Commits · 4167de31e4c8a81602860a18194badb211efeada · BRIC / dokuwiki

Apr 11, 2016

Michael Grosse authored 8 years ago

This is to ensure that we use SSL/TLS if a custom port is defined an no
proxy is used.

Fixes #1526

4167de31

Apr 07, 2016
- Merge pull request #1340 from micgro42/closedTagFix · abaeff3a
  Andreas Gohr authored 9 years ago
  
  Form TagCloseElements should conform to expectations of functions inherited from Element
  abaeff3a
- Merge pull request #1501 from splitbrain/reflection · a22471d1
  Andreas Gohr authored 9 years ago
  
  Reflection based method export for remote plugins
  a22471d1
- Merge pull request #1479 from splitbrain/mediaselect · 393c5550
  Andreas Gohr authored 9 years ago
  
  make reuse of mediamanager popup easier
  393c5550
- Merge pull request #1495 from splitbrain/django_pbkdf2 · 7ca2e2cf
  Andreas Gohr authored 9 years ago
  
  add support for new Django hashing methods
  7ca2e2cf
- Merge pull request #1497 from splitbrain/passobfuscate · 64449714
  Andreas Gohr authored 9 years ago
  
  obfuscate auth passwords in config. fixes #1487
  64449714
Apr 02, 2016
- Merge pull request #1514 from dokuwiki-translate/lang_update_12 · dc0b9000
  Andreas Gohr authored 9 years ago
  
  Translation update (ro)
  dc0b9000
- translation update · 95f42e65
  Adrian Vesa authored 9 years ago
  
  95f42e65
Mar 31, 2016

avoid HTTP Response Splitting attacks via redirects #1513 · 98ca30d2

Andreas Gohr authored 9 years ago

The header() method of PHP is vulnerable to HTTP Response Splitting
attacks.

This change makes sure the URL passed to send_redirect (and thus to
header()) does not contain any control characters that would be needed
to execute such an attack.

Cleaning input is recommended anyway.

98ca30d2

Mar 24, 2016
- Merge pull request #1510 from dokuwiki-translate/lang_update_5 · 89b96b7a
  Andreas Gohr authored 9 years ago
  
  Translation update (pt-br)
  89b96b7a
- translation update · c58f49ca
  Viliam Dias authored 9 years ago
  
  c58f49ca
Mar 22, 2016
- another tiny tab CSS addition · 588d2a2e
  Andreas Gohr authored 9 years ago
  
  missed a line in my last commit
  588d2a2e
- minor change to make tabs more flexible · c4b143ef
  Andreas Gohr authored 9 years ago
  
  This makes it easier to create tabs with an active tab (no need for additional markup)
  c4b143ef
Mar 19, 2016
- Merge pull request #1506 from dokuwiki-translate/lang_update_14 · 66c5adb5
  Andreas Gohr authored 9 years ago
  
  Translation update (ko)
  66c5adb5
- translation update · f6a5c864
  Myeongjin authored 9 years ago
  
  f6a5c864
Mar 15, 2016
- adjusted for scrutinizer hints · 14529785
  Andreas Gohr authored 9 years ago
  
  14529785
- adjusted tests for reflection based method export · 7ac1b2cc
  Andreas Gohr authored 9 years ago
  
  7ac1b2cc
- first go at using reflection for remote export · 67fe7d43
  Andreas Gohr authored 9 years ago
  
  67fe7d43
Mar 12, 2016
- Merge pull request #1498 from trebmuh/patch-1 · d5eb2a76
  Andreas Gohr authored 9 years ago
  
  Fixes for the FR translation
  d5eb2a76
- Fixes for the FR translation · 76f6b28e
  Olivier Humbert authored 9 years ago
  
