Preventing auto-filling of passwords in config #4362

We previously had set autocomplete="off" on password fields, but
browsers seem to ignore that now.

MDN suggests [1] to use autocomplete="new-pas

Preventing auto-filling of passwords in config #4362

We previously had set autocomplete="off" on password fields, but
browsers seem to ignore that now.

MDN suggests [1] to use autocomplete="new-password", so that's what's
used now. In addition autocomplete="off" is set on the form as a whole.

Will that fix the issue once and for all? Doubtful:

> This attribute is a hint to browsers; some may not comply with it.

[1] https://developer.mozilla.org/en-US/docs/Web/Security/Practical_implementation_guides/Turning_off_form_autocompletion

show more ...

fix deprecated phpunit call in styling plugin

fix expected exception message in config plugin test

user manager: explicitly set CSV parameters

This is needed since PHP 8.4

replace deprecated phpunit assertions

register linkwizard in window

This fixes a backwards compatibility issue with the changes made in
PR #4329. Plugins rely on the wizard being a globally registered object.

replace deprecated utf8_encode #4354

Fix PHP error while saving Aichat settings

translation update

LinkWizard: fix multilevel parents in references

use relative links in LinkWizard

When the linked page has a common prefix with the current page,
construct a relative link instead of always inserting absolute links.

LinkWizard: add method to create a relative link

This is not used, yet. Usage will be added in a future commit.

Since we don't have a proper testing framework in place, yet. Tests have
been added a

LinkWizard: add method to create a relative link

This is not used, yet. Usage will be added in a future commit.

Since we don't have a proper testing framework in place, yet. Tests have
been added as a standalone script that can be run manually.

show more ...

doc blocks in link wizard

Linkwizard: use strict comparisons

LinkWizard: don't use the deprecated keycode property anymore

turn link wizard into a class

Basic modernisation of the link wizard to more modern JavaScript.

translation update

translation update

Check security token for media restore. fix #4323

The whole media management is a mess, but this should fix the issue for
now.

I think the severity is low since, this will only restore previously
u

Check security token for media restore. fix #4323

The whole media management is a mess, but this should fix the issue for
now.

I think the severity is low since, this will only restore previously
uploaded media files, so permissions need to be high enogh for upload
anyway.

show more ...

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the re

Revert "use a dispatcher to access static image files"

This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.

It was accidentally pused to master before review. A PR with a revert
for the revert will be pushed shortly.

show more ...

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite ca

use a dispatcher to access static image files

This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16

A .htaccess rewrite catches any direct accesses that might come in from
plugins.

show more ...

Support a URI parameter for ldap since current code doesn't actually work

translation update

Remove obsolete translation

Log in local time instead of utc