summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess <joey@kitenet.net>2011-03-17 17:09:39 -0400
committerJoey Hess <joey@kitenet.net>2011-03-17 17:09:39 -0400
commit4b5e4a9e37b1f28a68bec8c78a8fe3ef4b811f3b (patch)
treebbbdeb3814ff2491daeec9a4a0d8bd899d420297
parentd162bf767e1e57502c4a767fa5a6ec42a5857c59 (diff)
parent70f646248821ebd608b65481d0f85fac8931f42e (diff)
Merge branch 'master' of ssh://git.ikiwiki.info/srv/git/ikiwiki.info
-rw-r--r--doc/examples/blog/posts/first_post.mdwn2
-rw-r--r--doc/forum/Apache_XBitHack.mdwn6
-rw-r--r--doc/ikiwikiusers.mdwn2
-rw-r--r--doc/plugins/contrib/justlogin.mdwn2
-rw-r--r--doc/security.mdwn4
-rw-r--r--doc/todo/pingback_support.mdwn2
6 files changed, 14 insertions, 4 deletions
diff --git a/doc/examples/blog/posts/first_post.mdwn b/doc/examples/blog/posts/first_post.mdwn
index 343497d18..f76df2f17 100644
--- a/doc/examples/blog/posts/first_post.mdwn
+++ b/doc/examples/blog/posts/first_post.mdwn
@@ -1,2 +1,4 @@
This is the first post to this example blog. To add new posts, just add
files to the posts/ subdirectory, or use the web form.
+
+And is this ever edited again ? Looking for blog software and learning perl...
diff --git a/doc/forum/Apache_XBitHack.mdwn b/doc/forum/Apache_XBitHack.mdwn
new file mode 100644
index 000000000..9cadc73e1
--- /dev/null
+++ b/doc/forum/Apache_XBitHack.mdwn
@@ -0,0 +1,6 @@
+I'd like to be able to use the Apache XBitHack to enable Server Side Includes on my site. Yes, it is possible to enable SSI by setting the page extension to .shtml, and that is what I am doing at the moment.
+However, the disadvantage of this approach is that the server does not give a LastModified header, which means that the content can't be cached. However, the way that I am using SSI is such that the main content of the page really is "last modified" when the page was last modified, so I'd like to be able to indicate that. And using the XBitHack - that is, setting the executable bit on the generated page - would enable me to do that.
+
+I gather from the [[security]] page that having the executable bit set on files is considered a security hole, but how big a hole would it be if I'm the only one editing the site? Is there a way, a somewhat safe way, of implementing XBitHack for IkiWiki?
+
+-- [[KathrynAndersen]]
diff --git a/doc/ikiwikiusers.mdwn b/doc/ikiwikiusers.mdwn
index d69e0a4c9..4f823353e 100644
--- a/doc/ikiwikiusers.mdwn
+++ b/doc/ikiwikiusers.mdwn
@@ -168,7 +168,7 @@ Personal sites and blogs
* [pmate](http://pmate.nfshost.com)'s homepage and [blog](http://pmate.nfshost.com/blog/)
* [tychoish.com](http://tychoish.com/) - a blog/wiki mashup. blog posts are "rhizomes."
* [Martin Burmester](http://www.martin-burmester.de/)
-* [Øyvind A. Holm (sunny256)](http://www.sunbase.org)
+* [Øyvind A. Holm (sunny256)](http://www.sunbase.org) — Read my Ikiwiki praise [here](http://www.sunbase.org/blog/why_ikiwiki/).
Please feel free to add your own ikiwiki site!
diff --git a/doc/plugins/contrib/justlogin.mdwn b/doc/plugins/contrib/justlogin.mdwn
index ef3d1bfff..90645b9ef 100644
--- a/doc/plugins/contrib/justlogin.mdwn
+++ b/doc/plugins/contrib/justlogin.mdwn
@@ -1,4 +1,4 @@
-This plugin is still in development. Currently it does bring up the login page and the login page does, with proper credentials, log in the user, but the returning page goes to prefs. I have no idea why.
+This plugin has been abandoned while still in development. Currently it does bring up the login page and the login page does, with proper credentials, log in the user, but the returning page goes to prefs. I have no idea why. I decided to go in another direction so if someone wants to take over then please do so. Otherwise I have no problem if this page needs to be deleted. [[users/justint/]]
Place this code into a page:
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 52d9d3dc0..770927e26 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -441,7 +441,7 @@ A fix was also backported to Debian etch, as version 2.53.5. I recommend
upgrading to one of these versions if your wiki can be edited by third
parties.
-## javascript insertation via insufficient htmlscrubbing of comments
+## javascript insertion via insufficient htmlscrubbing of comments
Kevin Riggle noticed that it was not possible to configure
`htmlscrubber_skip` to scrub comments while leaving unscubbed the text
@@ -454,7 +454,7 @@ preview or moderation of comments with such a configuration.
These problems were discovered on 12 November 2010 and fixed the same
hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]])
-## javascript insertation via insufficient checking in comments
+## javascript insertion via insufficient checking in comments
Dave B noticed that attempting to comment on an illegal page name could be
used for an XSS attack.
diff --git a/doc/todo/pingback_support.mdwn b/doc/todo/pingback_support.mdwn
index b10366bda..7b3b158ee 100644
--- a/doc/todo/pingback_support.mdwn
+++ b/doc/todo/pingback_support.mdwn
@@ -37,3 +37,5 @@ case I will consider this done with an entry in [[tips]]; otherwise a
> whenever a page is posted or edited, and gets the changed content, it can
> simply scan it for urls (may have to htmlize first?), and send pings to
> all urls found. --[[Joey]]
+
+>> Is there any update on this? This would be highly useful and is the main reason why I am not using my blog more regularly, yet. (And yes, now that git-annex is doing everything I need and more, I thought I should revisit this one, as well). -- RichiH