release preparations

darcs-hash:20070524172905-7ad00-a3635da93981b1cc6063143b6a4c2883fb0fe8b9.gz

add sneaky_index option

This disables the last patch and adds an option to enable it on demand.

darcs-hash:20070511200235-7ad00-a3ea769bc4965710b7fd261d31e2c9f8a3d9d7f5.gz

fixed dokubug interwiki link

darcs-hash:20070411194508-7ad00-e0373de561bdd3c5154a4fc230a143be0e6f8699.gz

added ellipsis to entities.conf

darcs-hash:20070330225252-d5083-cc2f5e0ad8e5073c10e69d6ba5fa192468a0f1f5.gz

soted indexer is now default

darcs-hash:20070226175529-7ad00-4d3d984da1edbf2ded546cfbd7374f97f032d032.gz

use dokubug as default interwiki tag for DokuWiki bugs #1045

darcs-hash:20070224144211-7ad00-fc0695dc9290bd5d4192eb9d76ba3cafa2125d8f.gz

added some comments about new XSS protection to mime.conf

darcs-hash:20070224131623-7ad00-cd82685db94b50be942a6d71293010aa8fdabdfa.gz

Test uploaded files for HTML tags FS#1077

Following the problem with IE's mimetype handling described at
http://www.splitbrain.org/blog/2007-02/12-internet_explorer_facilitates_cross_site_scripting

Test uploaded files for HTML tags FS#1077

Following the problem with IE's mimetype handling described at
http://www.splitbrain.org/blog/2007-02/12-internet_explorer_facilitates_cross_site_scripting
this patch adds a new option (on by default) to check the first 256
bytes of uploaded files against a list of a few HTML tags and denies
the upload of such a file. In rare occasions this may block harmless
and valid files, but that's price we have to pay for Microsoft's
stupidity.

Users who need HTML uploads should disable this check. (Don't do that on
open Wikis!)

darcs-hash:20070224124458-7ad00-0ced616d06f563515b36a0a6871b5ba50229c946.gz

show more ...

Rar mime type added

darcs-hash:20070111113557-00f02-f868a727d73fa16d4854ad60ff6aff0b59df67bb.gz

disable text uploads by default

Spammers suck - see http://forum.dokuwiki.org/post/2213

darcs-hash:20070211201920-7ad00-0023501c73fece94effcc0efb2c0862c9f771bf2.gz

workaround config for FS#852

On certain platforms the ignore_user_abort function does not work as expected, resulting
in a non working indexer webbug. Users with such a broken system (IIS+PHP as CGI

workaround config for FS#852

On certain platforms the ignore_user_abort function does not work as expected, resulting
in a non working indexer webbug. Users with such a broken system (IIS+PHP as CGI) can
enable this option to work around the problem (resulting in longer load times for the
webbug).

darcs-hash:20070208195145-7ad00-8fc14f9da535a70fa837066773e15a3926b077c7.gz

show more ...

manager user/group

This patch adds support for a manager option as suggested in
http://www.freelists.org/archives/dokuwiki/11-2006/msg00314.html

darcs-hash:20061203134104-7ad00-72ff6422bbb4f79be325

manager user/group

This patch adds support for a manager option as suggested in
http://www.freelists.org/archives/dokuwiki/11-2006/msg00314.html

darcs-hash:20061203134104-7ad00-72ff6422bbb4f79be325c7e77255e1eee32d0f6b.gz

show more ...

rss_summary_config

Add a configuration option to control whether or not the edit/revision summary is
displayed with the title of RSS feeds. The default is to show the summary, the same as
DokuWiki d

rss_summary_config

Add a configuration option to control whether or not the edit/revision summary is
displayed with the title of RSS feeds. The default is to show the summary, the same as
DokuWiki did prior to this addition.

darcs-hash:20061101023313-9039d-d067e9bcd7dc0c7cabd57674d1072c5b882ad4e7.gz

show more ...

