Pepperminty-Wiki

Commit Graph

Author	SHA1	Message	Date
Starbeamrainbowlabs	16354b467e	page-edit: fix typo	2024-02-10 19:25:10 +00:00
Starbeamrainbowlabs	34f003ace9	Changelog: add typos in user-table	2023-12-18 23:27:20 +00:00
Starbeamrainbowlabs	7698290ee5	unpacking: catch all possible errors from ZipArchive->open() Thanks, @daveschroeter For #249, but does NOT fix it	2023-10-12 00:51:25 +01:00
Starbeamrainbowlabs	b2b9606622	Bugfix: correct help page link for interwiki links	2023-09-10 13:46:50 +01:00
Starbeamrainbowlabs	0eca133679	update changelog	2023-02-19 02:18:53 +00:00
Starbeamrainbowlabs	63771c4078	Bump version for v0.24!	2023-02-19 01:51:05 +00:00
Starbeamrainbowlabs	0e675f4c6f	parsedown: fix templating under circumstances	2023-01-26 20:51:07 +00:00
Starbeamrainbowlabs	c6fb3cdd6e	credits: fix typo fixes #233	2022-09-17 17:36:20 +01:00
Starbeamrainbowlabs	b2ba00df56	Document redirect and redirected_from GET params to the view action	2022-08-14 21:41:17 +01:00
Starbeamrainbowlabs	c767ab6621	Bump version to v0.24-beta2; update changelog	2022-08-03 01:13:22 +01:00
Starbeamrainbowlabs	5e42121300	Bump versions	2022-07-05 01:13:17 +01:00
Starbeamrainbowlabs	41838003e3	Update changelog	2022-07-04 23:55:48 +01:00
Starbeamrainbowlabs	234f9fa371	Add x-tags to raw action	2022-06-29 00:06:36 +01:00
Starbeamrainbowlabs	cfd45c75ae	Update changelog	2022-05-26 03:00:51 +01:00
Starbeamrainbowlabs	e54bacdcac	page-edit: fix user page permissions check to also occur in the save action	2022-05-26 01:12:51 +01:00
Starbeamrainbowlabs	49a675c042	Return a 409 Conflict instead of a 200 OK on an edit conflict when saving a page in the save action	2022-05-25 23:50:55 +01:00
Starbeamrainbowlabs	3f76c64b82	Make PeppermintParsedown::extract_page_names more multibyte safe to avoid empty statistics	2022-04-24 14:38:21 +01:00
Starbeamrainbowlabs	bf2d797d92	oneboxing: change to use [[[triple square brackets]]] This is because for some reason when extending Parsedown to add a new block type for [[internal links]] to detect oneboxing means that it's impossible to tell if we're inside e.g. a bulleted list or not :-/	2022-03-17 03:20:21 +00:00
Starbeamrainbowlabs	434abdf29f	Add initial simple oneboxing support	2022-03-12 02:52:53 +00:00
Starbeamrainbowlabs	bb9a56f59a	StorageBox: Fix crash when index.php is a symlink	2022-02-27 15:56:34 +00:00
Starbeamrainbowlabs	ae4d03da17	Bugfix: Banish erroneous additional entries in complex tables of contents	2022-02-18 23:59:42 +00:00
Starbeamrainbowlabs	334b928c1e	Add initial support for embedding videos from YouTube, Vimeo, etc	2022-02-07 02:46:47 +00:00
Starbeamrainbowlabs	439187139d	Bugfix: fix crash when attempting to leave a top-level comment	2022-02-06 00:24:55 +00:00
Starbeamrainbowlabs	021ebaea22	Fix crash when loading the stats page	2022-01-05 02:47:28 +00:00
Starbeamrainbowlabs	4853c1f604	fix login when hosting Pepperminty Wiki in a subdirectory	2021-09-30 21:26:30 +01:00
Starbeamrainbowlabs	7cf545a3ca	Fix more intelligent returnto redirect	2021-09-30 21:06:07 +01:00
