enforce content type on XML-RPC. addresses #3991

This ensures only text/xml or application/xml content types are accepted
when communicating with the XML-RPC API

increase required PHP version to 7.4

use samesite=Lax cookie attribute #2849

Since this has been the default in Chrome for a while, no sideeffects
are to be expected.

Corrected logic error

language updates for #3010 addition to #3981

Avoid warning in do=check for anonymous users

fixes #3984

Better fix

This is more concise and it also fixes a similar case in a different line.
`empty($userinfo['mail'])`correctly deals with:
- `$userinfo === false` => `true`
- `!array_key_exists('mail'

Better fix

This is more concise and it also fixes a similar case in a different line.
`empty($userinfo['mail'])`correctly deals with:
- `$userinfo === false` => `true`
- `!array_key_exists('mail', $userinfo)` => `true`
- `!isset($userinfo['mail'])` => `true`
- `$userinfo['mail'] === ''` => `true`

show more ...

Fix #3982

Removed link, because it is wrongly cached. Fixes #3013

translation update

translation update

translation update

fix XSS in RSS syntax

The title was not correctly escaped when written to the doc in xhtml
renderer.

SimplePie does no content escaping on its own (a comment in the code
seems to suggest that that

fix XSS in RSS syntax

The title was not correctly escaped when written to the doc in xhtml
renderer.

SimplePie does no content escaping on its own (a comment in the code
seems to suggest that that was assumed). Instead the content is passed
on as-is from the feed.

This patch also applies some more escaping on the description output
(though it should have been relatively safe thanks to the use of
striptags).

This was discovered by @ry0tak and reported in
https://huntr.dev/bounties/c6119106-1a5c-464c-94dd-ee7c5d0bece0/

show more ...

translation update

fix line length issue

Add JSON based alternative to XMLRPC

XMLRPC is a rather outdated and old-fashioned protocol not much in use
anymore. Developers prefer simpler, JSON based APIs.

This adds a new "JSONRPC" API. Basic

Add JSON based alternative to XMLRPC

XMLRPC is a rather outdated and old-fashioned protocol not much in use
anymore. Developers prefer simpler, JSON based APIs.

This adds a new "JSONRPC" API. Basically it exposes exactly the same
method calls as the XMLRPC API but using JSON instead of XML. It's not a
classical REST API, but should be just as easy to use for developers.

Here is an example call using CURL:

curl http://localhost/dokuwiki/lib/exe/jsonrpc.phs \
-H 'Content-Type: application/json' \
-H "Authorization: Bearer $token" \
-d '["wiki"]'

Please note that the above uses the token auth implemented in #2432.
Authentication via basic auth or cookies would work as well.

show more ...

use local squid docker instance for proxy testing

Add undeclared Class Properties

Fixes Creation of dynamic property _HWLDF_WordAccumulator::$_lines /
$_line / $_group / $_tag is deprecated in ./inc/DifferenceEngine.php
on line 936

And proactively

Add undeclared Class Properties

Fixes Creation of dynamic property _HWLDF_WordAccumulator::$_lines /
$_line / $_group / $_tag is deprecated in ./inc/DifferenceEngine.php
on line 936

And proactively caught another bunch in _Diff3_Op class (not reported
in unit tests)

show more ...

Fix grammar error in PHPDoc

Fix PHP Deprecated warning

Adding null-coalescing operator to avoid

str_replace(): Passing null to parameter #3 ($subject) of type
array|string is deprecated

HTTPClient: Replace time() method with direct microtime(true) call

Minor fixes in comments

HttpClient::time use microtime(true) directly

translation update

translation update