instiki

Author	SHA1	Message	Date
Jacques Distler	11930dfabd	Update HTML5lib Sanitizer Test, Accordingly	2008-12-01 14:11:57 -06:00
Jacques Distler	af8157130a	Clarify form_spam_protection Error Message You need cookies enabled, too (since Instiki stores session data in a cookie).	2008-11-30 17:44:21 -06:00
Jacques Distler	620052a5ba	Whoops! As usual, forgot to 'bzr add' these. Completes the upgrade to Rails 2.2.2.	2008-11-24 16:19:37 -06:00
Jacques Distler	2e81ca2d30	Rails 2.2.2 Updated to Rails 2.2.2. Added a couple more Ruby 1.9 fixes, but that's pretty much at a standstill, until one gets Maruku and HTML5lib working right under Ruby 1.9.	2008-11-24 15:53:39 -06:00
Jacques Distler	bceb1864df	Fixes Fix Session CookieOverflow bug when rescuing an InstikiValidation error. Fix some random things which will cause problems with Ruby 1.9. (Plenty more where those came from.)	2008-11-05 22:24:14 -06:00
Jacques Distler	7600aef48b	Upgrade to Rails 2.2.0 As a side benefit, fix an (non-user-visible) bug in display_s5(). Also fixed a bug where removing orphaned pages did not expire cached summary pages.	2008-10-27 01:47:01 -05:00
Jacques Distler	39348c65c2	Make Andrea Happy Use a counter, instead of rand() to aid in generating unique IDs in Maruku. Add Unit test for the Theorem Environment.	2008-10-25 00:52:59 -05:00
Jacques Distler	e48b000c11	Tweak from Ari Stern Match Maruku Revision 184: change wrapper for embedded TeX in display equation from a <div> to a <span>.	2008-10-23 22:44:53 -05:00
Jacques Distler	0fdb13b257	Whoops! Forgot one. This fixes LaTeX output for Theorem cross-refs.	2008-10-21 00:26:31 -05:00
Jacques Distler	8d1d8a5693	Security: Response Splitting Apply a patch to close the Response Splitting vulnerability in Rails. See http://weblog.rubyonrails.org/2008/10/19/response-splitting-risk	2008-10-20 14:22:17 -05:00
Jacques Distler	2fb41f12ce	Automatic Theorem Numbering Can now refer to numbered theorems by \ref{...}, as in LaTeX	2008-10-20 00:24:22 -05:00
Jacques Distler	da81a2fbdb	Fix bug in IAL detection in maruku/ext/div.rb	2008-10-17 22:34:16 -05:00
Jacques Distler	34082fbf94	Theorem Environments Implement amsthm-like Theorem environments with Maruku. Support is based on Maruku "div"s with special class-names. Classes num_* produce numbered environments, and un_* produce un-numbered environments, where * is one of theorem (for Theorem) lemma (for Lemma) prop (for Proposition) cor (for Corollary) def (for Definition) example (for Example) remark (for Remark) note (for Note) In addition, the class proof produces a Proof environment. The LaTeX export works as expected, and these also work in the S5 view. Bumped version number.	2008-10-17 16:26:17 -05:00
Jacques Distler	6f3e9a9e17	Enable Maruku div Markdown extension	2008-10-15 10:29:35 -05:00
Jacques Distler	d4f97345db	Rails 2.1.1 Among other things, a security fix.	2008-09-07 00:54:05 -05:00
Jacques Distler	37aff87d71	Sync with latest Maruku Contains Ari Stern's additions for Blahtex support.	2008-08-05 13:18:23 -05:00
Jacques Distler	e1c7d035c9	Some more SVG attributes for the sanitizer From Sam Ruby.	2008-07-28 10:57:55 -05:00
Jacques Distler	c427807274	Blahtex Sync with latest Maruku. Pave the way for Blahtex (PNG-based math) support (from Ari Stern). (no visible functionality, yet, but that will come)	2008-07-26 04:14:41 -05:00
Jacques Distler	4e3aefd9d3	Cleanup: Remove some .gitignore files These crept into the distribution.	2008-06-02 08:13:53 -05:00
Jacques Distler	516d6dfac0	Rails 2.1 Update to Rails 2.1 final.	2008-06-02 01:35:38 -05:00
