Commit graph

630 commits

Author SHA1 Message Date
Jacques Distler
c89aeb6665 Some Tests for Philip Taylor Phun 'n Games
Some tests for the illegal Unicode characters in search queries (and elsewhere).
2008-01-02 02:33:05 -06:00
Jacques Distler
c8196cbe41 More Unicode Fun
From Philip Taylor (via Henri Sivonen): disallow U+fffe and U+ffff.
2008-01-01 22:00:07 -06:00
Jacques Distler
14e3728183 A Tweak to the Error-Page Layout 2007-12-30 20:34:08 -06:00
Jacques Distler
0c16ab4e6f Better Error for Stale Session
Rather than giving a generic 500 error, tell the user to reload the page.
2007-12-30 10:41:19 -06:00
Jacques Distler
a2c7705de5 More of the Same. 2007-12-30 03:58:57 -06:00
Jacques Distler
df28bd545a Well-Formed Error Pages
Apparently, my fans think returning raw text error messages are a bad thing.
Well-formed XHTML for them, I guess ...
2007-12-30 03:28:33 -06:00
Jacques Distler
5d52cf303f Conditional Use of New REXML Output Logic.
Thanks to Sam Ruby for pointing out the problem.
2007-12-28 19:58:22 -06:00
Jacques Distler
6cd8d8d2ef Fixes from Jason Blevins
Removed some (fossil) test dependencies and a deprecation warning.
Patched the Rails 2.0.2 routing code to emit old-style Instiki URLs.
2007-12-24 17:26:40 -06:00
Jacques Distler
a0cf0951af Document the Secret Key configuration a bit 2007-12-24 17:18:30 -06:00
Jason Blevins
f1106428dc Included a test for page names with spaces.
Upgraded to Rails 2.0.2 routing code.  Kept the "old" CGI-style escaping rather than using URI.escape.
2007-12-24 16:02:14 -05:00
Jason Blevins
feed609d86 Removed unneeded test dependencies. 2007-12-24 15:33:39 -05:00
Jason Blevins
d042b4fd94 config.breakpoint_server has been deprecated and has no effect. 2007-12-22 23:54:29 -05:00
Jason Blevins
fc586e3f6b Sync with trunk: upgrade to Rails 2.0.2 2007-12-22 11:15:52 -05:00
Jacques Distler
e74deb0cfb Unit test
Add a unit test for previous WikiWord fix.
2007-12-21 08:53:45 -06:00
Jacques Distler
6873fc8026 Upgrade to Rails 2.0.2
Upgraded to Rails 2.0.2, except that we maintain

   vendor/rails/actionpack/lib/action_controller/routing.rb

from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.

Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jason Blevins
7dbf8be706 Merged with trunk. 2007-12-19 21:20:11 -05:00
Jacques Distler
0f6889e09f Fix Unicode bug
Fix Diego Restrepo's bug (see Rev 184).
Update to latest HTML5lib.
2007-12-17 03:17:43 -06:00
Jacques Distler
18da1a1d71 Accommodate \nequiv in LaTeX output 2007-11-02 10:15:17 -05:00
Jacques Distler
70025a4ba3 More SVG Sanitization 2007-10-31 01:00:45 -05:00
Jason Blevins
8cd38d9ade Sync with trunk 2007-10-29 21:21:08 -04:00
Jacques Distler
eca126f589 Sanitize <svg:image>
This element is unsafe.
2007-10-29 13:51:41 -05:00
Jacques Distler
9c55037626 Some more tests to track down Diego Restrepo's bug 2007-10-28 14:04:30 -05:00
Jacques Distler
f24c60c3fb Better handling of SVG attributes which admit uri refs
Just strip out the URI ref, leaving alternates.
2007-10-27 23:08:13 -05:00
Jacques Distler
5208bbf0af Sanitize url refs in SVG attributes
Add some tests.
Sync with latest HTML5lib (includes above sanitization improvements).
2007-10-27 17:34:29 -05:00
Jacques Distler
ae82f1be49 Whoops!
Fix an inadvertently broken test.
2007-10-26 16:09:50 -05:00
Jacques Distler
8ce5016b41 UTF-8 Bug
Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling.
Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.
2007-10-26 00:48:43 -05:00
Jason Blevins
1c5e5999cd Sync with trunk 2007-10-24 08:08:34 -04:00
Jacques Distler
a92b593949 SVG in Equations
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler
36f55fc9aa Add support for the MathML <semantics> Element 2007-10-21 02:19:10 -05:00
Jason Blevins
84b6602792 Merge with trunk. 2007-10-17 08:04:42 -04:00
Jacques Distler
a728caf493 Add tmp Directory
Purportedly, this in needed to get  Instiki to work with mongrel_cluser.
2007-10-15 14:18:33 -05:00
Jacques Distler
207fb1f7f2 New Version
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jason Blevins
7521a073b2 Sync with trunk 2007-10-15 07:16:33 -04:00
Jacques Distler
de125367b0 Update RDOC documentation.
Update the documentation for sanitize.rb, to match current behaviour.
2007-10-14 22:22:18 -05:00
Jacques Distler
1911d18f65 Performance
OK. This is a better way: define a custom TreeWalker which converts named entities to utf-8 as it goes. This avoids having to do an extra tree traversal in sanitize_rexml, AND avoids the trainwreck that is html5/inputstream.rb.
2007-10-14 21:07:46 -05:00
Jacques Distler
198d7847bd Performance
My REXML::Element.to_ncr (and REXML::Element.to_utf8) is horribly slow. For long documents, it proves more efficient to serialize to a string, apply String.to_ncr (or String.to_utf8) and then Sanitize the string.
2007-10-13 16:32:04 -05:00
Jason Blevins
1cc2043cf6 Sync with trunk 2007-10-12 12:53:43 -04:00
Jacques Distler
0eb1ab56b0 More LaTeX Macros
Put in dummy macros for \statusline and \toggle.
Added colour definitions for HTML named colours.

Remaining  unimplemented:

   \color{#HHH} and \color{#HHHHHH}
   \bgcolor
   \array
   \righttoleftarrow
   \lefttorightarrow
2007-10-11 11:30:17 -05:00
Jacques Distler
148afb77e0 Sync with latest Maruku
Apparently, Maruku had trouble with the latest release of Ruby (1.8.6, patchlevel 110). This should fix it.
2007-10-10 22:06:44 -05:00
Jacques Distler
5dd75d4cb0 File Upload Links
I like this a little better.
2007-10-09 23:56:55 -05:00
Jason Blevins
f785655a59 Sync with trunk 2007-10-09 20:02:02 -04:00
Jacques Distler
fbdf4c5dfe Fix Broken Test
Was not picking up user-supplied alt text in [[filename|Alt text:pic]].
Fixed.
2007-10-09 11:02:44 -05:00
Jacques Distler
402de89abf Tests for Rev 171
One test is still broken. Will fix.
2007-10-09 03:16:07 -05:00
Jacques Distler
0eb723e125 Accessibility: Use Uploaded File Descriptions
The file upload dialog asks for a description of the image or file to be uploaded. Use this as the default alt-text for the image and as a title attribute for a file link.
2007-10-09 02:51:38 -05:00
Jason Blevins
957f0e5721 Sync with trunk 2007-10-07 16:10:43 -04:00
Jacques Distler
179a0a9cb2 Might as well
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler
2484542f12 Security: HTTP GET Bypassed Spam Protection
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.

Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler
be8bb3d06d InterWeb Links
From Jason Blevins:  [[Web Name:Page Name]] or [[Web Name:Page Name|alternate label]] produce inter-Web links on the same Instiki installation.
2007-10-06 16:04:11 -05:00
Jacques Distler
55fdc9fff4 Sync with latest HTML5lib 2007-10-06 11:55:58 -05:00
Jason Blevins
e5f882d800 Applied URI chunk changes 2007-10-06 09:12:24 -04:00