Commit graph

362 commits

Author SHA1 Message Date
Jacques Distler 70025a4ba3 More SVG Sanitization 2007-10-31 01:00:45 -05:00
Jason Blevins 8cd38d9ade Sync with trunk 2007-10-29 21:21:08 -04:00
Jacques Distler eca126f589 Sanitize <svg:image>
This element is unsafe.
2007-10-29 13:51:41 -05:00
Jacques Distler 9c55037626 Some more tests to track down Diego Restrepo's bug 2007-10-28 14:04:30 -05:00
Jacques Distler f24c60c3fb Better handling of SVG attributes which admit uri refs
Just strip out the URI ref, leaving alternates.
2007-10-27 23:08:13 -05:00
Jacques Distler 5208bbf0af Sanitize url refs in SVG attributes
Add some tests.
Sync with latest HTML5lib (includes above sanitization improvements).
2007-10-27 17:34:29 -05:00
Jacques Distler ae82f1be49 Whoops!
Fix an inadvertently broken test.
2007-10-26 16:09:50 -05:00
Jacques Distler 8ce5016b41 UTF-8 Bug
Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling.
Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.
2007-10-26 00:48:43 -05:00
Jason Blevins 1c5e5999cd Sync with trunk 2007-10-24 08:08:34 -04:00
Jacques Distler a92b593949 SVG in Equations
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler 36f55fc9aa Add support for the MathML <semantics> Element 2007-10-21 02:19:10 -05:00
Jason Blevins 84b6602792 Merge with trunk. 2007-10-17 08:04:42 -04:00
Jacques Distler a728caf493 Add tmp Directory
Purportedly, this in needed to get  Instiki to work with mongrel_cluser.
2007-10-15 14:18:33 -05:00
Jacques Distler 207fb1f7f2 New Version
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jason Blevins 7521a073b2 Sync with trunk 2007-10-15 07:16:33 -04:00
Jacques Distler de125367b0 Update RDOC documentation.
Update the documentation for sanitize.rb, to match current behaviour.
2007-10-14 22:22:18 -05:00
Jacques Distler 1911d18f65 Performance
OK. This is a better way: define a custom TreeWalker which converts named entities to utf-8 as it goes. This avoids having to do an extra tree traversal in sanitize_rexml, AND avoids the trainwreck that is html5/inputstream.rb.
2007-10-14 21:07:46 -05:00
Jacques Distler 198d7847bd Performance
My REXML::Element.to_ncr (and REXML::Element.to_utf8) is horribly slow. For long documents, it proves more efficient to serialize to a string, apply String.to_ncr (or String.to_utf8) and then Sanitize the string.
2007-10-13 16:32:04 -05:00
Jason Blevins 1cc2043cf6 Sync with trunk 2007-10-12 12:53:43 -04:00
Jacques Distler 0eb1ab56b0 More LaTeX Macros
Put in dummy macros for \statusline and \toggle.
Added colour definitions for HTML named colours.

Remaining  unimplemented:

   \color{#HHH} and \color{#HHHHHH}
   \bgcolor
   \array
   \righttoleftarrow
   \lefttorightarrow
2007-10-11 11:30:17 -05:00
Jacques Distler 148afb77e0 Sync with latest Maruku
Apparently, Maruku had trouble with the latest release of Ruby (1.8.6, patchlevel 110). This should fix it.
2007-10-10 22:06:44 -05:00
Jacques Distler 5dd75d4cb0 File Upload Links
I like this a little better.
2007-10-09 23:56:55 -05:00
Jason Blevins f785655a59 Sync with trunk 2007-10-09 20:02:02 -04:00
Jacques Distler fbdf4c5dfe Fix Broken Test
Was not picking up user-supplied alt text in [[filename|Alt text:pic]].
Fixed.
2007-10-09 11:02:44 -05:00
Jacques Distler 402de89abf Tests for Rev 171
One test is still broken. Will fix.
2007-10-09 03:16:07 -05:00
Jacques Distler 0eb723e125 Accessibility: Use Uploaded File Descriptions
The file upload dialog asks for a description of the image or file to be uploaded. Use this as the default alt-text for the image and as a title attribute for a file link.
2007-10-09 02:51:38 -05:00
Jason Blevins 957f0e5721 Sync with trunk 2007-10-07 16:10:43 -04:00
Jacques Distler 179a0a9cb2 Might as well
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler 2484542f12 Security: HTTP GET Bypassed Spam Protection
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.

Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler be8bb3d06d InterWeb Links
From Jason Blevins:  [[Web Name:Page Name]] or [[Web Name:Page Name|alternate label]] produce inter-Web links on the same Instiki installation.
2007-10-06 16:04:11 -05:00
Jacques Distler 55fdc9fff4 Sync with latest HTML5lib 2007-10-06 11:55:58 -05:00
Jason Blevins e5f882d800 Applied URI chunk changes 2007-10-06 09:12:24 -04:00
Jason Blevins c1be34abcd Support for InterWeb Links 2007-10-06 09:06:55 -04:00
Jacques Distler 3a3cfeaa9b Drop URI Chunk-handling
The URIChunk and LocalURICunk handlers were

1) Slow
2) Buggy (prone to produce ill-formed pages in edge cases)
3) Of dubious utility

So I ditched them. No auto-linked URLs, but who cares?
2007-10-05 16:25:41 -05:00
Jason Blevins 8cdcbff13e Merge with latest trunk 2007-10-04 22:54:36 -04:00
Jacques Distler f0090cf4ab Whoops!
Committed the wrong version of tex.rhtml. This is the right one.
2007-10-04 15:46:20 -05:00
Jacques Distler 4be4125861 Remaining LaTeX macros
Added the remaining LaTeX macros from our list.
What remains is to decide on how to resolve the conflicting definitions of

   \binom{}{}

and to supply suitable characters for

   \righttoleftarrow
   \lefttorightarrow

The plain TeX syntax {A \over B} is unsupported (passed through verbatim, and will cause a LaTeX error).
2007-10-04 13:43:57 -05:00
Jason Blevins bcfa5b1f31 First commit of new Latex macros. 2007-10-04 09:55:11 -04:00
Jacques Distler 986c21527a First Batch of LaTeX Macros
The first, uncontroversial, batch of LaTeX macros from Jason Blevins.
2007-10-04 03:16:45 -05:00
Jacques Distler c67382d340 Start on LaTeX
Pave the way for Jason's LaTeX macro support.
Also, uniformize the capitalization of "ETag".
2007-10-04 02:50:08 -05:00
Jason Blevins 5b4936948b Merged Jacques Distler's latest changes. 2007-10-02 09:56:56 -04:00
Jacques Distler b0e316e37c Minor Fixes
Get rid of Redefined CONSTANT warning.
Make WEBrick respond to TERM signal. (Launchd, in particular, requires this.)
Rollback superfluous change to rails/actionpack/lib/action_controller/base.rb. Handled by the action_cache plugin.
2007-10-01 22:09:51 -05:00
Jacques Distler 3b6523b4f4 rel=nofollow
A little search engine optimization.
2007-09-27 20:04:27 -05:00
Jacques Distler 06d96349e4 Don't stomp on test/fixtures, when dumping the database to YAML
Tweak the manage_fixtures plugin to use the dump/fixtures instead of test/fixtures directory.
2007-09-23 01:50:40 -05:00
Jacques Distler 1259e16a4a A Couple of Unit Tests 2007-09-23 00:03:58 -05:00
Jacques Distler e8769c0b83 Add the manage_fixtures plugin for easy database migration 2007-09-20 00:36:07 -05:00
Jason Blevins 8d48dd88fe Sync with latest trunk 2007-09-19 13:53:22 -04:00
Jacques Distler c54a78c026 Links in Published Webs
Links in published Webs (in particular, the author-link) should be to the published version of the page.
2007-09-15 14:39:28 -05:00
Jacques Distler 4144aa2c98 Can't. Stop. Tweaking. Themes. 2007-09-15 11:40:48 -05:00
Jacques Distler 2c4473a0e9 S5 Slide notes
Slide notes are now served correctly (as application/xhtml+xml) to compatible
browsers. So you can put math in your notes, and the MathML will render.

We don't do real content-negotioation. IE gets text/html; everyone else gets application/xhtml+xml.
2007-09-15 00:29:20 -05:00