Commit graph

273 commits

Author SHA1 Message Date
Jacques Distler
a739a52f54 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2011-08-19 19:37:14 -05:00
Jacques Distler
1e352e28a1 Make Sanitizer::safe_xhtml_sanitize use Nokogiri
Also, update Bundler to 1.0.18.
2011-08-19 19:32:53 -05:00
Jacques Distler
6005297cfe Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2011-08-08 01:55:44 -05:00
Jacques Distler
46da1f3aaf Tweaks to lib/chunks/engines.rb 2011-08-08 01:54:06 -05:00
Jacques Distler
f23e1487df Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2011-08-05 02:02:43 -05:00
Jacques Distler
14592f57f9 Some small efficiencies in the Chunk-handler
Also, log Maruku's processing time, out of perverse
interest.
2011-08-05 01:59:18 -05:00
Jacques Distler
fc8be60634 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2011-06-15 00:50:37 -05:00
Jacques Distler
9e909d5be3 Update Rails, rails_xss and Bundler
Update Bundler to 1.0.15.
Update Rails to 2.3.12.
Update rails_xss plugin.

The latter two were the
source of a considerable
amount of grief, as rails_xss
is now MUCH stricter about what
string methods can be used.

Also made it possible to use
rake 0.9.x with Instiki. But
you probably REALLY want to use

 ruby bundle exec rake ...

instead of just saying

 rake ....
2011-06-15 00:43:38 -05:00
Jacques Distler
f9628a3f19 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2011-02-18 13:13:43 -06:00
Jacques Distler
3843fa608d Nasty!
How did a well-formedness bug creep into
the code? I *swear* this used to work.
2011-02-18 12:39:19 -06:00
Jacques Distler
88291ee4a2 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-11-03 23:52:06 -05:00
Jacques Distler
4be1a58a24 Update RedCloth to 4.x
Use Bundler to manage RedCloth
gem. 4.x should be much faster
and less buggy. Unfortunately,
it doesn't support mixed
Textile/Markdown syntax. So
we keep an (appropriately
renamed) copy of 3.x around,
for the users of the "Mixed"
text filter.
2010-11-03 23:32:55 -05:00
Jacques Distler
97434e097a Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-10-21 23:59:35 -05:00
Jacques Distler
bb17fbbe02 Included pages
Redirects and categories of included
pages should not be inherited.
(Suggestion of Andrew Stacey)
2010-10-21 23:58:04 -05:00
Jacques Distler
b6653749ac Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-09-29 00:19:42 -05:00
Jacques Distler
1c35c2d3fc Fat camp
Removed some extraneous (and hefty) cruft, to slim down the size of the distribution.
2010-09-28 23:57:28 -05:00
Jacques Distler
1dc14ec2da Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-07-22 14:16:31 -05:00
Jacques Distler
f6e9d17f9b Non-Latin WikiWords
Fix bug in WikiWord processing
reproted by Alexander Hambug.

Also fix Cyrillic Capital/Lowercase
regexps.
2010-07-22 14:08:21 -05:00
Jacques Distler
4c4f7a7b82 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-06-19 03:03:36 -05:00
Jacques Distler
ce8578d2d0 Some Maruku Regexp Refactoring 2010-06-19 03:02:15 -05:00
Jacques Distler
30909ec927 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-06-17 19:33:05 -05:00
Jacques Distler
0d8f680d4f Updates
SVG-Edit -> 2.5final
Vendored Rack -> 1.2.1
2010-06-17 19:27:39 -05:00
Jacques Distler
65fd56888f Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-06-13 23:21:22 -05:00
Jacques Distler
6491d70326 Update Vendored Rack to 1.2.0
Also update tests for itextomml 1.3.25.
2010-06-13 23:09:24 -05:00
Jacques Distler
5f6e1ce19f Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-06-09 13:28:23 -05:00
Jacques Distler
9a80cacc34 Update Sanitizer
Support <menclose notation="...">.
2010-06-09 13:26:51 -05:00
Jacques Distler
a14db81b79 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-06-09 12:00:55 -05:00
Jacques Distler
90ad482ed2 Rename stringsupport.rb => instiki_stringsupport.rb 2010-06-09 11:47:39 -05:00
Jacques Distler
44e54ee4c6 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-27 01:18:06 -05:00
Jacques Distler
dafe67046a Better
Use :only_path => true
2010-05-27 01:17:24 -05:00
Jacques Distler
1f4f1a4ba3 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-27 00:30:29 -05:00
Jacques Distler
a57152d743 Fix Category Listing Bugs
The links to the category listings
were bogus, and the category listing
page needed some XSS-unprotection.
2010-05-27 00:27:49 -05:00
Jacques Distler
d61ae49e66 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-26 14:17:52 -05:00
Jacques Distler
1da034e2be Fix some to-be-deprecated stuff 2010-05-26 14:16:34 -05:00
Jacques Distler
e3cbef7dcd Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-26 00:33:21 -05:00
Jacques Distler
a5e08f7bcc Rails_xss Plugin
I installed the rails_xss plugin, for
the main purpose of seeing what will
break with Rails 3.0 (where the behaviour
of the plugin is the default). I think
I've fixed everything, but let me know if you
see stuff that is HTML-escaped, which
shouldn't be.

