Jacques Distler
c8196cbe41
More Unicode Fun
...
From Philip Taylor (via Henri Sivonen): disallow U+fffe and U+ffff.
2008-01-01 22:00:07 -06:00
Jacques Distler
14e3728183
A Tweak to the Error-Page Layout
2007-12-30 20:34:08 -06:00
Jacques Distler
0c16ab4e6f
Better Error for Stale Session
...
Rather than giving a generic 500 error, tell the user to reload the page.
2007-12-30 10:41:19 -06:00
Jacques Distler
a2c7705de5
More of the Same.
2007-12-30 03:58:57 -06:00
Jacques Distler
df28bd545a
Well-Formed Error Pages
...
Apparently, my fans think returning raw text error messages are a bad thing.
Well-formed XHTML for them, I guess ...
2007-12-30 03:28:33 -06:00
Jacques Distler
5d52cf303f
Conditional Use of New REXML Output Logic.
...
Thanks to Sam Ruby for pointing out the problem.
2007-12-28 19:58:22 -06:00
Jacques Distler
6cd8d8d2ef
Fixes from Jason Blevins
...
Removed some (fossil) test dependencies and a deprecation warning.
Patched the Rails 2.0.2 routing code to emit old-style Instiki URLs.
2007-12-24 17:26:40 -06:00
Jacques Distler
a0cf0951af
Document the Secret Key configuration a bit
2007-12-24 17:18:30 -06:00
Jason Blevins
f1106428dc
Included a test for page names with spaces.
...
Upgraded to Rails 2.0.2 routing code. Kept the "old" CGI-style escaping rather than using URI.escape.
2007-12-24 16:02:14 -05:00
Jason Blevins
feed609d86
Removed unneeded test dependencies.
2007-12-24 15:33:39 -05:00
Jason Blevins
d042b4fd94
config.breakpoint_server has been deprecated and has no effect.
2007-12-22 23:54:29 -05:00
Jason Blevins
fc586e3f6b
Sync with trunk: upgrade to Rails 2.0.2
2007-12-22 11:15:52 -05:00
Jacques Distler
e74deb0cfb
Unit test
...
Add a unit test for previous WikiWord fix.
2007-12-21 08:53:45 -06:00
Jacques Distler
6873fc8026
Upgrade to Rails 2.0.2
...
Upgraded to Rails 2.0.2, except that we maintain
vendor/rails/actionpack/lib/action_controller/routing.rb
from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.
Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jason Blevins
7dbf8be706
Merged with trunk.
2007-12-19 21:20:11 -05:00
Jacques Distler
0f6889e09f
Fix Unicode bug
...
Fix Diego Restrepo's bug (see Rev 184).
Update to latest HTML5lib.
2007-12-17 03:17:43 -06:00
Jacques Distler
18da1a1d71
Accommodate \nequiv in LaTeX output
2007-11-02 10:15:17 -05:00
Jacques Distler
70025a4ba3
More SVG Sanitization
2007-10-31 01:00:45 -05:00
Jason Blevins
8cd38d9ade
Sync with trunk
2007-10-29 21:21:08 -04:00
Jacques Distler
eca126f589
Sanitize <svg:image>
...
This element is unsafe.
2007-10-29 13:51:41 -05:00
Jacques Distler
9c55037626
Some more tests to track down Diego Restrepo's bug
2007-10-28 14:04:30 -05:00
Jacques Distler
f24c60c3fb
Better handling of SVG attributes which admit uri refs
...
Just strip out the URI ref, leaving alternates.
2007-10-27 23:08:13 -05:00
Jacques Distler
5208bbf0af
Sanitize url refs in SVG attributes
...
Add some tests.
Sync with latest HTML5lib (includes above sanitization improvements).
2007-10-27 17:34:29 -05:00
Jacques Distler
ae82f1be49
Whoops!
...
Fix an inadvertently broken test.
2007-10-26 16:09:50 -05:00
Jacques Distler
8ce5016b41
UTF-8 Bug
...
Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling.
Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.
2007-10-26 00:48:43 -05:00
Jason Blevins
1c5e5999cd
Sync with trunk
2007-10-24 08:08:34 -04:00
Jacques Distler
a92b593949
SVG in Equations
...
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler
36f55fc9aa
Add support for the MathML <semantics> Element
2007-10-21 02:19:10 -05:00
Jason Blevins
84b6602792
Merge with trunk.
2007-10-17 08:04:42 -04:00
Jacques Distler
a728caf493
Add tmp Directory
...
Purportedly, this in needed to get Instiki to work with mongrel_cluser.
2007-10-15 14:18:33 -05:00
Jacques Distler
207fb1f7f2
New Version
...
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jason Blevins
7521a073b2
Sync with trunk
2007-10-15 07:16:33 -04:00
Jacques Distler
de125367b0
Update RDOC documentation.
...
Update the documentation for sanitize.rb, to match current behaviour.
2007-10-14 22:22:18 -05:00
Jacques Distler
1911d18f65
Performance
...
OK. This is a better way: define a custom TreeWalker which converts named entities to utf-8 as it goes. This avoids having to do an extra tree traversal in sanitize_rexml, AND avoids the trainwreck that is html5/inputstream.rb.
2007-10-14 21:07:46 -05:00
Jacques Distler
198d7847bd
Performance
...
My REXML::Element.to_ncr (and REXML::Element.to_utf8) is horribly slow. For long documents, it proves more efficient to serialize to a string, apply String.to_ncr (or String.to_utf8) and then Sanitize the string.
2007-10-13 16:32:04 -05:00
Jason Blevins
1cc2043cf6
Sync with trunk
2007-10-12 12:53:43 -04:00
Jacques Distler
0eb1ab56b0
More LaTeX Macros
...
Put in dummy macros for \statusline and \toggle.
Added colour definitions for HTML named colours.
Remaining unimplemented:
\color{#HHH} and \color{#HHHHHH}
\bgcolor
\array
\righttoleftarrow
\lefttorightarrow
2007-10-11 11:30:17 -05:00
Jacques Distler
148afb77e0
Sync with latest Maruku
...
Apparently, Maruku had trouble with the latest release of Ruby (1.8.6, patchlevel 110). This should fix it.
2007-10-10 22:06:44 -05:00
Jacques Distler
5dd75d4cb0
File Upload Links
...
I like this a little better.
2007-10-09 23:56:55 -05:00
Jason Blevins
f785655a59
Sync with trunk
2007-10-09 20:02:02 -04:00
Jacques Distler
fbdf4c5dfe
Fix Broken Test
...
Was not picking up user-supplied alt text in [[filename|Alt text:pic]].
Fixed.
2007-10-09 11:02:44 -05:00
Jacques Distler
402de89abf
Tests for Rev 171
...
One test is still broken. Will fix.
2007-10-09 03:16:07 -05:00
Jacques Distler
0eb723e125
Accessibility: Use Uploaded File Descriptions
...
The file upload dialog asks for a description of the image or file to be uploaded. Use this as the default alt-text for the image and as a title attribute for a file link.
2007-10-09 02:51:38 -05:00
Jason Blevins
957f0e5721
Sync with trunk
2007-10-07 16:10:43 -04:00
Jacques Distler
179a0a9cb2
Might as well
...
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler
2484542f12
Security: HTTP GET Bypassed Spam Protection
...
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.
Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler
be8bb3d06d
InterWeb Links
...
From Jason Blevins: [[Web Name:Page Name]] or [[Web Name:Page Name|alternate label]] produce inter-Web links on the same Instiki installation.
2007-10-06 16:04:11 -05:00
Jacques Distler
55fdc9fff4
Sync with latest HTML5lib
2007-10-06 11:55:58 -05:00
Jason Blevins
e5f882d800
Applied URI chunk changes
2007-10-06 09:12:24 -04:00
Jason Blevins
c1be34abcd
Support for InterWeb Links
2007-10-06 09:06:55 -04:00