- Feb 24, 2015
-
-
Andreas Gohr authored
Security Fix Severity: Medium Type: Remote Priviledge Escalation Remote: yes Vulnerability Details: This fixes a security hole in the ACL plugins remote API component. The plugin failed to check for superuser permissions before executing ACL addition or deletion. This means everybody with permissions to call the XMLRPC API also had permissions to set up their own ACL rules and thus circumventing any existing rules. Risk Assessment: The XMLRPC API in DokuWiki is marked experimental and off by default. It also implements an additional safeguard by giving access to a configured circle of users and groups only. So only a minor number of DokuWiki installations will be affected at all. For affected installations the risk is high if users with access to the API are not to be trusted. Thus the overall severity of medium. Resolution: Installations applying this commit are safe. A hotfix is about to be released. Meanwhile users are advised to disable the XMLRPC API in the config manager.
-
Andreas Gohr authored
-
Andreas Gohr authored
-
- Feb 17, 2015
-
-
- Feb 13, 2015
-
-
Álvaro Iradier authored
-
- Feb 12, 2015
- Feb 09, 2015
-
-
Andreas Gohr authored
This moves the message area into content div. The pageid is now aligned by floating instead of absolute positioning.
-
Andreas Gohr authored
-
Andreas Gohr authored
-
- Jan 28, 2015
-
-
Davor Turkalj authored
-
- Jan 25, 2015
-
-
Aleksandr Selivanov authored
-
- Jan 15, 2015
-
-
Andreas Gohr authored
-
- Jan 14, 2015
-
-
KeenRivals authored
-
- Jan 12, 2015
-
-
Rainbow Spike authored
1 little fix
-
- Jan 10, 2015
-
-
Scrutinizer Auto-Fixer authored
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
-
- Jan 08, 2015
-
-
Mijndert authored
-
- Jan 07, 2015
-
-
Scrutinizer Auto-Fixer authored
This commit consists of patches automatically generated for this project on https://scrutinizer-ci.com
-
Andreas Gohr authored
-
Andreas Gohr authored
In an older version of PHP a file_exists() call would issue a warning when the file did not exist. This was fixed in later PHP releases. Since we require PHP 5.3 now, there's no need to supress any error here anymore. This might even give a minor performance boost.
-
- Jan 05, 2015
-
-
Schplurtz le Déboulonné authored
-
Maciej Helt authored
-
- Dec 31, 2014
-
-
Jaroslav Lichtblau authored
-
- Dec 30, 2014
-
-
Marian Banica authored
-
- Dec 21, 2014
-
-
Type-kun authored
-
- Dec 20, 2014
-
-
Yves Grandvalet authored
-
- Dec 18, 2014
-
-
Guido Salatino authored
-
Mark authored
As described in the common idioms of the HTML5 spec, mark up navigation as a list inside a `nav` element for better semantics and accessibility. see: * http://www.w3.org/html/wg/drafts/html/master/common-idioms.html#rel-up * http://lists.w3.org/Archives/Public/public-html/2013Nov/thread.html#msg6 * https://dl.dropboxusercontent.com/u/377471/breadcrumb.html for discussion and background.
-
- Dec 17, 2014
-
-
Satoshi Sahara authored
-
- Dec 15, 2014
-
-
Vitaly Filatenko authored
-
- Dec 14, 2014
-
-
Myeongjin authored
-
- Dec 13, 2014
-
-
Type-kun authored
-
Jaroslav Lichtblau authored
-
- Dec 12, 2014
-
-
Type-kun authored
-
Jaroslav Lichtblau authored
-
Jussi Takala authored
-
Satoshi Sahara authored
-
- Dec 11, 2014
-
-
Andreas Gohr authored
-
Andreas Gohr authored
Add the class .bounce to any element to let it bounce slightly for 2 seconds. This is useful to make the user aware of some element. Can be combined with #scroll__here when a long list auto scrolls to a certain item.
-
Andreas Gohr authored
-
