• last updated 18 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
remove ":instvar", improved comments

add ad_script_abort after ns_return

fix bug: never update references in the search renderer

before, it was possible that the search renderer added some

unsresolved references, although these were already fixed.

This was caused by the asynchrnous search queue, which

might have inserted such values.

The interface of Page.render was extended to be able to

specify, that the references should be always updated in the DB,

or just when unresolved references are encountered, or

never.

  1. … 3 more files in changeset.
improve input validaton on query variables

  1. … 7 more files in changeset.
security improvements: add value constraints for query parameters

improving comments, variable names, and indentation

  1. … 2 more files in changeset.
deactivate parameter "template", which can be used for XSS attacks. Not sure, who needs this. many thanks to Stefan Sobernig for noting!

Use appropriate idiom to retrieve return_url from the query parameter

This solves also the corner case of the empty folder

Use naviserver api as methods such as exists_parameter might not always be defined on the object (e.g. when we try to bulk delete an empty folder)

Make so that child-resources includlet redirects bulk-actions to the page it is included into (this is for most upstream scenarios the folder page as before) and make www-bulk_delete sensitive to the new return_url query parameter

  1. … 1 more file in changeset.
improve spelling

  1. … 6 more files in changeset.
child-resources: specify urls involved in bulk-delete action more explicitly in a way that the includelet will work also when put in other non-folder pages

  1. … 1 more file in changeset.
prefer "nsf::is object" over ":isobject" or "info commands", since it is faster, more generic and can be used in all contexts

  1. … 3 more files in changeset.
prefer "nsf::is object" over ":isobject" or "info commands", since it is faster, more generic and can be used in all contexts

  1. … 15 more files in changeset.
modernize code: use resolver variables rather than method calls

  1. … 14 more files in changeset.
use consistently the instance variable of the package_id

prefer method "normalizepath"

just normalize the path, when it was specified

fix over-restrictive logic for template path checking

- normalize paths to template files

- do not allow paths to template files not on standard locations

web-callable method list: add optional parameter "children" to allow listing of arbitrary children of an item

  1. … 1 more file in changeset.
don't hardcode /tmp/

simplify file delivery modes

use same idioms for checking for exising commands

  1. … 5 more files in changeset.
white-space cleanup

  1. … 2 more files in changeset.
new feature: add one-button copy action to folder listings

  1. … 6 more files in changeset.
Prefer glyph-icons over sprites:

- new function xowiki::Package preferredCSSToolkit to ease access to preferred CSS toolkit

- split xowiki.css into a generic part (xowiki.css) and a preferred toolkit related part

(e.g.xowiki-bootstrap3-specific.css)

- use glyphicons in bootstrap variant instead of sprites for edit/delete/... buttons

  1. … 5 more files in changeset.
prefer absolut object references over ids

  1. … 15 more files in changeset.
- modernize code (remove "my")

- prefer fully qualified commands based on IDs

  1. … 33 more files in changeset.
provide proper fix, which makes the expectations clear