Age | Commit message (Collapse) | Author |
|
Add special handling for <meta name="robots" ...> which needs not be
scrubbed as it's harmless.
Signed-off-by: martin f. krafft <madduck@madduck.net>
(cherry picked from commit b15d0299a7f7b147e89d8a202d6cca1c21491af2)
|
|
(cherry picked from commit 252da396bfa728b99af7c9bb304a7b5f3f6d94e6)
|
|
A new regexp fixes this bug:
http://ikiwiki.info/bugs/No_link_for_blog_items_when_filename_contains_a_colon/
I traced this down to htmlscrubber. If disabled,
it works. If enabled, then $safe_url_regexp
determines the URL unsafe because of the colon and
hence removes the src attribute.
Digging into this, I find that RFC 3986 pretty
much discourages colons in filenames:
"""
A path segment that contains a colon character
(e.g., "this:that") cannot be used as the first
segment of a relative-path reference, as it would
be mistaken for a scheme name. Such a segment must
be preceded by a dot-segment (e.g., "./this:that")
to make a relative- path reference.
"""
on the other hand, with usedirs, any link to
another page will be prepended by ../ anyway, so
that makes them okay again.
The solution still seems not to use colons.
In any case, htmlscrubber should get a new regexp,
courtesy of dato.
I have tested and verified this.
Signed-off-by: martin f. krafft <madduck@madduck.net>
|
|
internal pages won't be in revision control so this avoids some ugly noise
|
|
such urls.
|
|
As was already done for linkfication, links generated in a prevew page
are relative to the top of the wiki, so it has to be told that the destpage
is there.
I was using "" to indicate this, but that may confuse some preprocessor
plugins, which treat parameters with an empry value specially (sparkline is one
such). Instead, use "/", which is more accurate anyway and works just as well.
|
|
which forced a scan of the page to make available metadata that
appeared after the inline directive. Problem is that scan made it forget
about any other files rendered due to the page. The scan also turns out
to be unnecessary now, since meta persistently stores state and it's
always available. So it was just removed.
|
|
the html is escaped at a different level. Closes: #466495
* bzr, mercurial: Remove unused import of escapeHTML.
|
|
_MTN/ikiwiki-netsync-hook when a commit is merged in from the net.
|
|
(as preserving the full list across preview would be tricky). Userdirs
were still being offered as an option there, remove them.
* Fix a bug where user A created a page concurrently with user B, and
when B previewed it would redirect B to A's new page, losing B's work.
Instead, don't redirect and let conflict handling resolve it.
|
|
containing ikiwiki.cgi, but this should not change the urls to the style
sheets etc. Add a new forcebareurl parameter to misctemplate to allow
it to do that.
|
|
hack.
|
|
custom, first-class types of wikilinks.
* Move standard wikilink implementation to a new wikilink plugin, which
will of course be enabled by default.
|
|
of XML::RPC's default of us-ascii. Allows interoperation with
python's xmlrpc library, which threw invalid encoding exceptions and
caused the rst plugin to hang.
|
|
|
|
|
|
|
|
|
|
character
|
|
are safe and can't contain javascript.
|
|
|
|
|
|
|
|
Some browsers interpret about: URIs like a limited version of data:
URIs. In particular, some versions of Internet Explorer interpret
arbitrary HTML content in about: URIs.
|
|
|
|
* Add htmlscrubber test suite.
|
|
Conflicts:
debian/changelog
templates/change.tmpl
|
|
|
|
There are several cases (recentchanges files, aggregated files)
where some source files are not in revision control.
|
|
|
|
|
|
|
|
used if you want a wiki that doesn't default to generating rss or atom
feeds, but that does allow them to be turned on for specific blogs.
|
|
|
|
just avoid actually writing the files. This is necessary because ikiwiki
saves state after a preview (in case it actually *did* write files),
and if will_render isn't called its security checks will get upset
when the page is saved. Thanks to Edward Betts for his help tracking this
tricky bug down.
|
|
This call is only present to handle the case where previewing a page
actually causes files to be rendered.
|
|
|
|
|
|
- On commits, replace "mtn sync" bidirectional with "mtn push" single
direction. No need to pull changes when doing a commit. mtn sync
is still called in rcs_update.
- Support for viewing differences via patches using viewmtn.
|
|
Now aggregation will not lock the wiki. Any changes made during aggregaton are
merged in with the changed state accumulated while aggregating. A separate
lock file prevents multiple concurrent aggregators. Garbage collection
of orphaned guids is much improved. loadstate() is only called once
per process, so tricky support for reloading wiki state is not needed.
(Tested fairly thuroughly.)
|
|
|
|
they're in has changed.
|
|
by thunking to the CGI, which can redirect to the page, or allow it to be
created if it doesn't exist.
|
|
|
|
approach.
|
|
Oops. Convert it from a cgi to a sessioncgi hook, which will work
much better.
|
|
* This allows locking the wiki before loading state, which avoids some
tricky locking code when saving a web edit.
|
|
the aggregating page to be rebuilt. Fix this.
|
|
since this leads to too many problems with web caching, especially with
inlined pages. Properly solving this would involve tracking every page
that contributes to a page's content and using the youngest of them all,
as well as special cases for things like the version plugin, and it's just
too complex to do.
|
|
|