Merge pull request #4624 from dokuwiki/mediasizes

fix EXIF-rotated images shown cropped in previews, closes #4482

fix EXIF-rotated images shown cropped in previews, closes #4482

JPEGs with EXIF orientation 5/6/7/8 were rendered cropped in the
mediamanager detail view, the image diff view and the fullscreen
deta

fix EXIF-rotated images shown cropped in previews, closes #4482

JPEGs with EXIF orientation 5/6/7/8 were rendered cropped in the
mediamanager detail view, the image diff view and the fullscreen
detail page: getimagesize() / JpegMeta report raw (rotation-unaware)
pixel dimensions, and passing both w and h to fetch.php defaults to
center-crop.

- Bump splitbrain/slika to 1.1, which ships ImageInfo: a rotation-
aware, metadata-only dimension simulator mirroring Adapter's
fluent API (autorotate/resize/crop).
- Add fit=1 to fetch.php: when both w and h are given, route to
media_resize_image() (bbox fit) instead of media_crop_image().
Token hashes only (id, w, h) so existing tokens stay valid.
- Add MediaFile::getDisplayDimensions($w, $h, $crop) which delegates
to ImageInfo and returns the dims fetch.php would produce.
- Add Display::getDetailHtml() and retire media_preview() / the old
media_image_preview_size() helper. media_tab_view and MediaDiff
now share the Display-based renderer.
- Rewrite tpl_img() (lib/tpl/*/detail.php) to use MediaFile dims +
fit=1 URL; drops the manual ratio math.
- Tests: MediaFileTest covers the dims math, DisplayTest covers the
detail-view HTML (rotated dims, rev-vs-timestamp URL selection,
structure), fetch_imagetoken gains a fit-token compat test.
Fixture _test/data/media/wiki/exif-orient-6.jpg: 20x30 JPEG with
EXIF orientation 6.

show more ...

Less ubiquitous feed caching. addresses #4574

Instead of creating caches for each and every requested feed, only the
recent feed is still cached.

The number of items is clamped to conf[recent]*5.

Less ubiquitous feed caching. addresses #4574

Instead of creating caches for each and every requested feed, only the
recent feed is still cached.

The number of items is clamped to conf[recent]*5.

Plugins can influence the caching behavior via the existing
FEED_OPTS_POSTPROCESS event by setting cache_allow to true and
optionally adding their own cache key in cache_key

Additionally the per-namespace feed autodiscovery link from <head>
pointing to list-mode feeds has been removed.

show more ...

updated rector and applied it

set crossorigin header for manifest. fixes #4322

To summarize the issue:

1. the wiki is protected by Basic auth, outside of the wiki
2. chrome will not pass authentication credentials when accessin

set crossorigin header for manifest. fixes #4322

To summarize the issue:

1. the wiki is protected by Basic auth, outside of the wiki
2. chrome will not pass authentication credentials when accessing a
linked manifest
3. the webserver will deny access to the manifest

DokuWiki does not care about the auth credentials, because the manifest
returns public info only. The issue is really with the webserver
denying the request.

Using a crossorigin hint will work around the chrome behaviour. The only
potential downside would be that chrome now will send auth credentials
even when there is no web server based auth. Since DokuWiki doesn't care,
it's not really a downside.

show more ...

Time markup for Last Changed field

This adds semantic markup to the "last change" date in the article footer. This change should not have any impact on the rendering of the page.

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the re

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the revert will be pushed shortly.

show more ...

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite ca

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite catches any direct accesses that might come in from
plugins.

show more ...

introduce a template function to output a inline script

This handles the output of a potentially available nonce.

move JS detection to default script

This moves the little helper that will remove a "no-js" class from the
header element as soon as JavaScript is detected from the dokuwiki
template to our default

move JS detection to default script

This moves the little helper that will remove a "no-js" class from the
header element as soon as JavaScript is detected from the dokuwiki
template to our default inline script that also initializes the JSINFO
array.

This ensures that this inline script is run with a nonce (if available).
See #3788 for more infor

show more ...

Use environment provided NONCE for inline scripts. #3788

When an outside source wants to set a restrictive CSP, it can use a
nonce to allow inline scripts instead of using 'unsafe-inline'. This
nonc

Use environment provided NONCE for inline scripts. #3788

When an outside source wants to set a restrictive CSP, it can use a
nonce to allow inline scripts instead of using 'unsafe-inline'. This
nonce can be passed on via the environment variable NONCE and will be
used in tpl_metaheaders to tag our inline JS initializations.

An update to the cspheaders plugin should be made to provide a nonce as
well.

show more ...

remove ols xhtml compatibility CDATA comments

We really don't need these anymore for modern browsers.

remove old IE conditionals from script loading

We really need not to think about IE anymore

fix page title handling broken in #4107

�� Rector and PHPCS fixes

Use str_starts_with/str_ends_with

replace deprecated ptln call with echo closure

TPL_CONTENT_DISPLAY used ptln() as default action. Since this is
deprecated it needs to be replaced, but since echo is a langage construct not
a real f

replace deprecated ptln call with echo closure

TPL_CONTENT_DISPLAY used ptln() as default action. Since this is
deprecated it needs to be replaced, but since echo is a langage construct not
a real function we need to wrap it into a closure.

show more ...

unused items, phpdocs

code style: line breaks

code style: operator spacing

code style: control structure fixes

code style: indent fixes

Rector to rename print to echo calls

code style: ptln removed, useradmin cleanup

coding style: control flow line breaks