| #
19d5ba27 |
| 09-Jan-2025 |
Andreas Gohr <andi@splitbrain.org> |
rename trustedproxy option to trustedproxies
We use a new format (array instead of regex) and need a sure way to
recognize it. Zebra's approach would not have survived the editing via
config manager
rename trustedproxy option to trustedproxies
We use a new format (array instead of regex) and need a sure way to
recognize it. Zebra's approach would not have survived the editing via
config manager.
As a side effect this also introduces a new languange string, which is
good because the old one did no longer apply.
show more ...
|
| #
df9e4a18 |
| 22-Dec-2023 |
Andreas Gohr <andi@splitbrain.org> |
automatically prune old logs
This adds a new configuration that allows to define how many logfiles
per facility should be kept. Old files are pruned daily via the task
runner.
|
| #
486f82fc |
| 21-Aug-2023 |
Andreas Gohr <andi@splitbrain.org> |
add setting to define the samesite cookie policy
As mentioned in
https://github.com/dokuwiki/dokuwiki/pull/3994#pullrequestreview-1473052428
there might be occasions when users might want to change
add setting to define the samesite cookie policy
As mentioned in
https://github.com/dokuwiki/dokuwiki/pull/3994#pullrequestreview-1473052428
there might be occasions when users might want to change the policy to a
stricter one or the somewhat more lenient Lax implementation of current
browsers.
show more ...
|
| #
bbe6b3a7 |
| 12-Oct-2022 |
Andreas Gohr <andi@splitbrain.org> |
Remove the htmlok and phpok embedding options
Both options have grave security implications and novice users seem to
ignore advice about them. In the last decades I never came across a wiki
that had
Remove the htmlok and phpok embedding options
Both options have grave security implications and novice users seem to
ignore advice about them. In the last decades I never came across a wiki
that had legitimate use of these options.
If someone needs the functionality, it can easily be added back using a
plugin. But I prefer to give users one less option to shoot themselves
in the foot.
Removal of the translations for the config strings can follow after this
has been merged.
show more ...
|
| #
be6462f4 |
| 13-Aug-2022 |
Andreas Gohr <andi@splitbrain.org> |
log warnings to error log
This introduces an error handler that will log warnings, including a
stack trace in the error log. This should help plugin and core authors with
identifying cases of uninit
log warnings to error log
This introduces an error handler that will log warnings, including a
stack trace in the error log. This should help plugin and core authors with
identifying cases of uninitilized variables in PHP8+ environments.
A feature flag (default off) will let users temporarily disable the
display of warnings in the frontend. This should allow the usage of not
yet upgraded plugins in many cases. In the future the flag can be
removed again.
show more ...
|
| #
efc7c022 |
| 29-May-2022 |
Michael Sy <38754074+Michaelsy@users.noreply.github.com> |
Broken link removed
The corrected link is now entered in the documentation. See https://www.dokuwiki.org/config:broken_iua
|
| #
3df364a3 |
| 25-Apr-2022 |
Timo Richter <timo.richter@richter-leiterplatten.de> |
CORS on XMLRMPC API
This allows setting a CORS header to make the xmlrpc API accessible from
JavaScript clients directly in the browser.
|
| #
d8ab8746 |
| 26-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
Revert "Merge pull request #3039 from takuy/video-attributes"
This reverts commit 408d79f78505248f9ccb44bd2561cedc250ce5a1, reversing
changes made to b7c67f83bd81eff3186e4ebd2d9e86cd2c32468d.
|
| #
408d79f7 |
| 20-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
Merge pull request #3039 from takuy/video-attributes
Add handling for video embed attributes
|
| #
cad4fbf6 |
| 13-Aug-2020 |
Andreas Gohr <andi@splitbrain.org> |
added logging configuration
Log facitlities can now be disabled. By default only debug is disabled.
It might make sense to by default disable deprecated as well?
Debug logging is now independend of
added logging configuration
Log facitlities can now be disabled. By default only debug is disabled.
It might make sense to by default disable deprecated as well?
Debug logging is now independend of the allowdebug method. allowdebug
was often used in two ways: for displaying errors directly to the user
and for logging to the debug log. Now it only controls the former.
show more ...
|
| #
4a572c5a |
| 06-Apr-2020 |
Sam <1631095+takuy@users.noreply.github.com> |
add options & defaults to config, no* counterparts
|
| #
7b299f22 |
| 21-Sep-2017 |
Aurélien Martin <01aurelien@gmail.com> |
Add option rss_show_deleted
|
| #
fc6b11d2 |
| 26-Jan-2020 |
Michael Große <mic.grosse@googlemail.com> |
Add feature flag for deferred javascript
This adds a feature flag for the jQuery and main-js requests added in
#2786 and #2958. This adds only a single feature flag since deferring
jQuery without d
Add feature flag for deferred javascript
This adds a feature flag for the jQuery and main-js requests added in
#2786 and #2958. This adds only a single feature flag since deferring
jQuery without deferring the main javascript request is likely to cause
errors and confusion.
