| Commit message (Expand) | Author | Age |
|---|
| * | save whole form state, not just QUERY_STRING, for postsignin•••Normally, needsignin is called when there is a QUERY_STRING, not when a
form is posted. However, it's certianly possible, and should be supported,
to make a form that invokes an ikiwiki action that checks needsignin.
I encountered this when posting ?do=rename&page=foo. The form is displayed
without checking needsignin, for complicated reasons. Posting the form
is when the true authentication happens.
| Joey Hess | 2012-04-08 |
| * | record email of new users in userinfo for userlist | Joey Hess | 2011-06-09 |
| * | let's assume some web server will think OFF is a good idea.. | Joey Hess | 2011-06-03 |
| * | Support the Hiawatha web server which sets HTTPS=off rather than not setting ... | Joey Hess | 2011-06-03 |
| * | Fix broken baseurl in cgi mode when usedirs is disabled. Bug introduced in 3.... | Joey Hess | 2011-02-21 |
| * | fix urlto(undef) | Joey Hess | 2011-01-05 |
| * | add cgitemplate•••cgitemplate is a modified misctemplate that takes an optional cgi object
and uses it to set the baseurl, and also optionally the forcebaseurl,
if a page is provided.
If no cgi object is provided, it will fall back to using $config{url}.
I expect this will only be needed in exceptional cases where
that doesn't much matter, such as cgierror().
showform uses cgitemplate, so there is no more need for showform_preview.
| Joey Hess | 2011-01-05 |
| * | factored out an urlabs from aggregate and cgi | Joey Hess | 2011-01-05 |
| * | oops | Joey Hess | 2011-01-05 |
| * | typo | Joey Hess | 2011-01-05 |
| * | Fix redirect to use a full url.•••Was broken (in theory) by baseurl changes in last release.
| Joey Hess | 2011-01-05 |
| * | Fix base url when previewing. Was broken by urlto changes in last release.•••Added a showform_preview that is like showform, but sets forcebaseurl
to point to the page being previewed.
| Joey Hess | 2011-01-05 |
| * | Merge remote branch 'smcv/ready/sslcookie-auto' | Joey Hess | 2010-11-29 |
| |\ |
|
| | * | Always set secure cookies if logging in via HTTPS | Simon McVittie | 2010-11-29 |
| * | | Use local path for even more CGI URLs | Simon McVittie | 2010-11-23 |
| * | | Use local paths for redirection where possible | Simon McVittie | 2010-11-23 |
| |/ |
|
| * | stop using REMOTE_ADDR•••Everywhere that REMOTE_ADDR was used, a session object is available, so
instead use its remote_addr method.
In IkiWiki::Receive, stop setting a dummy REMOTE_ADDR.
Note that it's possible for a session cookie to be obtained using one IP
address, and then used from another IP. In this case, the first IP will now
be used. I think that should be ok.
| Joey Hess | 2010-06-23 |
| * | allow misctemplate callers to pass params to suppress actions etc•••Suppress disiplay of small search for on search results page, and of
Prefrences link on prefs page.
| Joey Hess | 2010-05-14 |
| * | moved non-openid signin form into same page as openid selector; show/hide as ... | Joey Hess | 2010-05-08 |
| * | simplify formbuilder stylesheet specification•••Since all forms are wrapped in a template that defines the actual
stylesheets, formbuilder just has to be told to turn on stylesheet mode,
not what file is the style sheet.
| Joey Hess | 2010-05-06 |
| * | brace style | Joey Hess | 2010-01-18 |
| * | typos | Joey Hess | 2010-01-18 |
| * | make decode_form_utf8 safe for arrays | Joey Hess | 2010-01-09 |
| * | 404/goto: Fix 404 display of utf-8 pages.•••Problem here was that no charset http header was being sent.
I fixed this globally by making cgi_custom_failure send the header.
