Skip to content
Snippets Groups Projects
Select Git revision
  • refctorHTTPCLient
  • fix-zero
  • issue2721
  • master default protected
  • psr2
  • fixNoticesCLI
  • issue2665
  • issue2517
  • rmdir
  • old-stable
  • stable
  • extcli
  • HTTPClientAgent
  • issue2366
  • betterDeprecationComment
  • issue1569
  • fixGetVersion
  • testfixes
  • psr2-plugin
  • renameParam
  • release_stable_2017-02-19f
  • release_stable_2018-04-22b
  • release_stable_2018-04-22a
  • release_stable_2018-04-22
  • release_stable_2016-06-26e
  • release_stable_2017-02-19e
  • release_stable_2016-06-26d
  • release_stable_2017-02-19d
  • release_stable_2016-06-26c
  • release_stable_2017-02-19c
  • release_stable_2016-06-26b
  • release_stable_2017-02-19b
  • release_stable_2017-02-19a
  • release_stable_2017-02-19
  • release_stable_2016-06-26a
  • release_stable_2016-06-26
  • release_stable_2015-08-10a
  • release_stable_2015-08-10
  • release_stable_2014_05_05e
  • release_stable_2014_09_29d
40 results
Search by author
  • Any Author
  • halltodd halltodd halltodd
  • Jonathan Babbage Jonathan Babbage babbagej
2 authors
  1. Dec 03, 2007
  3. Nov 17, 2007
    • Andreas Gohr's avatar
      ACL Manager rewritten · 2a3623da
      Andreas Gohr authored 
      This patch replaces the old ACL manager plugin with a new, completely
rewritten one.

The ACL manager is now independent of the page from which it was called,
instead all pages and namespaces are selectable from an AJAX enhanced
list similar to the one used in the media manager. This should take care
of a major complain by new users.

Another major confusion was that the old manager only showed relevant
rules. This new manager always shows *all* defined ACL rules.

darcs-hash:20071117155740-7ad00-1de71e396d5dbc117bf5788fb5667af828d5c20f.gz
      2a3623da
  5. Sep 08, 2007
  7. Aug 29, 2007
    • Andreas Gohr's avatar
      CSRF prevention for admin plugins · 634d7150
      Andreas Gohr authored 
      This patch adds a session based token to all form in the default action plugins.
The validity of the token is checked before any administrative function is
executed aiming to protect DokuWiki's admin functions from Cross-site request
forgery (CSRF) attacks.

Another patch will follow to add the same functionality on other, less critical
functions.

More details on CSRF attacks can be found at
http://en.wikipedia.org/wiki/Cross-site_request_forgery

darcs-hash:20070829201538-7ad00-d0770224a3351fd8e38968e3a9d8e73520482445.gz
      634d7150
  9. Apr 09, 2006
    • chris's avatar
      Bug#680 · e04f1f16
      chris authored 
      Update default plugins to ensure they exit immediately
if not called from within Dokuwiki

darcs-hash:20060409233841-9b6ab-555e4fced756849a5d7b9de6e4aaaea24c6da3ae.gz
      e04f1f16
  11. Mar 08, 2006
  13. Mar 03, 2006
  15. Mar 02, 2006
    • Andreas Gohr's avatar
      Allow non-ID names in ACLs · 6c2bb100
      Andreas Gohr authored 
      Some auth backends allow special chars like whitespaces in user and group
names. This made problems with the existing ACL checks and ACL manager.
This patch makes the ACL system work with these cases by (url)encoding all
special chars below 128.

darcs-hash:20060302101850-6e07b-14bda9dbdb3528904325419b35bb9eddb0d1dde3.gz
      6c2bb100
  17. Jan 27, 2006
  19. Jan 26, 2006
  21. Aug 24, 2005