The feature flag defaults to "on" as this should be unproblematic except
for a few plugins. Also, with this flag being on by default, it should
see more usage and is more likely to uncover existing issues.
This feature flag should be removed once this feature is deemed safe.
show more ...
|
| #
1b027115 |
| 27-Oct-2019 |
Henry Pan <git@phy25.com> |
clarified trustedproxy - empty = trust no proxy
|
| #
57d571a2 |
| 21-Oct-2019 |
Andreas Gohr <andi@splitbrain.org> |
clarified trustedproxy setting
|
| #
925105e8 |
| 21-Oct-2019 |
Phy <git@phy25.com> |
clientIP: add trustedproxy, return first untrusted IP instead of the last one
This fixes #2828, where malicious clients passed in customized HTTP header to keep its IP address off records.
This is
clientIP: add trustedproxy, return first untrusted IP instead of the last one
This fixes #2828, where malicious clients passed in customized HTTP header to keep its IP address off records.
This is inspired by Sympony's Request::setTrustedProxies, but I don't want to implement everything including IP CIDR matching (IPv4 + IPv6), so I decided to reuse the local IP checker in place powered by regexp. Now admins can customize this "local" (trusted) proxy list using $conf['trustedproxy'], and by default it will allow any local IPs.
If in the future there is a need to implement array-based CIDR matching, $conf['trustedproxies'] can be used for the new config name.
show more ...
|
| #
c0c77cd2 |
| 10-Oct-2019 |
Andreas Gohr <gohr@cosmocode.de> |
Merge branch 'master' into psr2
changes from commit b15f23f6735eabb6dc7e4a996e4ae164139ab7f5 may have
been lost, because the code changed to much.
changes from commit df81ca99eeaf4753d6f09cbddbb529
Merge branch 'master' into psr2
changes from commit b15f23f6735eabb6dc7e4a996e4ae164139ab7f5 may have
been lost, because the code changed to much.
changes from commit df81ca99eeaf4753d6f09cbddbb529afe7ef71c7 need to be
verified. we might need to do some more adjustments.
* master: (49 commits)
translation update
translation update
translation update
translation update
translation update
translation update
translation update
Update config.class.php
translation update
translation update
Update lang.php
Add ugc hint to nofollow
add UGC hint
translation update
translation update
use a script to fetch the correct phpunit
Revert "output travis php version for easier debugging"
setup databases for unit tests in travis
output travis php version for easier debugging
translation update
...
show more ...
|
| #
e50efeb7 |
| 13-Sep-2019 |
Wes from StarArmy.com <stararmy@gmail.com> |
Update lang.php
|
| #
277113f1 |
| 27-Jul-2018 |
Andreas Gohr <andi@splitbrain.org> |
Merge branch 'master' into psr2
* master:
upgraded JSON class to latest (2006) version
continue is break in switch
translation update
reference existing proper progress gif. fixes #2441
Fi
Merge branch 'master' into psr2
* master:
upgraded JSON class to latest (2006) version
continue is break in switch
translation update
reference existing proper progress gif. fixes #2441
Fix missing ui-bg_glass_95_fef1ec_1x400.png and be/jquery.ui.datepicker.js for jquery
removed accidental merges of outdated translations
Change `const` use to `var` for Safari 9 (on iOS)
Fix .htaccess files for Apache 2.4 (and 2.2)
add logic if the server uses unlimited memory settings in is_mem_available()
removed safemode hack
show more ...
|
| #
fe227084 |
| 07-Jun-2018 |
Andreas Gohr <gohr@cosmocode.de> |
removed safemode hack
Safemode has been removed in PHP 5.4.0. We finally no longer need to
deal with this insanity.
|
| #
7a0ee538 |
| 01-Jun-2018 |
Andreas Gohr <andi@splitbrain.org> |
show other errors in undefined settings again
This reestablishes the mechanism of adding errors as Sepcial classes to the
undefined list.
|
| #
13ce475d |
| 11-Apr-2018 |
Andreas Gohr <gohr@cosmocode.de> |
shortened new search configs
shorter names are more in line with what we already use, makes less
layout problems in the documentation and is easier to type when telling
people about it.
|
| #
d09b5b64 |
| 22-Mar-2018 |
Michael Große <grosse@cosmocode.de> |
feat(search): add config options to adjust default behavior
This adds two new config options:
`search_limit_to_first_ns`:
Limit the search to the current X namespaces. When a search is executed
fro
feat(search): add config options to adjust default behavior
This adds two new config options:
`search_limit_to_first_ns`:
Limit the search to the current X namespaces. When a search is executed
from a page within a deeper namespace, the first X namespaces will be
added as filter.
Possible use case could be with language namespaces to ensure that the
default search is initially within the current language.
`search_default_fragment_behaviour`:
Option to specify the default fragment search behavior
show more ...
|
| #
8bc5de1f |
| 22-Dec-2017 |
Schplurtz le Déboulonné <Schplurtz@laposte.net> |
add rss_media config values translations
|
| #
5f43dcf4 |
| 28-Oct-2017 |
Lukas Rademacher <lukas@rademacher.ac> |
Support for configurable e-mail return path
|