As a side benefit, we now use Erubis,
rather than ERB, to render templates.
They tell me it's faster ...
2010-05-26 00:27:49 -05:00
Jacques Distler
52f0dbb91c Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-25 12:46:37 -05:00
Jacques Distler
f0635301aa Update to Rails 2.3.8 2010-05-25 12:45:45 -05:00
Jacques Distler
3745e4d669 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-23 23:23:50 -05:00
Jacques Distler
6677b46cb4 A few more additions for the Sanitizer 2010-05-23 23:22:45 -05:00
Jacques Distler
ecf54415eb Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-22 14:37:18 -05:00
Jacques Distler
2781890832 Updated Sanitizer for HTML5
Sanitizer should recognize HTML elements
and attributes.

New Allowed Elements:

  article aside audio canvas command details
  dialog figcaption figure footer header
  hgroup mark meter nav progress rp rt ruby
  section source summary time video war 
       
(OK, audio and video were already there)

New Allowed Attributes:

  autocomplete contenteditable contextmenu
  draggable formaction icon low max min
  open optimum pattern placeholder preload
  pubdate required reversed  spellcheck step
  wrap

Attributes removed:

  abbr charset loopcount loopend loopstart
  noshade nowrap rev rules 


Maruku supports @start and @reversed on
ordered lists. It doesn't seem to support
IALs on li elements, so you still can't
attach @value to an li.
2010-05-22 14:34:08 -05:00
Jacques Distler
5a448c3d50 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-13 00:59:14 -05:00
Jacques Distler
d9d353a350 Some HTML5 audio/video attributes for the Sanitizer 2010-05-13 00:47:09 -05:00
Jacques Distler
a2c3e2a76c Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-08 23:46:33 -05:00
Jacques Distler
fd9fc1455e Prefer Monkey-patching Rack Gem to Vendored Rack
This gets around a dreaded 

  in `load_missing_constant': Rack
  is not missing constant Handler! (ArgumentError)

error in latest Ruby 1.9.2-dev. (Ruby
1.8.x doesn't seem to care.)
2010-05-08 23:42:40 -05:00
Jacques Distler
3b87094327 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-04-02 00:02:58 -05:00
Jacques Distler
da0c6a2ea1 Fix an SVG nonce bug
Dunno when this problem with randomized IDs arose.
But it's fixed now.

Also, sync with latest SVG-Edit.
2010-04-01 23:56:21 -05:00
Jacques Distler
ce2416165b Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-02-25 02:29:58 -06:00
Jacques Distler
aa0a151ba4 Uniquify IDs in SVG-Edit
Since we can have several SVG-Edit graphics
on a page, SVG-Edit should assign unique IDs
to elements, and do so in a fashion that survives
re-editing.

To do this, we use a nonce, and record its value in
a custom se:nonce attribute on the <svg> element.
(Is there a better way?). 

Also, preserve the custom se:connector attribute for
later editing purposes.
2010-02-25 02:25:16 -06:00