Jacques Distler
d46798dd08
Security: Sanitize Remote IP address
...
Dunno quite how, but evidently, request.ip is manipulable. Make sure it consists of a dotted-quad.
Also, correct a typo from the previous revision.
2008-03-14 10:50:06 -05:00
Jacques Distler
827fb77ad3
Missed One
...
One more place where @page.name appears.
2008-03-14 00:18:11 -05:00
Jacques Distler
609c5541b9
Yet More Philip Taylor Phun
...
Escape page names.
Grrr.
2008-03-13 23:02:12 -05:00
Jacques Distler
f739077976
Yet more well-formedness Phun
...
Error messages need to be escaped.
2008-03-13 18:06:16 -05:00
Jacques Distler
435bbfcd36
Further Tweaks
...
Follow up on revisions 221,222.
2008-02-29 09:46:21 -06:00
Jacques Distler
ad620f63d3
Web Style Tweaks are CDATA
...
Make sure they're properly escaped.
2008-02-29 02:40:22 -06:00
Jacques Distler
9b7b6fb805
Latest Maruku and Tweak for itex2MML 1.3.4
...
Instiki's LaTeX output also supports \Perp.
2008-02-29 01:30:46 -06:00
Jacques Distler
9a633c0792
Another small tweak to atom template
2008-01-28 01:25:33 -06:00
Jacques Distler
d0f7db4247
Fix atom:updated Times
...
Use page.revised_at instead of page.updated_at.
Thanks to Jason Blevins for pointing out the problem.
2008-01-28 01:13:28 -06:00
Jacques Distler
5a0a6b2ca1
More Philip Taylor Phun
...
More checks that page_names are valid utf_8.
2008-01-22 20:22:59 -06:00
Jacques Distler
51474e06c8
Styling Hook
...
Add a distinct class-name for the footer in the page view.
2008-01-19 15:06:17 -06:00
Jacques Distler
72b4f97382
Garbage Collection of :form_keys
...
In each session, keep only the 30 most recent :form_keys generated by form_spam_protection.
This should be more than enough for ordinary usage, but prevents the session data from
becoming inordinately large.
Also, burnt-orange rulz!
2008-01-17 03:20:19 -06:00
Jacques Distler
ebc409e1a0
Ensure the_content REALLY is utf-8
...
Our check that the the_content was valid utf-8 was rather busted.
This one works right. In particular, we needed to expand NCRs before checking.
2008-01-03 15:27:03 -06:00
Jacques Distler
14e3728183
A Tweak to the Error-Page Layout
2007-12-30 20:34:08 -06:00
Jacques Distler
0c16ab4e6f
Better Error for Stale Session
...
Rather than giving a generic 500 error, tell the user to reload the page.
2007-12-30 10:41:19 -06:00
Jacques Distler
a2c7705de5
More of the Same.
2007-12-30 03:58:57 -06:00
Jacques Distler
df28bd545a
Well-Formed Error Pages
...
Apparently, my fans think returning raw text error messages are a bad thing.
Well-formed XHTML for them, I guess ...
2007-12-30 03:28:33 -06:00
Jacques Distler
6873fc8026
Upgrade to Rails 2.0.2
...
Upgraded to Rails 2.0.2, except that we maintain
vendor/rails/actionpack/lib/action_controller/routing.rb
from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.
Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jacques Distler
18da1a1d71
Accommodate \nequiv in LaTeX output
2007-11-02 10:15:17 -05:00
Jacques Distler
a92b593949
SVG in Equations
...
Support the new "svg" environment from itex2MML 1.3.
2007-10-22 22:24:25 -05:00
Jacques Distler
207fb1f7f2
New Version
...
Sync with Latest Instiki Trunk.
Migrate to Rails 1.2.5.
Bump version number.
2007-10-15 12:16:54 -05:00
Jacques Distler
0eb1ab56b0
More LaTeX Macros
...
Put in dummy macros for \statusline and \toggle.
Added colour definitions for HTML named colours.
Remaining unimplemented:
\color{#HHH} and \color{#HHHHHH}
\bgcolor
\array
\righttoleftarrow
\lefttorightarrow
2007-10-11 11:30:17 -05:00
Jacques Distler
0eb723e125
Accessibility: Use Uploaded File Descriptions
...
The file upload dialog asks for a description of the image or file to be uploaded. Use this as the default alt-text for the image and as a title attribute for a file link.
2007-10-09 02:51:38 -05:00
Jacques Distler
179a0a9cb2
Might as well
...
Spammers aren't an issue here, but might as well enforce that these actions are POST-only, too.
2007-10-07 03:33:15 -05:00
Jacques Distler
2484542f12
Security: HTTP GET Bypassed Spam Protection
...
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.
Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler
f0090cf4ab
Whoops!
...
Committed the wrong version of tex.rhtml. This is the right one.
