Commit graph

230 commits

Author SHA1 Message Date
Jacques Distler c89aeb6665 Some Tests for Philip Taylor Phun 'n Games
Some tests for the illegal Unicode characters in search queries (and elsewhere).
2008-01-02 02:33:05 -06:00
Jacques Distler c8196cbe41 More Unicode Fun
From Philip Taylor (via Henri Sivonen): disallow U+fffe and U+ffff.
2008-01-01 22:00:07 -06:00
Jacques Distler 14e3728183 A Tweak to the Error-Page Layout 2007-12-30 20:34:08 -06:00
Jacques Distler 0c16ab4e6f Better Error for Stale Session
Rather than giving a generic 500 error, tell the user to reload the page.
2007-12-30 10:41:19 -06:00
Jacques Distler a2c7705de5 More of the Same. 2007-12-30 03:58:57 -06:00
Jacques Distler df28bd545a Well-Formed Error Pages
Apparently, my fans think returning raw text error messages are a bad thing.
Well-formed XHTML for them, I guess ...
2007-12-30 03:28:33 -06:00
Jacques Distler 5d52cf303f Conditional Use of New REXML Output Logic.
Thanks to Sam Ruby for pointing out the problem.
2007-12-28 19:58:22 -06:00
Jacques Distler 6cd8d8d2ef Fixes from Jason Blevins
Removed some (fossil) test dependencies and a deprecation warning.
Patched the Rails 2.0.2 routing code to emit old-style Instiki URLs.
2007-12-24 17:26:40 -06:00
Jacques Distler a0cf0951af Document the Secret Key configuration a bit 2007-12-24 17:18:30 -06:00
Jason Blevins f1106428dc Included a test for page names with spaces.
Upgraded to Rails 2.0.2 routing code.  Kept the "old" CGI-style escaping rather than using URI.escape.
2007-12-24 16:02:14 -05:00
Jason Blevins feed609d86 Removed unneeded test dependencies. 2007-12-24 15:33:39 -05:00
Jason Blevins d042b4fd94 config.breakpoint_server has been deprecated and has no effect. 2007-12-22 23:54:29 -05:00
Jason Blevins fc586e3f6b Sync with trunk: upgrade to Rails 2.0.2 2007-12-22 11:15:52 -05:00
Jacques Distler e74deb0cfb Unit test
Add a unit test for previous WikiWord fix.
2007-12-21 08:53:45 -06:00
Jacques Distler 6873fc8026 Upgrade to Rails 2.0.2
Upgraded to Rails 2.0.2, except that we maintain

   vendor/rails/actionpack/lib/action_controller/routing.rb

from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.

Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jason Blevins 7dbf8be706 Merged with trunk. 2007-12-19 21:20:11 -05:00
Jacques Distler 0f6889e09f Fix Unicode bug
Fix Diego Restrepo's bug (see Rev 184).
Update to latest HTML5lib.
2007-12-17 03:17:43 -06:00
Jacques Distler 18da1a1d71 Accommodate \nequiv in LaTeX output 2007-11-02 10:15:17 -05:00
Jacques Distler 70025a4ba3 More SVG Sanitization 2007-10-31 01:00:45 -05:00
Jason Blevins 8cd38d9ade Sync with trunk 2007-10-29 21:21:08 -04:00
Jacques Distler eca126f589 Sanitize <svg:image>
This element is unsafe.
2007-10-29 13:51:41 -05:00
Jacques Distler 9c55037626 Some more tests to track down Diego Restrepo's bug 2007-10-28 14:04:30 -05:00
Jacques Distler f24c60c3fb Better handling of SVG attributes which admit uri refs
Just strip out the URI ref, leaving alternates.
2007-10-27 23:08:13 -05:00
Jacques Distler 5208bbf0af Sanitize url refs in SVG attributes
Add some tests.
Sync with latest HTML5lib (includes above sanitization improvements).
2007-10-27 17:34:29 -05:00
Jacques Distler ae82f1be49 Whoops!
Fix an inadvertently broken test.
2007-10-26 16:09:50 -05:00
Jacques Distler 8ce5016b41 UTF-8 Bug
Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling.
Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.
2007-10-26 00:48:43 -05:00
Jason Blevins 1c5e5999cd Sync with trunk 2007-10-24 08:08:34 -04:00
Jacques Distler a92b593949 SVG in Equations
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler 36f55fc9aa Add support for the MathML <semantics> Element 2007-10-21 02:19:10 -05:00
Jason Blevins 84b6602792 Merge with trunk. 2007-10-17 08:04:42 -04:00
Jacques Distler a728caf493 Add tmp Directory
Purportedly, this in needed to get  Instiki to work with mongrel_cluser.
2007-10-15 14:18:33 -05:00
Jacques Distler 207fb1f7f2 New Version
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jason Blevins 7521a073b2 Sync with trunk 2007-10-15 07:16:33 -04:00
Jacques Distler de125367b0 Update RDOC documentation.
Update the documentation for sanitize.rb, to match current behaviour.
2007-10-14 22:22:18 -05:00
Jacques Distler 1911d18f65 Performance
OK. This is a better way: define a custom TreeWalker which converts named entities to utf-8 as it goes. This avoids having to do an extra tree traversal in sanitize_rexml, AND avoids the trainwreck that is html5/inputstream.rb.
2007-10-14 21:07:46 -05:00
Jacques Distler 198d7847bd Performance
My REXML::Element.to_ncr (and REXML::Element.to_utf8) is horribly slow. For long documents, it proves more efficient to serialize to a string, apply String.to_ncr (or String.to_utf8) and then Sanitize the string.
2007-10-13 16:32:04 -05:00
Jason Blevins 1cc2043cf6 Sync with trunk 2007-10-12 12:53:43 -04:00
Jacques Distler 0eb1ab56b0 More LaTeX Macros
Put in dummy macros for \statusline and \toggle.
Added colour definitions for HTML named colours.

Remaining  unimplemented:

   \color{#HHH} and \color{#HHHHHH}
   \bgcolor
   \array
   \righttoleftarrow
   \lefttorightarrow
2007-10-11 11:30:17 -05:00
Jacques Distler 148afb77e0 Sync with latest Maruku
Apparently, Maruku had trouble with the latest release of Ruby (1.8.6, patchlevel 110). This should fix it.
2007-10-10 22:06:44 -05:00
Jacques Distler 5dd75d4cb0 File Upload Links
I like this a little better.
2007-10-09 23:56:55 -05:00
Jason Blevins f785655a59 Sync with trunk 2007-10-09 20:02:02 -04:00
Jacques Distler fbdf4c5dfe Fix Broken Test
Was not picking up user-supplied alt text in [[filename|Alt text:pic]].
Fixed.
2007-10-09 11:02:44 -05:00
Jacques Distler 402de89abf Tests for Rev 171
One test is still broken. Will fix.
2007-10-09 03:16:07 -05:00
Jacques Distler 0eb723e125 Accessibility: Use Uploaded File Descriptions
The file upload dialog asks for a description of the image or file to be uploaded. Use this as the default alt-text for the image and as a title attribute for a file link.
2007-10-09 02:51:38 -05:00
Jason Blevins 957f0e5721 Sync with trunk 2007-10-07 16:10:43 -04:00
Jacques Distler 179a0a9cb2 Might as well
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler 2484542f12 Security: HTTP GET Bypassed Spam Protection
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.

Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler be8bb3d06d InterWeb Links
From Jason Blevins:  [[Web Name:Page Name]] or [[Web Name:Page Name|alternate label]] produce inter-Web links on the same Instiki installation.
2007-10-06 16:04:11 -05:00
Jacques Distler 55fdc9fff4 Sync with latest HTML5lib 2007-10-06 11:55:58 -05:00
Jason Blevins e5f882d800 Applied URI chunk changes 2007-10-06 09:12:24 -04:00