails 2.3.1.
  (Actually, not quite. Doesn't look like 2.3.1 will be released
   today, but I REALLY want to push these bugfixes out.)
Removed bundled Rack (Rails 2.3.1 comes bundled with Rack 1.0).
Add
     config.action_view.cache_template_loading = true
  to production environment.
Fix FastCGI bug (http://rubyforge.org/tracker/index.php?func=detail&aid=24191&group_id=186&atid=783).
Fix WikiWords bug (http://rubyforge.org/pipermail/instiki-users/2009-February/001181.html).
2009-02-27 19:23:00 -06:00
Jacques Distler
4e14ccc74d Instiki 0.16.3: Rails 2.3.0
Instiki now runs on the Rails 2.3.0 Candidate Release.
Among other improvements, this means that it now 
automagically selects between WEBrick and Mongrel.

Just run

    ./instiki --daemon
2009-02-04 14:26:08 -06:00
Jacques Distler
43aadecc99 Links in Published Webs
Links in the 'show' action should be to the 'show' action.
Links in the 'published' action should be to the 'published' action.
Try to focus, Distler!
2009-02-01 16:17:14 -06:00
Jacques Distler
5d15e3f39d Security: Instiki 0.16.2
On Webs with file uploads enabled, uploaded files were stored
(in version 0.16.1 and earlier) in the public/ directory.

This was a security threat. A miscreant could upload a .html file.
When a user clicked on the link to the file, it was opened (unsanitized)
in the browser.

As of version 0.16.2, uploaded files are stored in the webs/
directory. Now, when the user clicks on the link, the file is sent
with the

    Content-Disposition: attachment

header set, which causes the file to be downloaded, rather than opened
in the browser. As always, files downloaded from the internets should be
treated with caution. At least, this way, they are not aoutomatically 
opened in the browser.

To move your existing uploaded files to the new location, do a

     rake upgrade_instiki
2009-01-26 00:21:30 -06:00