Commit graph

1092 commits

Author SHA1 Message Date
Jacques Distler 8c0b3b3d2c Methods in WikiReferences now restrict themselves (properly) to the current Web.
Fix from Jason Blevins.
2007-03-10 17:00:24 -06:00
Jason R. Blevins 12743280fb All WikiReference methods now limit results to the current web.
Category lists are now restricted to the current web.
2007-03-10 16:09:20 -05:00
Jacques Distler 626c135d1e Security: ensure file upload directory is not world-writable.
(There still seem to be bugs in the file upload function.)
2007-03-10 11:26:30 -06:00
Jacques Distler 46a456b3ad Security: ensure that the file system cache is not world-writable 2007-03-10 11:05:52 -06:00
Jacques Distler 4ae46b32d8 Sync with latest maruku. 2007-03-10 02:06:54 -06:00
Jacques Distler 144540a761 Fixed caching bug with category 'list' and 'recently_revised' views.
Re-enabled filesystem caching.
2007-03-10 00:18:18 -06:00
Jacques Distler edf335060a Fix new.rhtml 2007-03-09 08:28:19 -06:00
Jacques Distler db76c79cfb Whoops! harmless typo. 2007-03-09 08:04:24 -06:00
Jacques Distler 46e78c2317 Sync with latest Instiki trunk (to the extent that the bizarre stuff being committed there makes any sense). 2007-03-08 22:35:49 -06:00
Jacques Distler a656772622 Deal with clients that don't send an HTTP_ACCEPT header.
Cache S5, TeX and Print views.
Temporary hack: don't cache list and recently_revised pages.
2007-03-08 21:57:21 -06:00
Jacques Distler d74116dc67 Ensure that input is bona fide utf-8. 2007-03-07 21:06:39 -06:00
Jacques Distler 8300133c8d Sync with latest Maruku. 2007-03-07 12:49:06 -06:00
Jacques Distler 7b1c7c0da6 S5 CSS tweak: .incremental code. 2007-03-06 00:30:12 -06:00
Jacques Distler 7cfa9bf1ba Page footer now includes link to my branch of Instiki. 2007-03-05 09:32:53 -06:00
Jacques Distler cf525b8bb9 Zap gremlins in author names. 2007-03-04 22:56:52 -06:00
Jacques Distler 541ef91df4 Update to latest Maruku. Fixes alt text bug. 2007-03-04 15:32:21 -06:00
Jacques Distler 632a9d90fc Another S5 stylesheet tweak. 2007-03-04 14:06:53 -06:00
Jacques Distler aed5c10c70 More S5 tweaks: incremental builds for definition-lists and some CSS tweaks. 2007-03-04 02:01:36 -06:00
Jacques Distler 6f81cb1207 Fix well-formedness issue in rollback.rhtml and validity in that and edit.rhtml. 2007-03-02 18:46:40 -06:00
Jacques Distler 43dbd8712e Another tweak to Maruku's S5 output (IE compatibility). 2007-03-02 08:26:37 -06:00
Jacques Distler 5a352d0f5e Sync with latest Maruku. 2007-03-01 22:46:49 -06:00
Jacques Distler 6ee59e7e49 More S5 tweaks. 2007-03-01 15:15:41 -06:00
Jacques Distler e93cedb155 Fixed S5 page numbering. 2007-03-01 11:15:45 -06:00
Jacques Distler 6a7645c45c Fixed inline SVG in S5.
More S5 Stylesheet tweaks.
2007-03-01 10:50:06 -06:00
Jacques Distler 41ff4724b8 Converging on S5 support. 2007-03-01 03:05:35 -06:00
Jacques Distler 02c6ed2fa0 More progress on S5.
Forgot to add gremlin zapping in app/views/wiki/edit.rhtml.
2007-02-28 18:38:52 -06:00
Jacques Distler 8359047fd5 Start on adding S5 support to Instiki. 2007-02-28 13:31:34 -06:00
Jason R. Blevins b65a5b8e30 Bug fix. Previously, all categories were visible from all webs. Now category lists are restricted to the current web. 2007-02-27 22:27:20 -05:00
Michal Wlodkowski 8fb8517156 css updates 2007-02-27 21:56:13 +00:00
Jacques Distler 552cf4cff0 XSS Security fixes 2007-02-25 15:13:50 +00:00
Jacques Distler f208d50032 Bah! 2007-02-24 23:07:25 -06:00
Jacques Distler 507a17aade More lenient URI scheme matching in sanitize. 2007-02-24 22:47:31 -06:00
Jacques Distler f9dcfa5af0 Make list of attributes whose values are scanned for acceptable URI schemes customizable. 2007-02-24 11:55:40 -06:00
Jacques Distler 59c64439d8 More unit tests. 2007-02-24 00:41:35 -06:00
Jacques Distler fff30ec27f Whoops! Forgot a test. 2007-02-23 15:09:12 -06:00
Jacques Distler d8e06f6db9 Sanitize URI schemes. 2007-02-23 13:34:58 -06:00
Jacques Distler 4c903d6a77 Renamed sanitize unit test file. 2007-02-23 11:57:39 -06:00
Jacques Distler e179508377 Sanitization now preserves case-sensitive element and attribute names (necessary to support SVG).
Unit tests, galore.
2007-02-23 11:32:06 -06:00
Jacques Distler 2fa1e08c96 Tweak dependencies of sanitize.rb 2007-02-22 01:16:18 -06:00
Jacques Distler bacae2c468 Finally! XSS-protection, done right.
If you want something done right, ...
2007-02-22 01:06:53 -06:00
Jacques Distler 0aafedb2df More XSS fixes.
Started fixing file uploads.
2007-02-21 12:10:47 -06:00
Jacques Distler 59adca44cc Make error documents XHTML. 2007-02-20 17:42:56 -06:00
Jacques Distler d1923e6387 Sync with latest Maruku. 2007-02-20 10:04:51 -06:00
Jacques Distler 88c6f27e14 Bah! *Someone* will care about those other Text-filters. 2007-02-20 08:18:48 -06:00
Jacques Distler e727507ac8 Zap gremlins.
Close cross-site scripting hole.
2007-02-19 23:15:39 -06:00
Jacques Distler d04ed8001b Some more appearance tweaks. 2007-02-19 17:35:32 -06:00
Jacques Distler e3fafb6e6d Version strings. 2007-02-19 10:01:16 -06:00
Jacques Distler 09e8b609b6 Yuck. Yet more XHTML validity fixes. 2007-02-18 23:14:55 -06:00
Jacques Distler 21a403b04f More XHTML validity and CSS cleanup. 2007-02-18 17:27:36 -06:00
Jacques Distler f1cff1a798 Stylesheet tweaks. 2007-02-18 02:43:26 -06:00