• last updated 15 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
- fixed severe vulnerability with path traversal attack

Require in all shipped policies swa permissions to create ::xowiki::Objects

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/package-procs.tcl
Require in all shipped policies swa permissions to edit ::xowiki::Objects, since these can contain Tcl code

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/package-procs.tcl
add permission checks for including xowiki pages

    • -1
    • +12
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
bump version number

    • -3
    • +3
    /openacs-4/packages/xowiki/xowiki.info
security update for adp includes

    • -2
    • +25
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
- bump version number

    • -3
    • +3
    /openacs-4/packages/xowiki/xowiki.info
- revive xinha for richtext again

- remove mixin, when downgrading a richtext formfield to a textarea

    • -4
    • +4
    /openacs-4/packages/xowiki/xowiki.info
- reduce verbosity

Add new message keys for enhanced admin UI

adjustments for wymeditor

get rid of mixins for hidden fields

hopefully the last part of the richtext attribute setting fix

xinha fix to work with xotcl versions without recent slot support

bump version number to ease communication

    • -2
    • +2
    /openacs-4/packages/xowiki/xowiki.info
keep configured values, when editor is switched

deactivate background_delivery for connections via nsopenssl

one more regexp fix

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
improve regular expression for includelet extraction in ::xowiki::Page

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
Added export of all pictures of an album

improve checkbox behavior

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/xowiki-procs.tcl
backport of a fix from cvs head to this branch when setting widget spec in folder object

    • -2
    • +2
    /openacs-4/packages/xowiki/xowiki.info
- ensure, the login window is displayed, when the computed URL is too long

- improve hint message

ensure that the tcl-proc-view script of /api-doc/ is called (does not work perfectly for ns_* commands either)

bug solved while accessing to a monitor service defined as "self"

    • -2
    • +9
    /openacs-4/packages/imsld/www/monitor-frame.tcl
    • -1
    • +16
    /openacs-4/packages/imsld/www/monitor-frame.xql
ConditionsRecursionLimit must be defined as parameter. Meanwhile, here is a quick solution (need to be solved)

Use commas to seperate columns in CSV (not semicolons!) and quote the

contents with double quotes.

bug with monitor service when role is self solved

provide links for "manage notifications" when a user subscribes to an xowiki instance or a category