OpenACS / openacs-4 / packages / xowiki

tcl

Tools

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 0
Total Committers: 11
Last Commit: 26 Apr
Commits this week: 0
Total Lines of Code (LoC): 29,976
Net change in LoC this week: 0

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated 8 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Friday 02 Feb
1:20 pm

gustafn

Extended "Page.copy_content_vars" with a "-except" parameter

This change makes it possible to use values from template pages

without changing the name of the target page. This change also

introduces a small modernization to use dicts instead of arrays.

Options
    • -7
    • +14
    ./xowiki-procs.tcl
1:14 pm

gustafn

added URL for version checking to see, if a newer version is available from the CDN

Options
    • -1
    • +2
    ./resource-info-procs.tcl
Wednesday 31 Jan
1:48 pm

antoniop

Extend test suite

when testing FormPage validation, make sure two distinct behaviors are respected:

1) Rejected values that were part of the request are kept into their original form fields so the user can rework them and resubmit

2) Other parts of the page, such as the page title, are NOT influenced by data that faild to validate

Rationale: displaying unvalidated information as part of the response can be interpreted as a page injection.

In current codebase, that the title was changed indicates, that rejected information made its way into the :title object member of the FormPage.

The potential consequences of the FormPage setting unvalidated information into its members depends on a number of factors such as formfield logics, callbacks and proper page quoting (to name a few).

Options
    • -1
    • +17
    ./test/xowiki-test-procs.tcl
Tuesday 30 Jan
6:18 pm

gustafn

Reduced attack vectors for query and form variables while keeping semantics

- improve form_parameter and query variable validation

- revert partly change: it is intentional that in case of validation errors, the

instances variables of the in-memory object contain invalid data in order

to be able to show the use the invalid data in the form.

- prefer "string first" idiom over regular expression

Options
    • -54
    • +49
    ./xowiki-www-procs.tcl
6:17 pm

gustafn

fix typo

Options
    • -2
    • +2
    ./xowiki-form-procs.tcl
5:35 pm

antoniop

Fix typo

Options
    • -2
    • +1
    ./xowiki-www-procs.tcl
11:28 am

gustafn

removed obsolete code

Options
    • -5
    • +1
    ./includelet-procs.tcl
11:28 am

gustafn

update CDN source

The previous CDN site stopped working

Options
    • -2
    • +2
    ./yui-init.tcl
11:15 am

gustafn

generalized handling of error pages in disconnected stage

Options
    • -12
    • +8
    ./package-procs.tcl
10:35 am

antoniop

Cleanup leftover library: latest javascript assumes XMLHttpRequest is supported

Options
    • -3
    • +1
    ./chat-procs.tcl
Friday 26 Jan
5:37 pm

antoniop

Chat reform

The goal of these changes is to reduce the "mode" specific javascript code in the chat implementation and reduce server-side guessing of browser capabilities.

- In the MessageRelay class from xotcl-core, we rework the javascript code sent to the connection when doing scripted streaming to make less assumptions about the functions defined in the parent scope

- In the chat code from xowiki, we move most of the logics to guess the mode into javascript, where we can test the actual capabilities of the browser without relying on the user agent

- The previously 4 javascript files dependant on the chat mode have been made into one

Options
    • -112
    • +17
    ./chat-procs.tcl
  2. … 7 more files in changeset.
2:14 pm

antoniop

When the mode is "streaming", use Server Sent Events instead of a "plain" endless request

This has the advantage of a clearer, less hacky api, which, for instance, does not require manual parsing of the partial response.

