aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki.pm
Commit message (Collapse)AuthorAge
* useragent: Automatically choose whether to use LWPx::ParanoidAgentSimon McVittie2019-02-26
| | | | | | | | | | | | | The simple implementation of this, which I'd prefer to use, would be: if we can import LWPx::ParanoidAgent, use it; otherwise, use LWP::UserAgent. However, aggregate has historically worked with proxies, and LWPx::ParanoidAgent quite reasonably refuses to work with proxies (because it can't know whether those proxies are going to do the same filtering that LWPx::ParanoidAgent would). Signed-off-by: Simon McVittie <smcv@debian.org>
* useragent: Don't allow non-HTTP protocols to be usedSimon McVittie2019-02-26
| | | | | | | This prevents the aggregate plugin from being used to read the contents of local files via file:/// URLs. Signed-off-by: Simon McVittie <smcv@debian.org>
* useragent: Raise an exception if the LWP module can't be loadedSimon McVittie2019-02-24
| | | | Signed-off-by: Simon McVittie <smcv@debian.org>
* preprocess: Don't encode digit zero as an entity in errorsSimon McVittie2018-03-21
| | | | | | | I'm not sure what happened here, but it seems to have been the wrong thing. Whitelist what we want to *not* encode instead. Signed-off-by: Simon McVittie <smcv@debian.org>
* preprocess: Escape most ASCII punctuation in error messagesSimon McVittie2018-02-28
| | | | | | | | | | | | This is a minimal version of what we should in principle do here, which is to escape the error message in whatever way is correct for embedding plain text in the surrounding wiki markup language. This implementation approximates that by assuming that HTML entities, alphanumerics and common punctuation characters are passed through the markup language unaltered, but punctuation characters might be misinterpreted. Signed-off-by: Simon McVittie <smcv@debian.org>
* add and use cgiurl_abs_sameschemeJoey Hess2018-01-05
| | | | | | | | | | | | | | | | * emailauth: Fix cookie problem when user is on https and the cgiurl uses http, by making the emailed login link use https. * passwordauth: Use https for emailed password reset link when user is on https. Not entirely happy with this approach, but I don't currently see a better one. I have not verified that the passwordauth change fixes any problem, other than the user getting a http link when they were using https. The emailauth problem is verified fixed by this commit. This commit was sponsored by Michael Magin.
* core: Don't decode the result of strftime if already tagged as UTF-8Simon McVittie2017-07-23
| | | | | It wasn't in old Perls, but might be in Perl >= 5.21.1 due to commit https://perl5.git.perl.org/perl.git/commit/9717af6 (Closes: #869240)
* check_canchange: report invalid filenames as intendedSimon McVittie2017-01-09
| | | | | | Instead of logging "bad file name %s" and attempting to call the (string) filename as a subroutine, actually do the intended sprintf operation.
* HTML-escape error messages (OVE-20160505-0012)Simon McVittie2016-05-05
| | | | | | | | | | | | The instance in cgierror() is a potential cross-site scripting attack, because an attacker could conceivably cause some module to raise an exception that includes attacker-supplied HTML in its message, for example via a crafted filename. (OVE-20160505-0012) The instances in preprocess() is just correctness. It is not a cross-site scripting attack, because an attacker could equally well write the desired HTML themselves; the sanitize hook is what protects us from cross-site scripting here.
* Don't fail to syslog if the wiki name contains %sSimon McVittie2016-01-21
| | | | This is a corner case spotted while fixing UTF-8 syslogging.
* Force log messages to be bytestringsSimon McVittie2016-01-21
| | | | Sys::Syslog is not UTF-8-literate.
* Add deterministic option and use it for the docwikiSimon McVittie2015-06-09
| | | | It doesn't do anything yet.
* Do not directly enable emailauth by default, only indirectly via openidSimon McVittie2015-05-27
| | | | | | | This avoids nasty surprises on upgrade if a site is using httpauth, or passwordauth with an account_creation_password, and relying on only a select group of users being able to edit the site. We can revisit this for ikiwiki 4.
