Commit graph

239 commits

Author SHA1 Message Date
Jacques Distler e3cbef7dcd Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-26 00:33:21 -05:00
Jacques Distler a5e08f7bcc Rails_xss Plugin
I installed the rails_xss plugin, for
the main purpose of seeing what will
break with Rails 3.0 (where the behaviour
of the plugin is the default). I think
I've fixed everything, but let me know if you
see stuff that is HTML-escaped, which
shouldn't be.

As a side benefit, we now use Erubis,
rather than ERB, to render templates.
They tell me it's faster ...
2010-05-26 00:27:49 -05:00
Jacques Distler 52f0dbb91c Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-25 12:46:37 -05:00
Jacques Distler f0635301aa Update to Rails 2.3.8 2010-05-25 12:45:45 -05:00
Jacques Distler 3745e4d669 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-23 23:23:50 -05:00
Jacques Distler 6677b46cb4 A few more additions for the Sanitizer 2010-05-23 23:22:45 -05:00
Jacques Distler ecf54415eb Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-22 14:37:18 -05:00
Jacques Distler 2781890832 Updated Sanitizer for HTML5
Sanitizer should recognize HTML elements
and attributes.

New Allowed Elements:

  article aside audio canvas command details
  dialog figcaption figure footer header
  hgroup mark meter nav progress rp rt ruby
  section source summary time video war 
       
(OK, audio and video were already there)

New Allowed Attributes:

  autocomplete contenteditable contextmenu
  draggable formaction icon low max min
  open optimum pattern placeholder preload
  pubdate required reversed  spellcheck step
  wrap

Attributes removed:

  abbr charset loopcount loopend loopstart
  noshade nowrap rev rules 


Maruku supports @start and @reversed on
ordered lists. It doesn't seem to support
IALs on li elements, so you still can't
attach @value to an li.
2010-05-22 14:34:08 -05:00
Jacques Distler 5a448c3d50 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-13 00:59:14 -05:00
Jacques Distler d9d353a350 Some HTML5 audio/video attributes for the Sanitizer 2010-05-13 00:47:09 -05:00
Jacques Distler a2c3e2a76c Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-05-08 23:46:33 -05:00
Jacques Distler fd9fc1455e Prefer Monkey-patching Rack Gem to Vendored Rack
This gets around a dreaded 

  in `load_missing_constant': Rack
  is not missing constant Handler! (ArgumentError)

error in latest Ruby 1.9.2-dev. (Ruby
1.8.x doesn't seem to care.)
2010-05-08 23:42:40 -05:00
Jacques Distler 3b87094327 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-04-02 00:02:58 -05:00
Jacques Distler da0c6a2ea1 Fix an SVG nonce bug
Dunno when this problem with randomized IDs arose.
But it's fixed now.

Also, sync with latest SVG-Edit.
2010-04-01 23:56:21 -05:00
Jacques Distler ce2416165b Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-02-25 02:29:58 -06:00
Jacques Distler aa0a151ba4 Uniquify IDs in SVG-Edit
Since we can have several SVG-Edit graphics
on a page, SVG-Edit should assign unique IDs
to elements, and do so in a fashion that survives
re-editing.

To do this, we use a nonce, and record its value in
a custom se:nonce attribute on the <svg> element.
(Is there a better way?). 

Also, preserve the custom se:connector attribute for
later editing purposes.
2010-02-25 02:25:16 -06:00
Jacques Distler 966bede8dc Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-02-23 23:10:47 -06:00
Jacques Distler c4003f79b3 Support SVG-Edit Custom Attribute(s)
Add support for se:connector attribute in
Instiki's Sanitizer.
2010-02-23 23:07:09 -06:00
Jacques Distler b1e0b4830b Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-02-06 01:17:12 -06:00
Jacques Distler b5a7f7ac05 Add MathML Support to SVG-edit
Doesn't actually render anything,
but doesn't strip out all the 
MAthML tags, either.
2010-02-06 01:14:42 -06:00
Jacques Distler 7249c074b0 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-02-05 21:40:24 -06:00
Jacques Distler c3ed5b461b Preliminary SVG-edit Support
WYSIWYG SVG editing.

Still no support for mixed
SVG/MathML content, yet.
2010-02-05 21:36:35 -06:00
Jacques Distler 716bc3d5b4 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-01-26 13:52:51 -06:00
Jacques Distler 49e89d0f85 Fix Caching
Fix the caching of pages with "." in
their names. This was busted.
2010-01-26 13:50:43 -06:00
Jacques Distler 3a9d1596d2 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-01-26 00:21:50 -06:00
Jacques Distler bafa7743f1 Allow Periods in Page Names
Thanks to Jeff Zellman.
2010-01-26 00:18:30 -06:00
Jacques Distler 711a98ccfb Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-01-25 22:06:13 -06:00
Jacques Distler cbb3e4b74f Less Grotty
Does what Revision 535 does, but
slightly less ugly.
2010-01-25 22:01:10 -06:00
Jacques Distler 820d2a94eb Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-01-25 18:46:11 -06:00
Jacques Distler 9dc59b7b7c Fix BlahTeX/PNG Path
Dunno why Ari tolerated this
up till now.
2010-01-25 17:55:31 -06:00
Jacques Distler a7d38ef6a1 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-01-23 18:12:23 -06:00
Jacques Distler 8ed5a88db0 Fix Zip Export and Print View
Fix http://bug.to/issues/show/335
and
http://bug.to/issues/show/334

We now bundle the uploaded files directory
(and the public/ directory for the (X)HTML
export) in the Zipball when exporting a Web.

Also, correct the Print View to produce proper links
uploaded files.
2010-01-23 18:01:02 -06:00
Jacques Distler 0cfea84802 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2010-01-03 13:23:26 -06:00
Jacques Distler e3aa626489 Better Display of Interweb Wikilinks
Perhaps not the most creative use of CSS. But,
at least, this will read better.
2010-01-03 13:19:47 -06:00
Jacques Distler d6b729b5b3 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-22 21:02:34 -06:00
Jacques Distler 7c51accaab Update Windows sqlite3.dll
For whatever the heck it's worth...
2009-12-22 21:00:23 -06:00
Jacques Distler b4758d9bfa Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-22 20:50:39 -06:00
Jacques Distler a71e64a172 Update Vendored sqlite3-ruby 2009-12-22 20:48:32 -06:00
Jacques Distler 67b27da5c9 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-18 23:57:05 -06:00
Jacques Distler 9874650e4b Silence Some Stupid Warnings in Ruby 1.9 2009-12-18 23:53:43 -06:00
Jacques Distler c391c0eeee Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-16 01:04:56 -06:00
Jacques Distler fe877a10b4 Make html_ext Available as a Helper
... and protected.
2009-12-16 00:59:33 -06:00
Jacques Distler 47941683ab Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-14 17:43:53 -06:00
Jacques Distler d3e79ea84a Make truncate() Unicode-aware 2009-12-14 17:41:28 -06:00
Jacques Distler 9ef71a7bce Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-12 15:30:47 -06:00
Jacques Distler a58bee7437 Another Textarea Tweak and a Ruby 1.9 Fix 2009-12-12 15:28:05 -06:00
Jacques Distler efd3def461 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-08 11:49:17 -06:00
Jacques Distler 023d84c4a4 Ack! This is better 2009-12-08 09:08:25 -06:00
Jacques Distler a06d5443e1 Merge branch 'bzr/golem' of /Users/distler/Sites/code/instiki 2009-12-08 08:52:09 -06:00
Jacques Distler faac8951a3 More Ruby 1.9 String Encoding Fun 2009-12-08 08:50:01 -06:00