aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki/Plugin/rename.pm
Commit message (Collapse)AuthorAge
* Force CGI::FormBuilder->field to scalar context where necessarySimon McVittie2016-12-28
| | | | | | | | | | | | | | | | | | | | | | | | | | CGI::FormBuilder->field has behaviour similar to the CGI.pm misfeature we avoided in f4ec7b0. Force it into scalar context where it is used in an argument list. This prevents two (relatively minor) commit metadata forgery vulnerabilities: * In the comments plugin, an attacker who was able to post a comment could give it a user-specified author and author-URL even if the wiki configuration did not allow for that, by crafting multiple values to other fields. * In the editpage plugin, an attacker who was able to edit a page could potentially forge commit authorship by crafting multiple values for the rcsinfo field. The remaining plugins changed in this commit appear to have been protected by use of explicit scalar prototypes for the called functions, but have been changed anyway to make them more obviously correct. In particular, checkpassword() in passwordauth has a known prototype, so an attacker cannot trick it into treating multiple values of the name field as being the username, password and field to check for. OVE-20161226-0001
* Process .md like .mdwn, but disallow web creation.Amitai Schlair2016-03-08
|
* Make sure we do not pass multiple CGI parameters in function callsSimon McVittie2014-10-16
| | | | | | | | | | | When CGI->param is called in list context, such as in function parameters, it expands to all the potentially multiple values of the parameter: for instance, if we parse query string a=b&a=c&d=e and call func($cgi->param('a')), that's equivalent to func('b', 'c'). Most of the functions we're calling do not expect that. I do not believe this is an exploitable security vulnerability in ikiwiki, but it was exploitable in Bugzilla.
* Do not pass ignored sid parameter to checksessionexpirySimon McVittie2014-10-12
| | | | | | | | checksessionexpiry's signature changed from (CGI::Session, CGI->param('sid')) to (CGI, CGI::Session) in commit 985b229b, but editpage still passed the sid as a useless third parameter, and this was later cargo-culted into remove, rename and recentchanges.
* actually tested rename not started from the edit pageJoey Hess2012-04-08
|
* improve prototypeJoey Hess2012-04-05
| | | | src param always needed now
* rename: Allow rename to be started not from the edit page; return to the ↵Joey Hess2012-04-05
| | | | renamed page in this case.
* fix two recently introduced bugs in renameJoey Hess2011-07-15
| | | | | | * rename: Fix logic error that broke renaming pages when the attachment plugin was disabled. * rename: Fix logic error that bypassed the usual pagespec checks.
* implement renaming of held attachmentsJoey Hess2011-06-14
| | | | | This is somewhat suboptimal, it does not update links to the renamed file, or show a result message.
* rename: Fix crash when renaming a page that is linked to by a page in an ↵Joey Hess2011-01-22
| | | | | | | underlay. Skip fixing links in such pages. The user will get a list of pages that still link to the old page.
* Merge remote branch 'smcv/ready/localurl'Joey Hess2010-11-29
|\
| * Use local paths for the CGI URLSimon McVittie2010-11-23
| |
* | rename: Fix to pass named parameters to rcs_commitJoey Hess2010-11-29
|/
* saner return codes for check_can{remove,rename}Joey Hess2010-08-30
| | | | These return codes are not currently used, but might be later.
* rcs_commit and rcs_commit_staged api changesJoey Hess2010-06-23
| | | | | | | | | | | Using named parameters for these is overdue. Passing the session in a parameter instead of passing username and IP separately will later allow storing other session info, like username or part of the email. Note that these functions are not part of the exported API, and the prototype change will catch (most) skew, so I am not changing API versions. Any third-party plugins that call them will need updated though.
* stop using REMOTE_ADDRJoey Hess2010-06-23
| | | | | | | | | | | Everywhere that REMOTE_ADDR was used, a session object is available, so instead use its remote_addr method. In IkiWiki::Receive, stop setting a dummy REMOTE_ADDR. Note that it's possible for a session cookie to be obtained using one IP address, and then used from another IP. In this case, the first IP will now be used. I think that should be ok.
* remove, rename: Add guards against XSRF attacks.Joey Hess2010-05-14
|
* simplify formbuilder stylesheet specificationJoey Hess2010-05-06
| | | | | | Since all forms are wrapped in a template that defines the actual stylesheets, formbuilder just has to be told to turn on stylesheet mode, not what file is the style sheet.
* unfinished file_prune revampJoey Hess2010-04-17
| | | | | | | | | Many calls to file_prune were incorrectly calling it with 2 parameters. In cases where the filename being checked is relative to the srcdir, that is not needed. Made absolute filenames be pruned. (This won't work for the 2 parameter call style.)