Indexer asian language fixes and speed-ups

Make Chinese and Japanese work better with the new indexer.
Some missing punctuation added to utf8_stripspecials.
Misc. other changes to make indexing fast

Indexer asian language fixes and speed-ups

Make Chinese and Japanese work better with the new indexer.
Some missing punctuation added to utf8_stripspecials.
Misc. other changes to make indexing faster. The indexes will expire on
backend upgrades, so you don't have to delete *.indexed

darcs-hash:20061117123032-6942e-774b38e08234928c49b37e40addba375acf67ac0.gz

show more ...

release preparations

darcs-hash:20061106192948-7ad00-c5f00a6a452e941b6799663d5b73e7e089a376a2.gz

disable HTML upload by default

Spammers use unprotected wikis to upload spammy HTML pages. This disables
HTML upload by default

darcs-hash:20061101161813-7ad00-11c808965ef80bd042ea3e3586352cfdccb30

disable HTML upload by default

Spammers use unprotected wikis to upload spammy HTML pages. This disables
HTML upload by default

darcs-hash:20061101161813-7ad00-11c808965ef80bd042ea3e3586352cfdccb309db.gz

show more ...

release preparations

darcs-hash:20061019165805-7ad00-1cd724eabd74ecf66734eba35f607ad474fc8374.gz

restrict fetch.php's download abilities

This patch changes fetch.php ability to download external files. It now checks
for the returned MIME type and will only download images. For all other
MIME ty

restrict fetch.php's download abilities

This patch changes fetch.php ability to download external files. It now checks
for the returned MIME type and will only download images. For all other
MIME types a redirect is sent back to the browser. This reduces the risc of
being misused as open proxy.

Additionally the download facility is disabled completly by default by setting
the fetchsize option to 0. Users who want the feature need to overwrite the option
in their local.php.

Background: The ability to download external files is needed to resize external
images on the server side. When disabled, a redirect is sent to the browser which
will download the fullsize image and rescale it on the client side which is more
bandwidth and CPU intensive.

darcs-hash:20061017175329-7ad00-cd1b1bfa043a04540c51ca8380d28deaa14147d1.gz

show more ...

multiple language updates

darcs-hash:20061013113521-7ad00-1ab48718ab30e042971a6dd6ef595462185955e6.gz

release candidate preparation

darcs-hash:20061008103152-7ad00-5a26c285c8d4899ab9b21a84d493671857d77a99.gz

release candidate preparations

updated wwordblock.conf
updated installer checksum
increased msg num

darcs-hash:20060928200451-7ad00-061feb181c7e91f736fb396db224e4ea9660effa.gz

security fixes for fetch.php #924 #962

Fixes a shell injection and a DOS vulnerability

darcs-hash:20060926200551-7ad00-5ef27940dda6e48e7e2f8743fc90fa80b7b5cdff.gz

cache, metadata & purgefile updates

Cache
- add dependency for metadata renderer file
- check metadata for end of page life, "date valid end".

Metadata Renderer
- RSS syntax mode now sets rendered

cache, metadata & purgefile updates

Cache
- add dependency for metadata renderer file
- check metadata for end of page life, "date valid end".

Metadata Renderer
- RSS syntax mode now sets rendered page expiry, "date valid end"
and includes the feed URL in "relation haspart".

Purgefile
For all wiki installations the purgefile records the earliest
time before which no cache purge (based on data consistency)
is required. Cache files older than this time MAY need to be
purged.
- remove purgeonadd configuration setting

darcs-hash:20060924202157-9b6ab-4531e91411c41914eeab2b6a8160c3d46b001cee.gz

show more ...

fixed md5 sum for installer

darcs-hash:20060923110047-7ad00-b9007f7f656e56656a44b2349c14e7839c1f68ce.gz

corrected typo

darcs-hash:20060923034943-e5a2d-5888ec82ef23d82619522aaf33bee1c4bc1b1099.gz