| f89f8c79 | 31-Dec-2021 |
Mark Prins <mprins@users.sf.net> |
translation update |
| bc63eda6 | 28-Dec-2021 |
Schplurtz le Déboulonné <schplurtz@laposte.net> |
translation update |
| d8ab8746 | 26-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
Revert "Merge pull request #3039 from takuy/video-attributes"
This reverts commit 408d79f78505248f9ccb44bd2561cedc250ce5a1, reversing
changes made to b7c67f83bd81eff3186e4ebd2d9e86cd2c32468d. |
| 4511ba41 | 26-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
remove remaining X-UA-Compatible headers. fixes #3434 |
| 24201594 | 17-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
fix security problems in draft handling. fixes #3565 |
| 5f18fdf3 | 14-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
authplain: properly clean user names
The authplain module uses cleanID to clean usernames to make them valid
pagenames. However namespaces should not be used in usernames.
For that cleanUser and cl
authplain: properly clean user names
The authplain module uses cleanID to clean usernames to make them valid
pagenames. However namespaces should not be used in usernames.
For that cleanUser and cleanGroup replaced columns in given names. But
depending on the wiki configuration useslash, semicolons and slashes may
also be used as namespace separators. cleanID would replace those with
colons, reintroducing colons into the names.
The problem was reported in a forum post where spammers tried to
register http addresses as user names:
https://forum.dokuwiki.org/d/19796-spammers-with-in-their-name
Users with colons were correctly saved (the colon is escaped in the user
file) but could probably not login (unless using a slash or semicolon
instead of the colon). Since usernames are cleaned in many places in
DokuWiki, such a logged in user was probably not recognized correctly.
Because of the proper colon escaping when saving the user file, I don't
see any security issue arising from this. Eg. it was not possible to
trip up the user loading mechanism.
Note: Previously created users containing colons can not be deleted via
the user manager, because displayed usernames are cleaned again, which
will remove the colons.
show more ...
|
| 54bcc3a6 | 12-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
eck CSRF token in styling plugin. fixes #3560 |
| 96f679fa | 08-Dec-2021 |
Andreas Gohr <andi@splitbrain.org> |
check CSRF token enabling/disabling extensions. fixes #3559 |
| b43eeadb | 27-Nov-2021 |
Andreas Gohr <andi@splitbrain.org> |
set default size for embedded SVGs
many templates fail to set proper sizes for admin icons etc. This will
prevent SVGs from blowing up by default - of course templates should
still overwrite this de
set default size for embedded SVGs
many templates fail to set proper sizes for admin icons etc. This will
prevent SVGs from blowing up by default - of course templates should
still overwrite this default.
show more ...
|
| b9a4556d | 24-Nov-2021 |
Andreas Gohr <andi@splitbrain.org> |
avoid doubling line in logviewer. fixes #3554 |
| 6a410eb3 | 23-Nov-2021 |
Eduardo Mozart de Oliveira <eduardomozart182@gmail.com> |
translation update |
| 326bf346 | 15-Nov-2021 |
Spiros Ioannou <sivann@gmail.com> |
much better greek (el) translations |
| 5c9e31ac | 04-Nov-2021 |
Faramarz Karamizadeh <f.karamizadeh@yahoo.com> |
translation update |
| e2170488 | 16-Sep-2021 |
Andreas Gohr <andi@splitbrain.org> |
adjust help text of extension cli
to reflect that extensions can be installed from URLs as well |
| 75cba7af | 30-Aug-2021 |
David Surroca <davidsurrocaestrada@gmail.com> |
translation update |
| 5aaea2b0 | 12-Aug-2021 |
Locness <locness3@e.email> |
Do not duplicate the foreach ($installed... |
| 831ec554 | 08-Aug-2021 |
Axel Kirch <axel@globeglotter.com> |
translation update |
| cc16762d | 03-Aug-2021 |
Locness <locness3@e.email> |
Allow installing extenions from URL via the CLI
fixes #3258 |
| bfef681c | 01-Aug-2021 |
Tom Kunze <mail@tomabrafix.de> |
plugins/extension: Fix git recognition for plugin installations via git-submodules.
New git versions only add .git file with a reference to the git dir in
the superdirectory in the submodule. See gi
plugins/extension: Fix git recognition for plugin installations via git-submodules.
New git versions only add .git file with a reference to the git dir in
the superdirectory in the submodule. See git-submodule(1).
show more ...
|
| 1e519eb5 | 19-Jul-2021 |
Andreas Gohr <andi@splitbrain.org> |
SVG for interwiki links
This continues the quest to make more use of SVG in the DokuWiki
iconography. Interwiki links are now preferred in SVG, the existing
icons have been replaces by SVGs. This al
SVG for interwiki links
This continues the quest to make more use of SVG in the DokuWiki
iconography. Interwiki links are now preferred in SVG, the existing
icons have been replaces by SVGs. This also adjusts the default icons
for external, mail and UNC links.
Icons come from https://materialdesignicons.com/ and
https://github.com/edent/SuperTinyIcons
I kept the old default icons because they might be used by plugins and
templates. They might be deleted later
The DokuWiki interwiki icon huge in filesize compared to all others and
doesn't look good. Would be good to have a simplified version there.
show more ...
|
| 03af5d65 | 15-Jul-2021 |
Erik Bjørn Pedersen <erik.pedersen@shaw.ca> |
translation update |
| e2c6ce95 | 06-Jul-2021 |
Sam <1631095+takuy@users.noreply.github.com> |
manifest: add NOSESSION to not require auth
Authentication shouldn't be required for a manifest file. |
| 13768096 | 28-May-2021 |
pavulondit <pavloo@vp.pl> |
translation update |
| 826fda5c | 25-May-2021 |
Olivier Humbert <trebmuh@tuxfamily.org> |
translation update |
| 44398ba2 | 15-May-2021 |
Schplurtz le Déboulonné <schplurtz@laposte.net> |
translation update |