Starbeamrainbowlabs	fa407ce99d	login: regenerate sessiono token on login; make returnto sanitisation more intelligent	2021-09-27 21:32:39 +01:00
Starbeamrainbowlabs	4f3a1c3757	Display returnto URL above the login form if present to further mitigate CSRF issues	2021-09-27 20:51:12 +01:00
Starbeamrainbowlabs	2e1e1d0535	100-run: fix XSS when action is not found	2021-09-25 11:42:07 +01:00
Starbeamrainbowlabs	978da55e00	Update changelog	2021-09-21 14:10:02 +01:00
Starbeamrainbowlabs	f59e68127c	Ensured that the `returnto` GET parameter leads you only to another place on your Pepperminty Wiki instance (thanks, @JamieSlome)	2021-09-21 13:40:12 +01:00
Starbeamrainbowlabs	4be6a181cb	Bugfix: XSS in format GET param of stats action	2021-09-21 13:29:27 +01:00
Starbeamrainbowlabs	05555e7d55	Changelog: fix heading indents	2021-09-15 14:42:50 +01:00
Starbeamrainbowlabs	6b9dfbcf68	Update changelog again	2021-09-03 02:26:47 +01:00
Starbeamrainbowlabs	51475b41b1	Update Changelog	2021-09-03 02:25:58 +01:00
Starbeamrainbowlabs	07eed388bd	Bump version	2021-09-03 02:05:24 +01:00
Starbeamrainbowlabs	ec0b556892	recent changes: fix broken charactetr when displaying page moves	2021-09-03 02:01:24 +01:00
Starbeamrainbowlabs	7aaded1f40	page-help: Add formats to data size bar on ?action=help&dev=yes	2021-09-03 01:29:49 +01:00
Starbeamrainbowlabs	1f51bf31c6	Add new file formats to the list of allowed formats for uploaded files: image/avif image/jxl Also, lesser known image formats: image/hief image/heic	2021-09-03 00:52:01 +01:00
Starbeamrainbowlabs	4a00a404e1	Update changelog	2021-09-03 00:28:20 +01:00
Starbeamrainbowlabs	80f77a93b5	feature-comments: fix potential XSS	2021-09-02 22:50:00 +01:00
Starbeamrainbowlabs	51be347000	action-protect: fix	2021-09-02 22:29:39 +01:00
Starbeamrainbowlabs	d5ef65ce01	Update changelog	2021-09-02 21:35:12 +01:00
Starbeamrainbowlabs	e0f65c2e65	action-hash: fix potential XSS in string GET param	2021-09-02 21:27:26 +01:00
Starbeamrainbowlabs	b6fc5941b7	feature-watchlist: fix format GET parameter	2021-09-02 21:23:31 +01:00
Starbeamrainbowlabs	4fdbd9a427	Update changelog	2021-09-02 21:22:03 +01:00
Starbeamrainbowlabs	96546184dc	Implement simple slugify function I suspect I may have to fix a number of issues here.....	2021-09-02 21:19:31 +01:00
Starbeamrainbowlabs	473e8e1fc9	Update changelog	2021-09-02 21:08:53 +01:00
Starbeamrainbowlabs	0a77065c3f	Bugfix: Fix stored XSS attack - ref CVE-2021-38600 See https://github.com/hmaverickadams/CVE-2021-38600 For some reason the author did not think ti wise to let me know privately first - instead publicly announcing it via a GitHub repo..... sigh. In addition, is this really a vulnerability? Since Pepperminty Wiki requires the site secret to set it up, I can't see that this has a real impact. Still, I'll fix it anyway.....	2021-09-02 20:54:06 +01:00
Starbeamrainbowlabs	fab1b52882	Bugfix: fix error handling logic	2021-08-15 21:46:19 +01:00

1 2 3 4 5 ...

483 Commits