Required changing its parameters.
| Joey Hess | 2009-12-14 |
| * | fix url encoding in redir•••When redirecting to a page, ie, after editing, ensure that the url is
uri-encoded. Most browsers other than MSIE don't care, but it's the right
thing to do.
The known failure case involved editing a page that had utf-8 in the name
using MSIE.
| Joey Hess | 2009-10-29 |
| * | Expand banned_users; it can now include PageSpecs, which allows banning by IP... | Joey Hess | 2009-09-08 |
| * | Fix typo attepting→attempting | Jonas Smedegaard | 2009-07-23 |
| * | detect sslcookie set and no https•••This is likely a misconfiguration and can cause login to fail as the
browser refuses the send the session cookie back over http.
Not entirely happy with putting the check where I did, since users have to
try to log in, and fail, to see the misconfiguration explained. But I could
not find a better place to put the check.
| Joey Hess | 2009-02-26 |
| * | factor out IE stupididy workaround | Joey Hess | 2009-01-31 |
| * | Split cgi_goto into a goto plugin | Simon McVittie | 2009-01-31 |
| * | Split apache404 into an independent plugin•••Also make it ignore the 'do' parameter at Joey's suggestion, to have one
less thing to remember when configuring.
| Simon McVittie | 2009-01-31 |
| * | CGI: pad error responses with 512 bytes of spaces so IE will display them•••IE displays its own error responses unless the server's was >= 512 bytes.
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294807
| Simon McVittie | 2009-01-31 |
| * | CGI: set up goto hook so that /ikiwiki.cgi?do=goto can be an Apache ErrorDocu... | Simon McVittie | 2009-01-31 |
| * | CGI: add cgi_page_from_404(), which remaps a path like $REDIRECT_URL to an Ik...•••Also add a regression test
| Simon McVittie | 2009-01-31 |
| * | CGI: if the page is missing, give the "missing page" a 404 status | Simon McVittie | 2009-01-31 |
| * | CGI: document why commenter and recentchanges_link are supported | Simon McVittie | 2009-01-31 |
| * | CGI: if the "do" parameter is goto, recentchanges_link or commenter, redirect...•••This can replace equivalent functionality in comments and recentchanges.
| Simon McVittie | 2009-01-31 |
| * | CGI: add cgi_goto(CGI, [page])•••This redirects to the given page (or if none is given, the page parameter
given to the CGI), or displays an error with a create link if the page
doesn't exist.
| Simon McVittie | 2009-01-31 |
| * | remove deprecated admin prefs•••A new ikiwiki-transition moveprefs subcommand can pull the old data out of
the userdb and inject it into the setup file.
Note that it leaves the old values behind in the userdb too. I did this
because I didn't want to lose data if it fails writing the setup file for
some reason, and the old data in the userdb will only use a small amount of
space. Running the command multiple times will mostly not change anything.
| Joey Hess | 2008-12-24 |
| * | Coding style change: Remove explcit vim folding markers. | Joey Hess | 2008-12-17 |
| * | checksessionexpiry: rework•••This function as factored out was a bit confusing, I think this makes more
sense.
| Joey Hess | 2008-12-17 |
| * | editpage: factor out checksessionexpiry into IkiWiki::CGI | Simon McVittie | 2008-12-11 |
| * | Fix issue with utf-8 in wikiname breaking session cookies, by entity-encoding... | Joey Hess | 2008-10-19 |
| * | editpage: New core plugin factoring out page editing to allow disabling it if... | Joey Hess | 2008-09-05 |
| * | Set cookies HttpOnly. | Joey Hess | 2008-08-28 |
| * | typo | Joey Hess | 2008-08-05 |
| * | relocate | Joey Hess | 2008-08-02 |
| * | banned_users move to setup file, stage 1 | Joey Hess | 2008-08-01 |
| * | add a rename summary | Joey Hess | 2008-07-22 |
| * | Split out error messages from editpage.tmpl into several separate templates. | Joey Hess | 2008-07-22 |