Tars strip the leading slash so the tests where wrong. Not sure why they
stilldid work sometimes

Improve nofollow behaviour for ?do=index

and no automatic sitemap.xml is being generated.

this ensures nested POST data is correctly encoded

In debug mode: catch and log JS errors with file information

The check if the plugin is enabled is done later in the plugin
controller anyway.

added loggedIn class to main tpl container

Fixes validation problems with base64 encoded images in CSS.

Fixes validation problems with base64 encoded images in CSS.

add TEMPLATE_DOKUWIKI_PAGETOOLFLOAT_DISPLAY event to template

also made it more secure against copy'n'paste

Implemented some ARIA attributes

In response to FS#2766
- make namespace links in the browser sitemap nofollow
- remove nofollow from browser sitemap link on the wiki start page
  when sitemap.xml generation is disabled

FS#2770 - prevent <file> and <code> syntax regex matching too much

code - test correct recognition of downloadable filename token
file - test correct recognition of syntax name & downloadable filename tokens

The current message confusingly mentions bad 'username' when username is not involved.  The
new message is the same as that introduced for an incorrect current password on the self
delete profile form (FS#2751)

The refshow configuration option wasn't used as described anymore
already in the latest release and after the introduction of the media
usage index the parameter is also no longer relevant for internal
optimization. The only place where it was still used is the no longer
used search_references()-function which is removed here, too.

This adds a new parameter to ft_backlinks() to ignore permissions which
is needed for invalidating the cache of linking pages with useheading
enabled. This also adds various test cases for ft_backlinks().

Added an explanation that what we do is like normal CBC but that we
additionally encrypt the IV which is actually suggested by the NIST for
non-random (but unique) IVs. In the decryption process it's not
necessary to decrypt the IV, this should save some time.