* fix the other half of the filecheck filename bugJoey Hess2010-03-26
|
* add section informationJoey Hess2010-02-12
|
* rename: Fix some utf-8 problems.Joey Hess2009-12-14
| | | | | | The crux of the problem is that the cgi object has raw values not converted to utf-8, and rename was using its fields. Also fixed a missed place where the form object did not get its fields utf-8 encoded.
* remove prototype from renamehookJoey Hess2009-07-20
| | | | | Recursive calls make perl whine about protypes, and it wasn't adding any value.
* Merge commit 'upstream/master' into pub/pointrigeri2009-06-06
|\ | | | | | | | | | | | | | | | | Conflicts: debian/changelog debian/control Signed-off-by: intrigeri <intrigeri@boum.org>
| * support longname for page types in commands and renameJoey Hess2009-05-21
| | | | | | | | Also, sort the list of page types.
* | no need to use CORE::rename since I renamed the rename functionJoey Hess2009-03-27
| |
* | rename function for clarity, formatting improvementsJoey Hess2009-03-27
| |
* | simplifiyJoey Hess2009-03-27
| |
* | move dedup code into function, simplifyJoey Hess2009-03-27
| |
* | rename: remove duplicates that hook functions may have added to @torenameintrigeri2009-03-08
| | | | | | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* | rename: moved subpages addition to a rename hookintrigeri2009-03-08
| | | | | | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* | rename hook: run once per file to be renamedintrigeri2009-03-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ... as Joey suggested on todo/need_global_renamepage_hook This hook is applied recursively to returned additional rename hashes, so that it handles the case where two plugins use the hook: plugin A would see when plugin B adds a new file to be renamed. The full set of rename hashes can no longer be changed by hook functions, that are only allowed to return any additional rename hashes it wants to add. Rationale: the correct behavior of the recursion would be hard, if not impossible, to define, if already considered pages were changing on the run. Signed-off-by: intrigeri <intrigeri@boum.org>
* | rename hook: instead of modifying the passed-by-name array, return a copyintrigeri2009-01-27
| | | | | | | | | | | | | | | | | | | | | | This is intended to solve Joey's concerns expressed on http://ikiwiki.info/todo/need_global_renamepage_hook/, i.e. the need to make it possible to use this hook from external plugins. A plugin using this hook still can add/modify/remove elements of the @torename array. Signed-off-by: intrigeri <intrigeri@boum.org>
* | revert renamepage's hook original nameintrigeri2009-01-27
| | | | | | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* | only pass named parameters to the canrename hookintrigeri2009-01-26
| | | | | | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* | add mising hooks and fix syntax errorJoey Hess2009-01-26
| |
* | Merge commit 'upstream/master' into prv/pointrigeri2009-01-13
|\|
| * rename: Show full names of affected pages.Joey Hess2009-01-06
| |
| * refactorJoey Hess2009-01-06
| |
* | Pass src, srcfile, dest and destfile to the canrename hook.intrigeri2009-01-01
| | | | | | | | | | | | | | This is not needed by the use I'm doing of it, but seems more consistent to me. Future users of this hook may need this data to make their mind. Signed-off-by: intrigeri <intrigeri@boum.org>
* | rename: pass the CGI and session to the rename hookintrigeri2009-01-01
| | | | | | | | | | | | The po plugin remame + canrename hook combination will need this. Signed-off-by: intrigeri <intrigeri@boum.org>
* | rename: implemented new canrename hookintrigeri2009-01-01
| | | | | | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* | Merge commit 'upstream/master' into prv/pointrigeri2009-01-01
|\|
| * finalise version 3.00 of the plugin apiJoey Hess2008-12-23
| |
* | the rename hook can now change the list of pages to renameintrigeri2008-12-30
| | | | | | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* | renamed the renamepage hook to renamelink, added rename hookintrigeri2008-12-30
|/ | | | Signed-off-by: intrigeri <intrigeri@boum.org>
* Coding style change: Remove explcit vim folding markers.Joey Hess2008-12-17
|
* rename: Fix double-escaping of page name in edit box.Joey Hess2008-12-17
| | | | titlepage normally escapes, but so does formbuilder.
* remove, rename: Allow acting on attachments as a page is being created.Joey Hess2008-10-02
|
* fix subpage rename bug with indexpagesJoey Hess2008-10-01
| | | | | | If indexpages is enabled, then foo/index.mdwn will look like a subpage of foo, so an additional check is needed to avoid trying to rename it twice.
generated by cgit v1.2.3 (git 2.25.4) at 2024-06-12 09:02:20 +0000