Jacques Distler	800880f382	Rough In New Sanitizer Start work (which may not pan out) on a new sanitizer. Right now, it passes all but 1 of the HTML5lib Sanitizer's unit tests. But it doesn't do much of anything to ensure well-formedness. This is not an issue for Maruku-processed content, but it is a concern for <nowiki> blocks. (One solution would be to use the HTML5lib parser on <nowiki> blocks.) In any case, this baby is 3 times as fast as the HTML5lib sanitizer.	2008-05-20 17:02:10 -05:00
Jacques Distler	5292899c9a	Rails 2.1 RC1 Updated Instiki to Rails 2.1 RC1 (aka 2.0.991).	2008-05-17 23:22:34 -05:00
Jacques Distler	1d5faf4a84	Upgrade to latest REXML Sync with REXML svn.	2008-04-12 18:56:02 -05:00
Jacques Distler	9b7b6fb805	Latest Maruku and Tweak for itex2MML 1.3.4 Instiki's LaTeX output also supports \Perp.	2008-02-29 01:30:46 -06:00
Jacques Distler	5dd0507acc	Support svg:foreignObject Fixes to the html5lib sanitizer and maruku to support the SVG <foreignObject> element. Also update to the latest REXML.	2008-02-03 23:56:17 -06:00
Jacques Distler	15640ca7a3	Latest REXML and Latest Maruku	2008-02-01 01:25:38 -06:00
Jacques Distler	550c2e6c40	Remove the action_cache plugin The action_cache plugin is now rather superfluous (Rails has native support for ETags, for instance). And it wasn't working right with Rails 2.0.x (pages were being cached, and 304s were being returned as appropriate, but cached pages were not being served).	2008-01-22 23:35:35 -06:00
Jacques Distler	5db9ddaf47	Fix Busted Functional Tests Fix the functional tests busted by Revision 212. Sync with latest HTML5lib.	2008-01-21 11:59:55 -06:00
Jacques Distler	51474e06c8	Styling Hook Add a distinct class-name for the footer in the page view.	2008-01-19 15:06:17 -06:00
Jacques Distler	bb3ccfed4e	Make life a little more difficult for spammers Sessions are now stored in a cookie (signed and Base-64 encoded). Form_spam_protection stores form_keys in the session. Make sure spambots implement both cookies and javascript, by storing hashed (with salt) keys in the session.	2008-01-18 14:49:28 -06:00
Jacques Distler	e7d080db25	Slightly More Efficient A slightly more efficient implementation of the above change to form_spam_protection.	2008-01-17 03:47:08 -06:00
Jacques Distler	72b4f97382	Garbage Collection of :form_keys In each session, keep only the 30 most recent :form_keys generated by form_spam_protection. This should be more than enough for ordinary usage, but prevents the session data from becoming inordinately large. Also, burnt-orange rulz!	2008-01-17 03:20:19 -06:00
Jacques Distler	4586614914	Misc Cleanup Cleaned up some dependencies, and added a mime_types.yml file for Mongrel-compatibility.	2008-01-14 14:46:38 -06:00
Jacques Distler	f101ee9a21	Manage_Fixtures Make sure manage_fixtures plugin doesn't mess with fixtures in test/fixtures. Also, a slightly more elegant version of the REXML version test.	2008-01-13 00:26:25 -06:00
Jacques Distler	38ae064b8a	Bundle Latest REXML Sam Ruby has been doing a bang-up job fixing the bugs in REXML. Who knows when these improvements will trickle down to vendor distributions of Ruby. In the meantime, let's bundle the latest version of REXML with Instiki. We check the version number of the bundled REXML against that of the System REXML, and use whichever is later.	2008-01-11 23:53:29 -06:00
Jacques Distler	1085168bbf	Update to latest HTML5lib, Add Maruku testdir Sync with the latest html5lib. Having the Maruku unit tests on-hand may be useful for debugging; so let's include them.	2008-01-08 00:01:35 -06:00