  A few fixes.
  76f6b28e
- Merge pull request #1361 from TorMec/master · ce0758a5
  Andreas Gohr authored 9 years ago
  
  multicheckbox without extra string input
  ce0758a5
- Merge pull request #774 from MartijnRas/master · 54c0fa7c
  Andreas Gohr authored 9 years ago
  
  remoteuser - Patch for default setting and improved checking in hasAccess()
  54c0fa7c
- obfuscate auth passwords in config. fixes #1487 · 8ef94e9e
  Andreas Gohr authored 9 years ago
  
  we already do it for other passwords, so it makes sense to do it here as well.
  8ef94e9e
- Merge pull request #1489 from sarehag/master · 11ac5b1d
  Andreas Gohr authored 9 years ago
  
  #1477:Search heading still displayed although search disabled
  11ac5b1d
Mar 11, 2016
- Merge pull request #1492 from ssahara/patch · 9b19af28
  Andreas Gohr authored 9 years ago
  
  use getNS() call instead of dirname()
  9b19af28
- add support for new Django hashing methods · 924cc11c
  Andreas Gohr authored 9 years ago
  
  New Python Django application default to PBKDF2 with SHA256 as a password mechanism. This adds support for that mechanism in our password hasher class. This will be needed in the tests for the new PDO auth plugin.
  924cc11c
- usie a strict comparison === instead · dab290ef
  Satoshi Sahara authored 9 years ago
  
  dab290ef
- Merge remote-tracking branch 'refs/remotes/splitbrain/master' into patch · d73566f8
  Satoshi Sahara authored 9 years ago
  
  d73566f8
- use getNS() call instead of dirname() · 82f5f399
  Satoshi Sahara authored 9 years ago
  
  82f5f399
Mar 04, 2016
- #1477:Search heading still displayed although search disabled · 63cf4192
  sarehag authored 9 years ago
  
  63cf4192
Mar 02, 2016
- Fix PHP7 evaluation order incompatibility · 6ebabe2f
  Gerrit Uitslag authored 9 years ago
  
  Fixes #1480
  6ebabe2f
Feb 24, 2016
- Merge branch 'master' into mediaselect · 49611581
  Andreas Gohr authored 9 years ago
  
  * master: refactor page saving and introduce COMMON_WIKIPAGE_SAVE
  49611581
- clean up the onselect callback · 3a63c3f3
  Andreas Gohr authored 9 years ago
  
  This makes sure the provided callback is using alphanumerics only. I'm not sure this is needed, but better safe than sorry.
  3a63c3f3
- Merge pull request #1472 from splitbrain/wikisave_event · 2a83ac60
  Andreas Gohr authored 9 years ago
  
  refactor page saving and introduce COMMON_WIKIPAGE_SAVE
  2a83ac60
Feb 22, 2016

Revert "Revert "make reuse of mediamanager popup easier"" · 34b180e5
Andreas Gohr authored 9 years ago
```
because we actually want it in this branch ;-)

This reverts commit 38a2174b.
```
34b180e5
Revert "make reuse of mediamanager popup easier" · 38a2174b
Andreas Gohr authored 9 years ago
```
this was an accidental commit to master

This reverts commit f7f7fb6c.
```
38a2174b

make reuse of mediamanager popup easier · f7f7fb6c

Andreas Gohr authored 9 years ago

This introduces a mechanism to override what happens when a media item
is selected in the media manager popup by providing a callback name in
the URL. The default implementation just does what
dw_mediamanager.insert did before and calls insertTags()

f7f7fb6c

Feb 19, 2016
- removed isset() from blank() function · 67234204
  Andreas Gohr authored 9 years ago
  
  As discussed in #1471, an uninitialized variable will always be implicitly created when passed to the blank() function. Calling isset() is thus a no-op. A warning about this behavior has been added to the function comment.
  67234204
- deny access to .git directories in .htaccess · 3258ecf1
  Andreas Gohr authored 9 years ago
  
  3258ecf1
- Merge pull request #1423 from wernerflamme/master · ba85926b
  Andreas Gohr authored 9 years ago
  
  Adapt .htaccess files for Apache 2.4
  ba85926b