* allow emailuser to be called when there is no %config setJoey Hess2015-05-19
| | | | ikiwiki-hosting needs to do this
* make cgiurl output deterministicDaniel Kahn Gillmor2015-05-19
| | | | | | | | IkiWiki::cgiurl() currently produces non-deterministic output, because the params hash can be sorted different ways. Sorting keys to params before crafting the string should make the output deterministic.
* cloak user PII when making commits etc, and let cloaked PII be used in ↵Joey Hess2015-05-14
| | | | | | | | | | | | | | banned_users This was needed due to emailauth, but I've also wrapped all IP address exposure in cloak(), although the function doesn't yet cloak IP addresses. (One IP address I didn't cloak is the one that appears on the password reset email template. That is expected to be the user's own IP address, so ok to show it to them.) Thanks to smcv for the pointer to http://xmlns.com/foaf/spec/#term_mbox_sha1sum
* sanitize nickname derived from email addressJoey Hess2015-05-14
|
* avoid showing password prefs for emailauth userJoey Hess2015-05-13
|
* If neither timezone nor TZ is set, set both to :/etc/localtime if we're on a ↵Simon McVittie2015-03-01
| | | | GNU system and that file exists, or GMT otherwise
* Fix getlibdirs when libdirs is unsetSimon McVittie2014-12-16
|
* Simplify libdirs: libdirs must be plural, libdir must be a single stringSimon McVittie2014-12-09
| | | | | This makes the documentation read more sensibly, and matches how we handle underlaydirs and underlaydir.
* Merge remote-tracking branch 'spalax/paternal/libdirs'Simon McVittie2014-12-09
|\
| * Make getlibdirs return an array (or whathever this type is called in perl)Louis2014-12-06
| |
| * Allow several extra library and plugin directories (libdir option)Louis2014-12-06
| |
* | entabAmitai Schlair2014-12-02
| |
* | in debug mode, issue a warning before waiting for a lockMark Jason Dominus (陶敏修)2014-12-02
| |
* | page.tmpl: tell mobile browsers we have a responsive layout, unless told not toSimon McVittie2014-12-01
| | | | | | | | | | | | | | | | | | | | Mobile browsers typically assume that arbitrary web pages are designed for a "desktop-sized" browser window (around 1000px) and display that layout, zoomed out, in order to avoid breaking naive designs that assume nobody will ever look at a website on a phone or something. People who are actually doing "responsive design" need to opt-in to mobile browsers rendering it at a more normal size.
* | Always produce HTML5 doctype and new attributes, but not new elementsSimon McVittie2014-10-16
|/ | | | | | | | | | | | | According to caniuse.com, a significant fraction of Web users are still using Internet Explorer versions that do not support HTML5 sectioning elements. However, claiming we're XHTML 1.0 Strict means we can't use features invented in the last 12 years, even if they degrade gracefully in older browsers (like the role and placeholder attributes). This means our output is no longer valid according to any particular DTD. Real browsers and other non-validator user-agents have never cared about DTD compliance anyway, so I don't think this is a real loss.
* Set default User-Agent to something that doesn't mention libwww-perlSimon McVittie2014-10-12
| | | | | | | | | It appears that both the open-source and proprietary rulesets for ModSecurity default to blacklisting requests that say they are from libwww-perl, presumably because some script kiddies use libwww-perl and are too inept to set a User-Agent that is "too big to blacklist", like Chrome or the iPhone browser or something. This seems doomed to failure but whatever.
* Add reverse_proxy option which hard-codes cgiurl in CGI outputSimon McVittie2014-10-05
| | | | | This solves several people's issues with the CGI trying to be too clever when IkiWiki is placed behind a reverse-proxy.
