aboutsummaryrefslogtreecommitdiff
path: root/IkiWiki
Commit message (Collapse)AuthorAge
* Perls older than 5.10 need to use the old method of decoding utf-8 in CGI ↵Joey Hess2008-05-21
| | | | values. Neither method will work for all versions of perl, so check version number at runtime.
* display an error message if CGI::Session fails to loadJoey Hess2008-05-21
|
* git: Skip over signed-off-by and similar lines in commit messages when ↵Joey Hess2008-05-15
| | | | generating recentchanges.
* inline: Display a message if the 'pages' parameter is missing, before it ↵Joey Hess2008-05-15
| | | | just expanded to nothing.
* orphans: As a special case, the toplevel index page is never considered an ↵Joey Hess2008-05-15
| | | | orphaned page.
* mdwn: Add a multimarkdown setup file option.Joey Hess2008-05-13
|
* Fixes for behavior changes in perl 5.10's CGIJoey Hess2008-05-12
| | | | | | | | | | | | | | | | | | | | | | | | | | Something has changed in CGI.pm in perl 5.10. It used to not care if STDIN was opened using :utf8, but now it'll mis-encode utf-8 values when used that way by ikiwiki. Now I have to binmode(STDIN) before instantiating the CGI object. In 57bba4dac132a06729eeec809f5e1a5adf829806, I changed from decoding CGI::Formbuilder fields to utf-8, to decoding cgi parameters before setting up the form object. As of perl 5.10, that approach no longer has any effect (reason unknown). To get correctly encoded values in FormBuilder forms, they must once again be decoded after the form is set up. As noted in 57bba4da, this can cause one set of problems for formbuilder_setup hooks if decode_form_utf8 is called before the hooks, and a different set if it's called after. To avoid both sets of problems, call it both before and after. (Only remaining problem is the sheer ugliness and inefficiency of that..) I think that these changes will also work with older perl versions, but I haven't checked. Also, in the case of the poll plugin, the cgi parameter needs to be explcitly decoded before it is used to handle utf-8 values. (This may have always been broken, not sure if it's related to perl 5.10 or not.)
* paste-oJoey Hess2008-05-08
|
* add --delete-bucket optionJoey Hess2008-05-08
|
* load plugins before printing messagesJoey Hess2008-05-08
| | | | | This allows plugins to getopt and change what is done before an incorrect line is printed.
* amazon s3 index file improvementsJoey Hess2008-05-08
| | | | | | | | | | | Turns out duplicate index files do not need to be stored when usedirs is in use, just when it's not. Ikiwiki is quite consistent about using page/ when usedirs is in use. (The only exception is the search plugin, which needs fixing.) This also includes significant code cleanup, removal of a incorrect special case for empty files, and addition of a workaround for a bug in the amazon perl module.
* simplify key determination codeJoey Hess2008-05-08
|
* remove debuggingJoey Hess2008-05-07
|
* implemented pruning, s3 support now complete-ishJoey Hess2008-05-07
|
* forgot to add..Joey Hess2008-05-07
|
* amazon s3 support implemented and kinda workingJoey Hess2008-05-07
| | | | pruning not yet implemented, however
* Optimised file statting code when scanning for modified pages; cut the ↵Joey Hess2008-05-07
| | | | number of system calls in half. (Still room for improvement.)
* pinger/pingee now tested and workingJoey Hess2008-05-06
|
* POSIX::setsid is not exported per defaultJoey Hess2008-05-06
|
* aggregate: Add support for web-based triggering of aggregation for people ↵Joey Hess2008-05-05
| | | | stuck on shared hosting without cron. (Sheesh.) Enabled via the `aggregate_webtrigger` configuration optiom.
* git: Put -- before the filename when calling git rev-list to avoid warning ↵Joey Hess2008-05-02
| | | | message when the file doesn't exist.
* Fix ugly display when editing a page that has vanished.Joey Hess2008-05-02
| | | | | srcfile now has an optional second parameter to avoid it throwing an error if the source file does not exist.
* avoid uninitialised valueJoey Hess2008-05-02
|
* anonk: Add anonok_pagespec configuration setting that can be used to allow ↵Joey Hess2008-05-01
| | | | anonymous users to edit only matching pages. Closes: #478892
* img: Support a title attribute, will be passed through to html. Closes: #478718Joey Hess2008-04-30
|
* toc: Add the table of contents at sanitize time, rather than at format time. ↵Joey Hess2008-04-26
| | | | This allows the toc to be displayed when previewing an edit. It also avoids headers in the page template from showing up in the toc.
* Use bzr --quiet to avoid it outputting stuff and messing up http headers. ↵Joey Hess2008-04-10
| | | | (Scott Bronson)
* Fix broken rcs_update for bzr. (Scott Bronson)Joey Hess2008-04-10
|
* Fix CSRF attacks against the preferences and edit forms. Closes: #475445Joey Hess2008-04-10
| | | | | | | | | | | | | | | | | | | | | | | | | The fix involved embedding the session id in the forms, and not allowing the forms to be submitted if the embedded id does not match the session id. In the case of the preferences form, if the session id is not embedded, then the CGI parameters are cleared. This avoids a secondary attack where the link to the preferences form prefills password or other fields, and the user hits "submit" without noticing these prefilled values. In the case of the editpage form, the anonok plugin can allow anyone to edit, and so I chose not to guard against CSRF attacks against users who are not logged in. Otherwise, it also embeds the session id and checks it. For page editing, I assume that the user will notice if content or commit message is changed because of CGI parameters, and won't blndly hit save page. So I didn't block those CGI paramters. (It's even possible to use those CGI parameters, for good, not for evil, I guess..) The only other CSRF attack I can think of in ikiwiki involves the poll plugin. It's certianly possible to set up a link that causes the user to unknowingly vote in a poll. However, the poll plugin is not intended to be used for things that people would want to attack, since anyone can after all edit the poll page and fill in any values they like. So this "attack" is ignorable.