Jacques Distler	5d52cf303f	Conditional Use of New REXML Output Logic. Thanks to Sam Ruby for pointing out the problem.	2007-12-28 19:58:22 -06:00
Jason Blevins	f1106428dc	Included a test for page names with spaces. Upgraded to Rails 2.0.2 routing code. Kept the "old" CGI-style escaping rather than using URI.escape.	2007-12-24 16:02:14 -05:00
Jacques Distler	6873fc8026	Upgrade to Rails 2.0.2 Upgraded to Rails 2.0.2, except that we maintain vendor/rails/actionpack/lib/action_controller/routing.rb from Rail 1.2.6 (at least for now), so that Routes don't change. We still get to enjoy Rails's many new features. Also fixed a bug in Chunk-handling: disable WikiWord processing in tags (for real this time).	2007-12-21 01:48:59 -06:00
Jacques Distler	0f6889e09f	Fix Unicode bug Fix Diego Restrepo's bug (see Rev 184). Update to latest HTML5lib.	2007-12-17 03:17:43 -06:00
Jacques Distler	70025a4ba3	More SVG Sanitization	2007-10-31 01:00:45 -05:00
Jacques Distler	eca126f589	Sanitize <svg:image> This element is unsafe.	2007-10-29 13:51:41 -05:00
Jacques Distler	f24c60c3fb	Better handling of SVG attributes which admit uri refs Just strip out the URI ref, leaving alternates.	2007-10-27 23:08:13 -05:00
Jacques Distler	5208bbf0af	Sanitize url refs in SVG attributes Add some tests. Sync with latest HTML5lib (includes above sanitization improvements).	2007-10-27 17:34:29 -05:00
Jacques Distler	8ce5016b41	UTF-8 Bug Create a test case for utf-8 bug reported by Diego Restrepo. Seems to be related to WikiWord chunk handling. Add some other tests, and fix a minor bug in vendor/plugins/maruku/lib/maruku/ext/math/latex_fix.rb.	2007-10-26 00:48:43 -05:00
Jacques Distler	a92b593949	SVG in Equations Support the new "svg" environment from itex2MML 1.3.	2007-10-22 22:24:25 -05:00
Jacques Distler	36f55fc9aa	Add support for the MathML <semantics> Element	2007-10-21 02:19:10 -05:00
Jacques Distler	207fb1f7f2	New Version Sync with Latest Instiki Trunk. Migrate to Rails 1.2.5. Bump version number.	2007-10-15 12:16:54 -05:00
Jacques Distler	148afb77e0	Sync with latest Maruku Apparently, Maruku had trouble with the latest release of Ruby (1.8.6, patchlevel 110). This should fix it.	2007-10-10 22:06:44 -05:00
Jacques Distler	55fdc9fff4	Sync with latest HTML5lib	2007-10-06 11:55:58 -05:00
Jacques Distler	c67382d340	Start on LaTeX Pave the way for Jason's LaTeX macro support. Also, uniformize the capitalization of "ETag".	2007-10-04 02:50:08 -05:00
Jacques Distler	b0e316e37c	Minor Fixes Get rid of Redefined CONSTANT warning. Make WEBrick respond to TERM signal. (Launchd, in particular, requires this.) Rollback superfluous change to rails/actionpack/lib/action_controller/base.rb. Handled by the action_cache plugin.	2007-10-01 22:09:51 -05:00
Jacques Distler	06d96349e4	Don't stomp on test/fixtures, when dumping the database to YAML Tweak the manage_fixtures plugin to use the dump/fixtures instead of test/fixtures directory.	2007-09-23 01:50:40 -05:00
Jacques Distler	e8769c0b83	Add the manage_fixtures plugin for easy database migration	2007-09-20 00:36:07 -05:00
Jacques Distler	ed68d975df	Update to latest HTML5lib Fix that Tokenizer bug for real this time.	2007-09-09 22:26:19 -05:00
Jacques Distler	5b182bd228	HTML5lib Bug Fixed a bug in the HTML5lib tokenizer (affects S5 slideshows). Some miscellaneous code cleanup. In particular, don't bother with zapping control characters; instead, rely on is_utf8? method to raise an exception (which we do anyway).	2007-09-06 10:40:48 -05:00
