Skip to content
Snippets Groups Projects
Select Git revision
  • refctorHTTPCLient
  • fix-zero
  • issue2721
  • master default protected
  • psr2
  • fixNoticesCLI
  • issue2665
  • issue2517
  • rmdir
  • old-stable
  • stable
  • extcli
  • HTTPClientAgent
  • issue2366
  • betterDeprecationComment
  • issue1569
  • fixGetVersion
  • testfixes
  • psr2-plugin
  • renameParam
  • release_stable_2017-02-19f
  • release_stable_2018-04-22b
  • release_stable_2018-04-22a
  • release_stable_2018-04-22
  • release_stable_2016-06-26e
  • release_stable_2017-02-19e
  • release_stable_2016-06-26d
  • release_stable_2017-02-19d
  • release_stable_2016-06-26c
  • release_stable_2017-02-19c
  • release_stable_2016-06-26b
  • release_stable_2017-02-19b
  • release_stable_2017-02-19a
  • release_stable_2017-02-19
  • release_stable_2016-06-26a
  • release_stable_2016-06-26
  • release_stable_2015-08-10a
  • release_stable_2015-08-10
  • release_stable_2014_05_05e
  • release_stable_2014_09_29d
40 results
Search by author
  • Any Author
  • halltodd halltodd halltodd
  • Jonathan Babbage Jonathan Babbage babbagej
2 authors
  1. Dec 16, 2008
  3. Dec 10, 2008
  5. Aug 15, 2008
  7. Jul 20, 2008
  9. May 01, 2008
  11. Mar 15, 2008
  13. Mar 12, 2008
  15. Dec 03, 2007
  17. Nov 17, 2007
    • Andreas Gohr's avatar
      ACL Manager rewritten · 2a3623da
      Andreas Gohr authored 
      This patch replaces the old ACL manager plugin with a new, completely
rewritten one.

The ACL manager is now independent of the page from which it was called,
instead all pages and namespaces are selectable from an AJAX enhanced
list similar to the one used in the media manager. This should take care
of a major complain by new users.

Another major confusion was that the old manager only showed relevant
rules. This new manager always shows *all* defined ACL rules.

darcs-hash:20071117155740-7ad00-1de71e396d5dbc117bf5788fb5667af828d5c20f.gz
      2a3623da
  19. Sep 08, 2007
  21. Aug 29, 2007
    • Andreas Gohr's avatar
      CSRF prevention for admin plugins · 634d7150
      Andreas Gohr authored 
      This patch adds a session based token to all form in the default action plugins.
The validity of the token is checked before any administrative function is
executed aiming to protect DokuWiki's admin functions from Cross-site request
forgery (CSRF) attacks.

Another patch will follow to add the same functionality on other, less critical
functions.

More details on CSRF attacks can be found at
http://en.wikipedia.org/wiki/Cross-site_request_forgery

darcs-hash:20070829201538-7ad00-d0770224a3351fd8e38968e3a9d8e73520482445.gz
      634d7150
  23. Apr 09, 2006
    • chris's avatar
      Bug#680 · e04f1f16
      chris authored 
      Update default plugins to ensure they exit immediately
if not called from within Dokuwiki

darcs-hash:20060409233841-9b6ab-555e4fced756849a5d7b9de6e4aaaea24c6da3ae.gz
      e04f1f16
  25. Mar 08, 2006
  27. Mar 03, 2006
  29. Mar 02, 2006
    • Andreas Gohr's avatar
      Allow non-ID names in ACLs · 6c2bb100
      Andreas Gohr authored 
      Some auth backends allow special chars like whitespaces in user and group
names. This made problems with the existing ACL checks and ACL manager.
This patch makes the ACL system work with these cases by (url)encoding all
special chars below 128.

darcs-hash:20060302101850-6e07b-14bda9dbdb3528904325419b35bb9eddb0d1dde3.gz
      6c2bb100
  31. Jan 27, 2006
  33. Jan 26, 2006
  35. Aug 24, 2005