Commit graph

93 commits

Author SHA1 Message Date
Jacques Distler
43aadecc99 Links in Published Webs
Links in the 'show' action should be to the 'show' action.
Links in the 'published' action should be to the 'published' action.
Try to focus, Distler!
2009-02-01 16:17:14 -06:00
Jacques Distler
b4b1dde8fd Update Tests
Functional Test for the new behaviour of Revisions 344-345.
2009-01-26 08:57:13 -06:00
Jacques Distler
5d15e3f39d Security: Instiki 0.16.2
On Webs with file uploads enabled, uploaded files were stored
(in version 0.16.1 and earlier) in the public/ directory.

This was a security threat. A miscreant could upload a .html file.
When a user clicked on the link to the file, it was opened (unsanitized)
in the browser.

As of version 0.16.2, uploaded files are stored in the webs/
directory. Now, when the user clicks on the link, the file is sent
with the

    Content-Disposition: attachment

header set, which causes the file to be downloaded, rather than opened
in the browser. As always, files downloaded from the internets should be
treated with caution. At least, this way, they are not aoutomatically 
opened in the browser.

To move your existing uploaded files to the new location, do a

     rake upgrade_instiki
2009-01-26 00:21:30 -06:00
Jacques Distler
0b2a6935a2 Export XHTML Pages
When a Web uses one of the Markdown Text Filters, and you export
all the pages as a zip file, you'd like the MathML and SVG to
render when the pages are viewed locally. This means saving them
with a .xhtml extension. Users of non-XHTML-capable browsers or
Textile users should still get .html files.
2009-01-23 11:02:16 -06:00
Jacques Distler
a6d80426a9 Revert Revision 338
That didn't work with nested includes:
A: [[!include B]]
B: [[!include C]]
C:   fubar!

Added a test for that issue.
2009-01-15 22:42:09 -06:00
Jacques Distler
1192f70f44 @import In Published View
In the Stylesheet Tweaks, the owner of a Web can specify an @import rule
to pull in CSS styles form an external file. This worked in the "show"
view, but was broken in the "published" view.

Fixed.

Also, update a functional test to match Revision 313.
2008-12-22 12:19:18 -06:00
Jacques Distler
8373befa0b Tests for Recursive Include Fix 2008-12-21 13:31:59 -06:00
Jacques Distler
7828d79d35 Password Mismatch
When setting a password for a Web (on the "Edit Web" page),
ensure that the password matches. Previously, the "verify"
field was a placebo.
2008-12-20 17:54:54 -06:00
Jacques Distler
1f816af24b Uploaded Pictures Should Display in "Published" Mode 2008-12-20 13:56:50 -06:00
Jacques Distler
8eb59105ea Fix a Functional Test
For inexplicable reasons, this test passes on my system, even though (as
previously written) it shouldn't. Fixed now.
2008-12-17 14:11:14 -06:00
Jacques Distler
f842013243 Require required?
At least on some systems (not mine), it seems to be.
2008-12-17 10:38:34 -06:00
Jacques Distler
05b76f7625 Philip Taylor Freakout Edition
Doubtless, he would have been fleetingly ecstatic.
Alas, he a) probably doesn't subscribe to the bzr feed,
and b) is probably asleep at the moment.
2008-12-17 01:42:24 -06:00
Jacques Distler
5d2b0da4d5 Faster
Update dnsbl_check plugin to latest version.
Update Maruku to latest version.
In the wiki_controller, only apply the dnsbl_check before_filter 
  to the :edit, :new, and :save actions, instead of all actions.
  This makes mundane "show" requests faster, but does not 
  compromise spam-fighting ability.
2008-12-16 00:40:30 -06:00
Jacques Distler
34fcd7943a Some Tests
Some functional tests for 'delete orphaned pages by category'.
2008-12-07 00:24:25 -06:00
Jacques Distler
1b69b148de More Ruby 1.9 Compatibility fixes
Still a long way to go, but these will help.
2008-11-12 09:47:24 -06:00
Jacques Distler
daa12e575d Mo Better Exception Handling
A little more cleanup of Instiki's exception handling.
Add some tests.
2008-11-06 10:38:25 -06:00
Jacques Distler
bceb1864df Fixes
Fix Session CookieOverflow bug when rescuing an InstikiValidation error.
Fix some random things which will cause problems with Ruby 1.9. (Plenty
more where those came from.)
2008-11-05 22:24:14 -06:00
Jacques Distler
2fb41f12ce Automatic Theorem Numbering
Can now refer to numbered theorems by \ref{...}, as in LaTeX
2008-10-20 00:24:22 -05:00
Jacques Distler
34082fbf94 Theorem Environments
Implement amsthm-like Theorem environments with Maruku.
Support is based on Maruku "div"s with special class-names.
Classes
    num_*
produce numbered environments, and

    un_*

produce un-numbered environments, where * is one of

   theorem     (for Theorem)
   lemma       (for Lemma)
   prop        (for Proposition)
   cor         (for Corollary)
   def         (for Definition)
   example     (for Example)
   remark      (for Remark)
   note        (for Note)

In addition, the class

   proof

produces a Proof environment.

The LaTeX export works as expected, and these also work in the S5 view.