Jacques Distler	f482036683	S5 Themes Support Added support for S5 Themes. Themes are stored in the public/s5/themes/ directory. 6 themes are included: default, nautilus, blue, flower, i18n, pixel.	2007-09-05 08:38:54 -05:00
Jacques Distler	81d3cdc8e4	Minor S5 tweaks and Sync with Latest HTML5lib	2007-08-30 12:19:10 -05:00
Jacques Distler	1bc5da0053	Use XHTMLSerializer, where appropriate.	2007-07-04 18:53:03 -05:00
Jacques Distler	8ccaad85a5	Sync with latest HTML5lib and latest Maruku	2007-07-04 17:36:59 -05:00
Jacques Distler	8e92e4a3ab	Sync with latest HTML5lib	2007-06-22 03:12:08 -05:00
Jacques Distler	df2898d940	Fix Caching bug (bis) Nope! It's not a Rails bug. It's an action_cache plugin bug, after all. Fixed now.	2007-06-15 09:59:32 -05:00
Jacques Distler	31f691329a	Fix Caching Bug Files with "+"s in their names (e.g. from Wiki pages with spaces in their names) were not being expired properly. This is actually a Rails bug, but I fixed it by patching the action_cache plugin.	2007-06-15 09:18:06 -05:00
Jacques Distler	3de374d6c1	More fixes, sync with HTML5lib Do a better job with the wrapper <div>s added by xhtmldiff and Maruku's to_html_tree method. More tests fixed.	2007-06-13 23:05:15 -05:00
Jacques Distler	3ca33e52b5	Cleanup Got rid of redcloth_for_tex. Fixed almost all the busted tests.	2007-06-13 01:56:44 -05:00
Jacques Distler	2da672ec5b	Many Minor Fixes Fixed a whole bunch of minor stuff. Had a go at getting some of the plethora of broken tests to pass.	2007-06-12 17:37:55 -05:00
Jacques Distler	0ddd422059	Sync with latest HTML5lib	2007-06-11 23:33:06 -05:00
Jacques Distler	c2bfdefa57	Another XSS fix Yet another interesting XSS attack from http://ha.ckers.org/xss.html	2007-06-11 00:03:51 -05:00
Jacques Distler	aac197430c	More XSS vectors defanged	2007-06-10 15:07:26 -05:00
Jacques Distler	a6cbf38304	Table elements, too Last fixup for the sanitizer tests.	2007-06-09 22:53:35 -05:00
Jacques Distler	6b2ec7354b	Rationalize Sanitizer Tests	2007-06-09 22:21:50 -05:00
Jacques Distler	3bf560c3b3	Updated to Latest HTML5lib Synced with latest HTML5lib. Added some RDoc-compatible documentation to the sanitizer.	2007-06-08 17:26:00 -05:00
Jacques Distler	86a7577975	Renamed one function.	2007-06-06 14:36:54 -05:00
Jacques Distler	0012efcfb4	Fixed Porting Error in HTML5lib Serializer	2007-06-06 08:44:57 -05:00
Jacques Distler	8846b2cda5	Sync with Latest HTML5lib Some more tweaks	2007-06-06 08:12:03 -05:00
Jacques Distler	fd183eac04	More Tests Put the Serializer version of the Sanitizer through its paces.	2007-06-06 00:56:43 -05:00
Jacques Distler	e1acebe6e4	Bugfix Me stoopid.	2007-06-05 18:06:26 -05:00
Jacques Distler	bd8ba1f4b1	REXML Trees Synced with latest HTML5lib. Added preliminary support (currently disabled) for sanitizing REXML trees.	2007-06-05 16:34:49 -05:00
Jacques Distler	4dd70af5ae	HTML5lib is Back. Synced with latest version of HTML5lib, which fixes problem with Astral plane characters. I should really do some tests, but the HTML5lib Sanitizer seems to be 2-5 times slower than the old sanitizer.	2007-05-30 10:45:52 -05:00
Jacques Distler	dc629f5c07	Do Content-negotiation for Cached Content The action_cache plugin broke our content-negotiation. Fixed.	2007-05-28 12:48:42 -05:00
Jacques Distler	5db9b7d3ea	Fixed action_cache Plugin The action_cache plugin had Conditional GET (If-Modified-Since) support. I added ETag (If-None-Match) support.	2007-05-26 14:11:53 -05:00
