| 180ba08b | 03-Oct-2024 |
Jürgen Mayer <gro.ikiwukod@x.wellen.org> |
translation update |
| 06c886b9 | 15-Sep-2024 |
Andreas Gohr <andi@splitbrain.org> |
Check security token for media restore. fix #4323
The whole media management is a mess, but this should fix the issue for
now.
I think the severity is low since, this will only restore previously
u
Check security token for media restore. fix #4323
The whole media management is a mess, but this should fix the issue for
now.
I think the severity is low since, this will only restore previously
uploaded media files, so permissions need to be high enogh for upload
anyway.
show more ...
|
| e44b94a4 | 08-Sep-2024 |
Andreas Gohr <andi@splitbrain.org> |
Revert "use a dispatcher to access static image files"
This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.
It was accidentally pused to master before review. A PR with a revert
for the re
Revert "use a dispatcher to access static image files"
This reverts commit 944e9ba7254387adb60f253b0d8796f2276096b1.
It was accidentally pused to master before review. A PR with a revert
for the revert will be pushed shortly.
show more ...
|
| 944e9ba7 | 08-Sep-2024 |
Andreas Gohr <andi@splitbrain.org> |
use a dispatcher to access static image files
This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16
A .htaccess rewrite ca
use a dispatcher to access static image files
This makes it possible to replace default images in an update safe way.
It also addresses the issue raised in dokuwiki/docker#16
A .htaccess rewrite catches any direct accesses that might come in from
plugins.
show more ...
|
| 521819ff | 26-Aug-2024 |
Andreas Gohr <andi@splitbrain.org> |
make sure stderr is defined in logger
STDERR is only defined when PHP is called from the command line.
In the docker health check we set DOKU_UNITTEST to make sure that errors
trigger exceptions in
make sure stderr is defined in logger
STDERR is only defined when PHP is called from the command line.
In the docker health check we set DOKU_UNITTEST to make sure that errors
trigger exceptions instead being logged only. However when the error
then is also written to STDERR it fails.
This patch makes sure the data is written to PHP's STDERR stream handler
instead.
Should fix dokuwiki/docker#15
show more ...
|
| 598ce738 | 21-Aug-2024 |
nakky <nakky@naver.com> |
translation update |
| cff9a541 | 07-Aug-2024 |
Nathan Neulinger <nneul@neulinger.org> |
Support a URI parameter for ldap since current code doesn't actually work |
| d22e654a | 06-Aug-2024 |
fiwswe <53953985+fiwswe@users.noreply.github.com> |
Use the reflection method |
| c04d78e1 | 05-Aug-2024 |
fiwswe <53953985+fiwswe@users.noreply.github.com> |
Forgot to lowercase the result |
| 81f8bc8b | 05-Aug-2024 |
fiwswe <53953985+fiwswe@users.noreply.github.com> |
Update AbstractAction.php
PHP 8 makes this method faster that the previous SubstringStrChr method mentioned in https://stackoverflow.com/a/27457689 |
| 7ffd5bd2 | 01-Aug-2024 |
Andreas Gohr <andi@splitbrain.org> |
alternative token header support
The Authorization header is not always passed on to PHP, depending on
the setup (See https://stackoverflow.com/q/34472303 for examples and
workarounds).
This patch
alternative token header support
The Authorization header is not always passed on to PHP, depending on
the setup (See https://stackoverflow.com/q/34472303 for examples and
workarounds).
This patch adds support for an alternative X-DokuWiki-Token header that
can be used when using token authentication and the standard
Authorization header can not be used.
show more ...
|
| b1a9a7ad | 01-Aug-2024 |
Kazutaka Miyasaka <kazmiya@gmail.com> |
Fix stored XSS vulnerability via do=export_metadata #4305
This prevents metadata export in general and also ensures the the
temporary $doc property in the metadata renderer is cleared in
document_end |
| 234bbfaf | 26-Jul-2024 |
hauk92 <47572039+hauk92@users.noreply.github.com> |
Use date in install.php |
| f4faa217 | 17-Jul-2024 |
Ekin <ata.ekin@windowslive.com> |
translation update |
| 956542d0 | 08-Jul-2024 |
Tobias <5702338+T0biii@users.noreply.github.com> |
fixes #4265
Run autoFix only if repository owner is dokuwiki |
| 4a9d6ae2 | 02-Jul-2024 |
mauli <mauli+gitstuff-things@maulware.com> |
Move JWT token into metadir #4239
Moving JWT token store away from cache directory,
to have long-lived authentication files properly stored.
Using sha256 on the files instead of md5, to help mitiga
Move JWT token into metadir #4239
Moving JWT token store away from cache directory,
to have long-lived authentication files properly stored.
Using sha256 on the files instead of md5, to help mitigate
potential hash collision as filenames are based on username.
show more ...
|
| 07a871e6 | 25-Jun-2024 |
Andreas Gohr <andi@splitbrain.org> |
Support Woltlab password hashes
The Woltlab forum software uses bcrypt passwords, but prefixes them with
"Bcrypt:". This adds support for this in our PassHash class. |
| c1dcf0d7 | 24-Jun-2024 |
hauk92 <47572039+hauk92@users.noreply.github.com> |
Remove obsolete translation |
| d4059ee7 | 22-Jun-2024 |
hauk92 <47572039+hauk92@users.noreply.github.com> |
Log in local time instead of utc |
| 0e1a7ec2 | 19-Jun-2024 |
merefox retronica <merefox@naver.com> |
translation update |
| dafc9892 | 16-May-2024 |
splitbrain <86426+splitbrain@users.noreply.github.com> |
�� Rector and PHPCS fixes |
| 432cfaa6 | 15-May-2024 |
Eduardo Mozart de Oliveira <eduardomozart182@gmail.com> |
translation update |
| b56152e0 | 13-May-2024 |
Andreas Gohr <andi@splitbrain.org> |
update create-pull-request action to v6 |
| 5284332a | 11-May-2024 |
uaKalwin <world9online@gmail.com> |
translation update |
| f28d9c9e | 08-May-2024 |
Junting Wu <lance20501@gmail.com> |
translation update |