Options
    • -10
    • +9
    ./chat-procs.tcl
  2. … 4 more files in changeset.
11:30 am

antoniop

Cleanup leftover method: its logics were moved to the MessageRelay class

Options
    • -15
    • +1
    ./chat-procs.tcl
Thursday 25 Jan
12:44 pm

antoniop

Cleanup commented code

Options
    • -11
    • +1
    ./xowiki-form-procs.tcl
Tuesday 23 Jan
2:20 pm

antoniop

Revert to an approach that will not change the [self] object, which has unexpected consequences

Options
    • -2
    • +9
    ./xowiki-www-procs.tcl
Monday 22 Jan
3:52 pm

antoniop

Use a better idiom to revert changes on the object, that e.g. will handle the same arrays and variables

Options
    • -4
    • +2
    ./xowiki-www-procs.tcl
Tuesday 16 Jan
6:35 pm

antoniop

Ensure we are still connected before we try to render the error to the user

For instance, the error may have beeen triggered by unexpected lack of connection, e.g. when we try to return content after a redirect has already been issued.

Options
    • -4
    • +12
    ./package-procs.tcl
Monday 15 Jan
12:42 pm

antoniop

Extend test: edit a different component of repeated compound 3 to also test that old and new values are stored as expected

Options
    • -0
    • +6
    ./test/xowiki-test-procs.tcl
Tuesday 09 Jan
5:17 pm

antoniop

Extend and fix xowiki.create_form_with_form_instance automated test with respect to checkbox behavior

- simple checkboxes (normal and repeated): as we do not specify a value for those, the default should be expected, not the last option

- checkboxes in repeated compound fields: upon triavial re-editing, the values should stay the same

This change exposes a bug in acs::test::xpath::get_form_values

Options
    • -8
    • +56
    ./test/xowiki-test-procs.tcl
Wednesday 20 Dec 2023
2:13 pm

antoniop

Port of downstream modification:

do not restrict the format the user can supply. Sanitize the filename later and complain only if this is made exclusively of invalid characters.

Options
    • -2
    • +12
    ./xowiki-www-procs.tcl
12:04 pm

antoniop

get_form_data reform:

when validation fails, revert all changes performed on the object while filling up the form fields.

Rationale: when validation fails, we do not persist the data. The same we should not let unvalidated data sneak into the object, as this may be e.g. displayed on the page or be otherwise used by the system.

Options
    • -1
    • +15
    ./xowiki-www-procs.tcl
Thursday 14 Dec 2023
10:57 am

antoniop

Do not retrieve extra_css from query_parameters, as this is vulnerable to injections

Many thanks to Markus Moser

Options
    • -2
    • +4
    ./xowiki-www-procs.tcl
Wednesday 29 Nov 2023
2:44 pm

gustafn

reduced verbosity

Options
    • -2
    • +2
    ./package-procs.tcl
Friday 24 Nov 2023
1:56 pm

antoniop

Fix syntax of new oneof value checker

Options
    • -3
    • +3
    ./xowiki-www-procs.tcl
  2. … 1 more file in changeset.
Thursday 23 Nov 2023
12:14 pm

antoniop

Validate nls_language so that the only values allowed are existing enabled locales

Options
    • -3
    • +15
    ./xowiki-www-procs.tcl
  2. … 1 more file in changeset.
Tuesday 21 Nov 2023
2:30 pm

antoniop

Fix parenthesys in bulk actions

Many thanks to Sebastian Scheder

Options
    • -16
    • +16
    ./bootstrap-procs.tcl
Monday 20 Nov 2023
6:06 pm

antoniop

Get the preferred css toolkit via api, as this will introduce additional fallback logics with respect to the plain parameter

Options
    • -4
    • +1
    ./menu-procs.tcl
Friday 03 Nov 2023
6:52 pm

antoniop

Ensure scripts and internal use information are not rendered together with the content, in particular for dumber HTML renderer

Options
    • -7
    • +4
    ./chat-procs.tcl
Monday 30 Oct 2023
12:20 pm

antoniop

Make sure method variable exists, fixes automated tests

Options
    • -1
    • +2
    ./package-procs.tcl
12:17 pm

antoniop

Whitespace cleanup

Options
    • -7
    • +7
    ./package-procs.tcl