Jacques Distler	d62b880e3f	ETags and Action Caching Added the action_cache plugin http://agilewebdevelopment.com/plugins/action_cache which does action-caching with ETags support. The built-in Rails ETags "solution" sucks, because it forces a page-rerender, even when the content is unchanged.	2007-05-25 22:52:42 -05:00
Jacques Distler	6b21ac484f	HTML5lib Sanitizer Replaced native Sanitizer with HTML5lib version. Synced with latest Maruku.	2007-05-25 20:52:27 -05:00
Jacques Distler	457ec8627c	ETag Support from Edge-Rails Added ETag support from http://dev.rubyonrails.org/changeset/6158	2007-05-18 16:53:58 -05:00
Jacques Distler	19889c98d4	Safari's DOM support in XHTML is horribly broken. Send it S5 slideshows as text/html. (Sorry: no inline SVG for you!) Turn on Maruku's Math support in S5 slideshows, only if corresponding Web is Math-enabled.	2007-03-30 12:25:59 -05:00
Jacques Distler	9b9d134ad9	Fix upgrade to Rails 1.2.3. Fix log-rotation (the previous attempt didn't quite work as advertised).	2007-03-21 15:37:29 -05:00
Jacques Distler	7adac51d6d	Sync with latest Instiki trunk. Changes: 1) Upgrade Rails to 1.2.3 2) Revert RedCloth to previous version (who %#$@ cares?) 3) Preserve the Rails Security fix to vendor/rails/actionpack/lib/action_controller/caching.rb from Revision 80.	2007-03-18 11:56:12 -05:00
Jacques Distler	46a456b3ad	Security: ensure that the file system cache is not world-writable	2007-03-10 11:05:52 -06:00
Jacques Distler	4ae46b32d8	Sync with latest maruku.	2007-03-10 02:06:54 -06:00
Jacques Distler	8300133c8d	Sync with latest Maruku.	2007-03-07 12:49:06 -06:00
Jacques Distler	541ef91df4	Update to latest Maruku. Fixes alt text bug.	2007-03-04 15:32:21 -06:00
Jacques Distler	43dbd8712e	Another tweak to Maruku's S5 output (IE compatibility).	2007-03-02 08:26:37 -06:00
Jacques Distler	5a352d0f5e	Sync with latest Maruku.	2007-03-01 22:46:49 -06:00
Jacques Distler	e93cedb155	Fixed S5 page numbering.	2007-03-01 11:15:45 -06:00
Jacques Distler	41ff4724b8	Converging on S5 support.	2007-03-01 03:05:35 -06:00
Jacques Distler	02c6ed2fa0	More progress on S5. Forgot to add gremlin zapping in app/views/wiki/edit.rhtml.	2007-02-28 18:38:52 -06:00
Jacques Distler	8359047fd5	Start on adding S5 support to Instiki.	2007-02-28 13:31:34 -06:00
Jacques Distler	d1923e6387	Sync with latest Maruku.	2007-02-20 10:04:51 -06:00
Jacques Distler	21a403b04f	More XHTML validity and CSS cleanup.	2007-02-18 17:27:36 -06:00
Jacques Distler	fdbd6e288b	Sync with latest Maruku.	2007-02-16 23:40:06 -06:00
Jacques Distler	82e56697ee	Fix bug in Maruku.	2007-02-16 09:39:49 -06:00
Jacques Distler	ff63e894b2	Sync with latest Maruku. Finally able to ditch BlueCloth completely.	2007-02-14 20:32:24 -06:00
Jacques Distler	0556f43180	XHTML-safe version of form_spam_protection.	2007-02-14 11:00:11 -06:00
Jacques Distler	d291318f3e	Sync with latest (2/13/2007) Instiki svn.	2007-02-13 09:55:26 -06:00
Jacques Distler	f896f8fbdc	Added support for @xml:lang and blockquote@cite to Maruku. Added Javascript styling for blockquote@cite.	2007-02-13 03:25:05 -06:00
Jacques Distler	63e217bcfd	Moved Maruku (and its dependencies) and XHTMLDiff (and its dependencies) to vendor/plugins/ . Synced with Instiki SVN.	2007-02-10 23:03:15 -06:00
Jacques Distler	bba0cf6b10	Ooops! Fixed upgrade of Rails.	2007-02-09 17:12:31 -06:00
Jacques Distler	c358389f25	TeX and CSS tweaks. Sync with latest Instiki Trunk (Updates Rails to 1.2.2)	2007-02-09 02:04:31 -06:00
Jacques Distler	69b62b6f33	Checkout of Instiki Trunk 1/21/2007.	2007-01-22 07:43:50 -06:00

1 2 3 4 5

209 commits