* Avoid mixed content when cgiurl is https but url is notSimon McVittie2014-10-05
|
* Use protocol-relative URIs if cgiurl and url differ only by authority (hostname)Simon McVittie2014-10-05
|
* Merge branch 'ready/templatebody'Simon McVittie2014-09-15
|\
| * Track whether we're in the scan or render phaseSimon McVittie2014-03-05
| | | | | | | | | | | | | | | | In the scan phase, it's too early to match pagespecs or sort pages; in the render phase, both of those are OK. It would be possible to add phases later, renumbering them if necessary to maintain numerical order.
| * Add templatebody plugin and directive, and enable it by defaultSimon McVittie2014-03-05
| | | | | | | | Also add a regression test for templatebody.
| * add readtemplate hookSimon McVittie2014-03-05
| |
* | add more wording based on what chrysn suggestedSimon McVittie2014-09-15
| |
* | Merge branch 'ready/document-success-reason'Simon McVittie2014-09-15
|\ \
| * | SuccessReason: add some explanatory commentsSimon McVittie2014-03-03
| |/ | | | | | | | | | | | | Whenever I look at dependency calculation, it takes me a while to get my head round the concept of influences. If what I've written here is accurate, maybe the next person to look at this (or my future self) will need less of a run-up.
* | Merge branch 'ready/trail-sort'Simon McVittie2014-09-12
|\ \
| * | trail: don't generate a costly dependency when forcing sort orderSimon McVittie2014-07-11
| |/ | | | | | | | | | | | | | | pagespec_match_list() makes the current page depend on the pagespec being matched, so if you use [[!trailoptions sort="..."]] to force a sort order, the trail ends up depending on internal(*) and is rebuilt whenever anything changes. Add a new sort_pages() and use that instead.
* / Make --no-gettime work in initial build. Closes: #755075Joey Hess2014-08-28
|/
* Allow up to 8 levels of nested directives, rather than previous 3 in ↵Joey Hess2014-02-23
| | | | directive infinite loop guard.
* Merge remote-tracking branch 'anarcat/dev/syslog_utf8'Joey Hess2014-02-23
|\
| * don't edit config setting, but a temporary variable, complete and unbreak testsAntoine Beaupré2013-11-29
| |
| * recover gracefully from syslog failuresAntoine Beaupré2013-11-29
| |
* | Bug#737121: ikiwiki: [PATCH] Implement configuration option to set the user ↵Tuomas Jormola2014-02-01
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | agent string for outbound HTTP requests Package: ikiwiki Version: 3.20140125 Severity: wishlist By default, LWP::UserAgent used by IkiWiki to perform outbound HTTP requests sends the string "libwww-perl/<version number>" as User-Agent header in HTTP requests. Some blogging platforms have blacklisted the user agent and won't serve any content for clients using this user agent string. With IkiWiki configuration option "useragent" it's now possible to define a custom string that is used for the value of the User-Agent header.
* | Added only_committed_changes config setting, which speeds up wiki refresh by ↵Joey Hess2013-11-16
| | | | | | | | querying git to find the files that were changed, rather than looking at the work tree. Not enabled by default as it can break some setups where not all files get committed to git.
* | Optmised loadindex by caching the page name in the index.Joey Hess2013-11-16
| | | | | | | | | | | | | | | | | | | | | | | | | | I have benchmarked the pagename() call this avoids taking up to 2 seconds for a loadindex in a large wiki. The total loadindex for that wiki was 6.46s, so this is a significant improvment. Even on a smaller site, this reduces the refresh time from 1.69 to 1.52 seconds. The only breakage risk here is that pagename() can change the page name it calculates due to setup changes. But in the case of a setup change, the whole site is rebuilt. So the cached page name is not used in that case.
* | Fixed unncessary tight loop hash copy in saveindex where a pointer can be ↵Joey Hess2013-11-16
|/ | | | | | | | | used instead. Can speed up refreshes by nearly 50% in some circumstances. I *think* this is ok, at least it results in close to the same index being saved as before. The difference is that plugins that have a pagestate of {} have that recorded this way, while with the tight loop, the key for the plugin in not copied in that case. I cannot see how this could matter.