Bumped version number.
2008-10-17 16:26:17 -05:00
Jacques Distler
d2c4c8737c Match itex2MML 1.3.6
Add support for \sslash macro.
2008-09-05 16:45:07 -05:00
Jacques Distler
867d4e8787 A Few More MIME-Type Tests 2008-08-20 22:35:41 -05:00
Jacques Distler
863d60c578 Fix IE7+MathPlayer Bug
IE7+MathPlayer do *not* like the charset parameter to be set in the
Content-Type header. Forcing Rails to omit that parameter is surprisingly
difficult.
2008-08-20 00:22:12 -05:00
Jacques Distler
5292899c9a Rails 2.1 RC1
Updated Instiki to Rails 2.1 RC1 (aka 2.0.991).
2008-05-17 23:22:34 -05:00
Jacques Distler
5ca0760f7c Efficiency: Sanitize Once
Envoke the HTML5lib Sanitizer just once (when the content is finally rendered),
rather than each time it passes through the chunk-handler.
2008-05-15 01:22:13 -05:00
Jacques Distler
cd5c19e530 Routes
Make remove_orphaned_pages work in a proxied situation.
Also, "fix" a busted functional test. I'm not happy with
 this one. We're enforcing plain-text titles (which, I think,
 is the correct thing to do), but sending them as type="html",
 which then requires double-encoding.
2008-05-03 19:02:56 -05:00
Jacques Distler
8243cf9289 Fix broken functional test
From Revision 223.
2008-03-13 20:09:23 -05:00
Jacques Distler
5db9ddaf47 Fix Busted Functional Tests
Fix the functional tests busted by Revision 212.
Sync with latest HTML5lib.
2008-01-21 11:59:55 -06:00
Jacques Distler
ebc409e1a0 Ensure the_content REALLY is utf-8
Our check that the the_content was valid utf-8 was rather busted.
This one works right. In particular, we needed to expand NCRs before checking.
2008-01-03 15:27:03 -06:00
Jacques Distler
c89aeb6665 Some Tests for Philip Taylor Phun 'n Games
Some tests for the illegal Unicode characters in search queries (and elsewhere).
2008-01-02 02:33:05 -06:00
Jason Blevins
f1106428dc Included a test for page names with spaces.
Upgraded to Rails 2.0.2 routing code.  Kept the "old" CGI-style escaping rather than using URI.escape.
2007-12-24 16:02:14 -05:00
Jacques Distler
6873fc8026 Upgrade to Rails 2.0.2
Upgraded to Rails 2.0.2, except that we maintain

   vendor/rails/actionpack/lib/action_controller/routing.rb

from Rail 1.2.6 (at least for now), so that Routes don't change. We still
get to enjoy Rails's many new features.

Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).
2007-12-21 01:48:59 -06:00
Jacques Distler
18da1a1d71 Accommodate \nequiv in LaTeX output 2007-11-02 10:15:17 -05:00
Jacques Distler
5208bbf0af Sanitize url refs in SVG attributes
Add some tests.
Sync with latest HTML5lib (includes above sanitization improvements).
2007-10-27 17:34:29 -05:00
Jacques Distler
8ce5016b41 UTF-8 Bug
Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling.
Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.
2007-10-26 00:48:43 -05:00
Jacques Distler
198d7847bd Performance
My REXML::Element.to_ncr (and REXML::Element.to_utf8) is horribly slow. For long documents, it proves more efficient to serialize to a string, apply String.to_ncr (or String.to_utf8) and then Sanitize the string.
2007-10-13 16:32:04 -05:00
Jacques Distler
2484542f12 Security: HTTP GET Bypassed Spam Protection
Apparently, the form_spam_protect plugin only works with HTTP POST, not GET.
Unsafe operations (save and file-upload) should be POSTs anyway.
Fixed.

Also, two broken tests fixed. Only two Unit Tests now fail: both are minor bugs in XHTMLDiff.
2007-10-07 01:59:50 -05:00
Jacques Distler
be8bb3d06d InterWeb Links
From Jason Blevins:  [[Web Name:Page Name]] or [[Web Name:Page Name|alternate label]] produce inter-Web links on the same Instiki installation.
2007-10-06 16:04:11 -05:00
Jacques Distler
d0e834978a Fix Broken Tests
In preparation for adding new tests, let's fix the existing ones.
3 Unit tests and one Functional test still fail.

* Two unit tests are bugs in xhtmldiff
* One is a bug in Maruku
* A file upload functional test fails, for reasons that escape me.
2007-09-11 12:04:26 -05:00
Jacques Distler
3ca33e52b5 Cleanup
Got rid of redcloth_for_tex.
Fixed almost all the busted tests.
2007-06-13 01:56:44 -05:00
Jacques Distler
2da672ec5b Many Minor Fixes
Fixed a whole bunch of minor stuff.
Had a go at getting some of the plethora of broken tests to pass.
2007-06-12 17:37:55 -05:00
Jacques Distler
3b6cd309ff Sync with Instiki Trunk
Sync with Revision 519 of Instiki trunk (2007/5/7).
2007-05-11 11:47:38 -05:00
Jacques Distler
5f31d12a6f Updated tests to reflect new cookie scheme (from rev 17). 2007-02-09 17:29:17 -06:00
Jacques Distler
69b62b6f33 Checkout of Instiki Trunk 1/21/2007. 2007-01-22 07:43:50 -06:00