* need to handle urls to images the sameJoey Hess2008-04-03
| | | | Also, simplified finding the url to the top of the site.
* Bug#473987: [PATCH] Links relative to baseurl mangled in atom/rss feedsManoj Srivastava2008-04-03
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | tag 473987 +patch thanks Hi, The issue is that we need to convert relative links to absolute ones for atom and rss feeds -- but there are two types of relative links. The first kind, relative to the current document ( href="some/path") is handled correctly. The second kind of relative url is is relative to the http server base (href="/semi-abs/path"), and that broke. It broke because we just prepended the url of the current document to the href (http://host/path/to/this-doc/ + link), which gave us, in the first place: http://host/path/to/this-doc/some/path [correct], and http://host/path/to/this-doc//semi-abs/path [wrong] The fix is to calculate the base for the http server (the base of the wiki does not help, since the base of the wiki can be different from the base of the http server -- I have, for example, "url => http://host.name.mine/blog/manoj/"), and prepend that to the relative references that start with a /. This has been tested. Signed-off-by: Manoj Srivastava <srivasta@debian.org>
* aggregate: Correct a mistake in the code that dummy up a guid for feeds ↵Joey Hess2008-04-03
| | | | lacking one.
* Added a hardlink option in the setup file, useful if the source and dest are ↵Joey Hess2008-03-29
| | | | on the same filesystem and the wiki includes large media files, which would normally be copied, wasting time and space.
* revert destpage part of f7bdc2385Joey Hess2008-03-23
| | | | | | | | destpage does not normally need to be worried about when creating other files as part of the process of rendering a page. Using destpage results in inlined pages creating two copies of such files. It works to not use destpage in this case because the inlining page depends on the source page, so if the source page is modified or deleted the inlining page will be updated.
* inline: Allow the "feedshow" parameter to take values greater than the value ↵Joey Hess2008-03-23
| | | | for "show".
* typosJoey Hess2008-03-21
|
* Allow external plugins to return no valuemartin f. krafft2008-03-21
| | | | | | | | | | | | | Instead of using the XML-RPC v2 extension <nil/>, which Perl's XML::RPC::Parser does not (yet) support (Joey's patch is pending), we agreed on a sentinel: {'null':''}, that is, a hash with a single key "null" pointing to the empty string. The Python proxy automatically converts None appropriately and raises an exception if a hook function should, by weird coincidence, attempt to return {'null':''}. Signed-off-by: martin f. krafft <madduck@madduck.net>
* work around perl warningJoey Hess2008-03-21
|
* delete inline data after it's usedJoey Hess2008-03-21
|
* crazy optimisation to work around slow markdownJoey Hess2008-03-21
| | | | | | | | | | | | | | | | | | Markdown is slow. Especially if it has to process an enormous page. The most common enormous page is currently the recentchanges page, which gets processed a lot, and contains very little actual markdown. Most of it is a big <div>, which markdown skips ... slowly. This is a rather sick optimisation to work around markdown's speed issues. Now inline inserts a small, dummy div, allows markdown to quickly render the actual page content, then replaces the dummy with the actual inlined pages later. Results: Rendering just a recentchanges page, with diffs included, dropped from 4.5 seconds to 2.7 seconds on my laptop. Building the entire wiki dropped from 46.6 seconds to 39.5 seconds. (It would be better if inline were a *post*-processor directive.)
* process smilies in a sanitize hookJoey Hess2008-03-21
| | | | | I had to move it to sanitize so all the markup is htmlized, so it can scan for <pre> and <code>.
* another fixJoey Hess2008-03-21
| | | | | I'm suprised that the second m//g didn't seem to clobber @-, but I don't want to rely on that, so preserve it beforehand.
* various fixes and simplificationsJoey Hess2008-03-21
|
* smiley: Detect smileys inside pre and tags, and do not expand.Joey Hess2008-03-21
|
* Close meta tag for redir properly.Joey Hess2008-03-21
|
* Store userinfo in network byte order for easy portability. (Old files will ↵Joey Hess2008-03-19
| | | | be automatically converted.)
* optimisation, only load openid module when signing inJoey Hess2008-03-19
| | | | This makes the CGI about .2 seconds faster when editing pages etc.
* fix setstateJoey Hess2008-03-19
| | | | Same fix as in d7f1292c3134fd9464ca4005f48b9274be861c10
* make setargv take an arrayJoey Hess2008-03-19
| | | | for consistentcy with getargv, which returns one
* fix setvarJoey Hess2008-03-19
| | | | | It was incorrectly setting the value to the number of items in @_, ie, always 1.