2007-10-04 15:46:20 -05:00
Jacques Distler
4be4125861
Remaining LaTeX macros
...
Added the remaining LaTeX macros from our list.
What remains is to decide on how to resolve the conflicting definitions of
\binom{}{}
and to supply suitable characters for
\righttoleftarrow
\lefttorightarrow
The plain TeX syntax {A \over B} is unsupported (passed through verbatim, and will cause a LaTeX error).
2007-10-04 13:43:57 -05:00
Jason Blevins
bcfa5b1f31
First commit of new Latex macros.
2007-10-04 09:55:11 -04:00
Jacques Distler
986c21527a
First Batch of LaTeX Macros
...
The first, uncontroversial, batch of LaTeX macros from Jason Blevins.
2007-10-04 03:16:45 -05:00
Jason Blevins
5b4936948b
Merged Jacques Distler's latest changes.
2007-10-02 09:56:56 -04:00
Jacques Distler
b0e316e37c
Minor Fixes
...
Get rid of Redefined CONSTANT warning.
Make WEBrick respond to TERM signal. (Launchd, in particular, requires this.)
Rollback superfluous change to rails/actionpack/lib/action_controller/base.rb. Handled by the action_cache plugin.
2007-10-01 22:09:51 -05:00
Jacques Distler
3b6523b4f4
rel=nofollow
...
A little search engine optimization.
2007-09-27 20:04:27 -05:00
Jason Blevins
8d48dd88fe
Sync with latest trunk
2007-09-19 13:53:22 -04:00
Jacques Distler
c54a78c026
Links in Published Webs
...
Links in published Webs (in particular, the author-link) should be to the published version of the page.
2007-09-15 14:39:28 -05:00
Jason Blevins
ee22cdf75e
Use Standard PageRenderer for S5 Content
2007-09-14 13:10:12 -04:00
Jacques Distler
54aada824c
Use Standard PageRenderer for S5 Content
...
From Jason Blevins: use the standard PageRenderer class to render S5 content. This way, WikiWords (etc) are processed in S5 slideshows.
2007-09-14 10:43:03 -05:00
Jason Blevins
61b7168d7a
Fixed regular expression to pick up S5 theme.
2007-09-13 20:41:39 -04:00
Jason Blevins
b8911bc388
Render S5 slideshows using Instiki's rendering engine framework so that WikiWord links are processed.
2007-09-13 20:25:20 -04:00
Jacques Distler
5b182bd228
HTML5lib Bug
...
Fixed a bug in the HTML5lib tokenizer (affects S5 slideshows).
Some miscellaneous code cleanup. In particular, don't bother with zapping control characters;
instead, rely on is_utf8? method to raise an exception (which we do anyway).
2007-09-06 10:40:48 -05:00
Jacques Distler
f482036683
S5 Themes Support
...
Added support for S5 Themes. Themes are stored in the public/s5/themes/ directory.
6 themes are included: default, nautilus, blue, flower, i18n, pixel.
2007-09-05 08:38:54 -05:00
Jacques Distler
81d3cdc8e4
Minor S5 tweaks and Sync with Latest HTML5lib
2007-08-30 12:19:10 -05:00
Jacques Distler
dbed460843
Fixed S5 output for Safari
...
Safari can now receive S5 slideshows as real XHTML.
2007-07-27 13:47:19 -05:00
Jacques Distler
b42a4c5fec
More TeX macros.
2007-07-10 21:32:00 -05:00
Jacques Distler
bf572e295f
A few TeX macros
...
Tiny steps towards usable LaTeX output.
2007-06-16 03:14:51 -05:00
Jacques Distler
3ca33e52b5
Cleanup
...
Got rid of redcloth_for_tex.
Fixed almost all the busted tests.
2007-06-13 01:56:44 -05:00
Jacques Distler
2da672ec5b
Many Minor Fixes
...
Fixed a whole bunch of minor stuff.
Had a go at getting some of the plethora of broken tests to pass.
2007-06-12 17:37:55 -05:00
Jacques Distler
3df61e352d
Fix for IE7+MathPlayer.
...
Based on
http://lists.w3.org/Archives/Public/www-math/2007May/0044.html
I've altered the Content-Type header sent to IE+MathPlayer. Rationale is
explained in
http://lists.w3.org/Archives/Public/www-math/2007May/0045.html
2007-05-29 17:10:20 -05:00
Jacques Distler
dc629f5c07
Do Content-negotiation for Cached Content
...
The action_cache plugin broke our content-negotiation.
Fixed.
2007-05-28 12:48:42 -05:00
Jacques Distler
6b21ac484f
HTML5lib Sanitizer
...
Replaced native Sanitizer with HTML5lib version.
Synced with latest Maruku.
2007-05-25 20:52:27 -05:00
Jacques Distler
e4e26400ef
One more file...
...
This one was missed by Revision 519 in Instiki Trunk. Fixed in my branch.
2007-05-11 12:42:18 -05:00