| Commit message (Expand) | Author | Age |
|---|
| * | update re template change | Joey Hess | 2010-04-23 |
| * | Despam, again. Someone ban adrianna please? | Simon McVittie | 2010-04-02 |
| * | (no commit message) | adrianna | 2010-04-02 |
| * | htmlscrubber: Security fix: In data:image/* uris, only allow a few whiteliste... | Joey Hess | 2010-03-12 |
| * | CVE | Joey Hess | 2009-08-30 |
| * | still mispelling josh's name.. | Joey Hess | 2009-08-30 |
| * | teximg security problem | Joey Hess | 2009-08-30 |
| * | Fix version. | JoshTriplett | 2008-12-31 |
| * | note fix versions | Joey Hess | 2008-11-12 |
| * | check for invalid utf-8, and toss it back to avoid crashes•••Since ikiwiki uses open :utf8, perl assumes that files contain valid utf-8.
If it turns out to be malformed it may later crash while processing strings
read from them, with 'Malformed UTF-8 character (fatal)'.
As at least a quick fix, use utf8::valid as soon as data is read, and if
it's not valid, call encode_utf8 on the string, thus clearing the utf-8
flag. This may cause follow-on encoding problems, but will avoid this
crash, and the input file was broken anyway, so GIGO is a reasonable
response. (I looked at calling decode_utf8 after, but it seemed to cause
more trouble than it was worth. BTW, use open ':encoding(utf8)' avaoids
this problem, but the corrupted data later causes Storable to crash when
writing the index.)
This is a quick fix, clearly imperfect:
- It might be better to explicitly call decode_utf8 when reading files,
rather than using the IO layer.
- Data read other than by readfile() can still sneak in bad utf-8. While
ikiwiki does very little file input not using it, stdin for the CGI
would be one way.
| Joey Hess | 2008-11-12 |
| * | remove ikiwiki.setup•••To generate your own, use ikiwiki -dumpsetup ikiwiki.setup
Update docs.
| Joey Hess | 2008-07-26 |
| * | Migrate everything else via prefix_directives•••This is a partial commit of:
egrep -rl '\[\[[a-z]+ ' doc | xargs --max-args 1 ./ikiwiki-transition
prefix_directives
| Simon McVittie | 2008-07-21 |
| * | update | Joey Hess | 2008-07-02 |
| * | cve id | Joey Hess | 2008-05-31 |
| * | fix link | Joey Hess | 2008-05-30 |
| * | more on the security hole | Joey Hess | 2008-05-30 |
| * | documentation for use of hashed passwords•••Everything but the actual coding to support them.
| Joey Hess | 2008-05-29 |
| * | add CVE link | Joey Hess | 2008-04-20 |
| * | releasing version 2.42 | Joey Hess | 2008-04-10 |
| * | Fix CSRF attacks against the preferences and edit forms. Closes: #475445•••The fix involved embedding the session id in the forms, and not allowing the
forms to be submitted if the embedded id does not match the session id.
In the case of the preferences form, if the session id is not embedded,
then the CGI parameters are cleared. This avoids a secondary attack where the
link to the preferences form prefills password or other fields, and
the user hits "submit" without noticing these prefilled values.
In the case of the editpage form, the anonok plugin can allow anyone to edit,
and so I chose not to guard against CSRF attacks against users who are not
logged in. Otherwise, it also embeds the session id and checks it.
For page editing, I assume that the user will notice if content or commit
message is changed because of CGI parameters, and won't blndly hit save page.
So I didn't block those CGI paramters. (It's even possible to use those CGI
parameters, for good, not for evil, I guess..)
The only other CSRF attack I can think of in ikiwiki involves the poll plugin.
It's certianly possible to set up a link that causes the user to unknowingly
vote in a poll. However, the poll plugin is not intended to be used for things
that people would want to attack, since anyone can after all edit the poll page
and fill in any values they like. So this "attack" is ignorable.
| Joey Hess | 2008-04-10 |
| * | fix what I think is a typo | Joey Hess | 2008-04-10 |
| * | add CVE ids | Joey Hess | 2008-02-20 |
| * | some updates about the recent hole | Joey Hess | 2008-02-10 |
| * | a few thoughts on data: security | Joey Hess | 2008-02-10 |
| * | document security fix•••The backported fix for stable is tagged and waiting for the security team
to upload.
| Joey Hess | 2008-02-10 |
| * | typo | Joey Hess | 2007-12-22 |
| * | more | Joey Hess | 2007-11-27 |
| * | remove svn-isms | Joey Hess | 2007-11-27 |
| * | add some documentation about how to safely allow multiple committers to an•••ikiwiki git repository
| Joey Hess | 2007-11-27 |
| * | releasing version 2.14 | Joey Hess | 2007-11-26 |
| * | * Fix a security hole that allowed insertion of unsafe content via the meta••• plugins's support for inserting html link and meta tags. Now such content
is passed through the htmlscrubber like everything else.
* Unfortunatly, that means that some valid uses of those tags are no longer
usable, and special case methods needed to be added for including
stylesheets, and for doing openid delegation. If you use either of these
in your wiki, it will need to be modified. See the meta plugin docs
for details.
| joey | 2007-03-21 |
| * | * Fix a few bugs around page titles containing html. The worst of these••• is an actual security hole as it allows insertion of html into the title
element of a page, which is not processed by the htmlscrubber.
| joey | 2007-03-21 |
| * | document recent security hole | joey | 2007-02-14 |
| * | web commit by JeremyReed: typo fix | joey | 2006-12-27 |
| * | web commit by http://id.kurokatta.org/david: Copyedit. | joey | 2006-11-21 |
| * | some notes about the security (or lack thereof) of plugins | joey | 2006-10-22 |
| * | * Add toc (table of contents) plugin. | joey | 2006-08-28 |
| * | update | joey | 2006-08-28 |
| * | * Patch from James Westby to add a --sslcookie switch, which forces••• cookies to only be sent over ssl connections to avoid interception.
* Factor out the cgi header printing code into a new function.
* Fix preferences page on anonok wikis; still need to sign in to get
to the preferences page.
| joey | 2006-08-27 |
| * | * Allow preprocessor directives to contain python-like triple-quoted••• text blocks, for easy nesting of quotes inside.
* Add a template plugin.
* Use the template plugin to add infoboxes to each plugin page listing basic
info about the plugin.
| joey | 2006-08-23 |
| * | update | joey | 2006-08-18 |
| * | misc changes | joey | 2006-08-05 |
| * | releasing version 1.13 | joey | 2006-08-02 |
| * | security note | joey | 2006-07-30 |
| * | web commit by ThomasSchwinge: Typo fixes. | www-data | 2006-07-02 |
| * | web commit by joey | www-data | 2006-07-02 |
| * | * Parse svn log as xml for improved utf8 and security. Note that this makes••• ikiwiki depend on XML::Simple. Patch by Faidon Liambotis.
| joey | 2006-07-02 |
| * | * More security review. | joey | 2006-06-01 |
| * | typo | joey | 2006-05-26 |
| * | * Removed --sanitize and --no-sanitize, replaced with --plugin htmlscrubber••• and --disable-plugin htmlscrubber.
| joey | 2006-05-05 |