kolan
/
obsolete.ChilliProject
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
5,321 Commits 5 Branches 46 Tags 17 MiB
Commit Graph

34 Commits

Author SHA1 Message Date
Holger Just cb2086f652 [#647] Fix XSS in textile image syntax. 
Image URLs are not properly escaped in the bundled RedCloth3 library.
It thus allowed an XSS vector.

The patch was adapted from r7570 from Redmine by Etiene Massip. See also
http://www.redmine.org/issues/9245.
 2011-10-31 17:22:34 +01:00
Holger Just 91070236db Set source encoding to UTF-8 2011-10-29 14:48:03 +02:00
Jean-Philippe Lang 9049d58de4 Fixed: line breaks are ignored in quoted text (#6148). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5133 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2011-04-16 15:38:57 -07:00
Jean-Philippe Lang 9a5a1385da Fixed: Wiki headings containing backslash followed by a digit are not displayed correctly (#7846). 
Contributed by Etienne Massip.

git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@5100 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2011-04-16 15:38:56 -07:00
Jean-Philippe Lang 8841ba97c6 Fixed: class attribute with spaces on pre tags truncated (#7033). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4468 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-12-05 10:09:18 +00:00
Jean-Philippe Lang f79a6f701a Makes textile formatter accept 2 letters acronym (#6591). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@4374 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-11-06 13:29:23 +00:00
Jean-Philippe Lang 0a47389a65 Fixes some textile issues with JRuby (#5404). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3718 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-04-30 17:50:34 +00:00
Jean-Philippe Lang 8cdcf308be Escape href attribute in auto links (#5179). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3612 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-03-24 20:26:22 +00:00
Jean-Philippe Lang 533590c29c Fixed: Double-dash results in strikethrough text (#5122). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3605 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-03-20 12:54:23 +00:00
Jean-Philippe Lang 7621463acb Do not html escape code that is going to be highlighted (#2985, #3359). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3582 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-03-14 09:05:58 +00:00
Jean-Philippe Lang 054ff0db8e Fixed: inline code with less-then/greater-than produces @lt; and @gt; (#1416). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3567 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-03-12 15:12:23 +00:00
Jean-Philippe Lang 24b4c5f48d Fixed: text formatting breaks when using parenthesis inside bold tags (#1334). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3563 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-03-12 13:43:11 +00:00
Jean-Philippe Lang 4e5078ebb0 Fixed: some textile modifiers combinations don't work, eg. bold inside underline (#5045). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3561 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2010-03-11 19:55:31 +00:00
Jean-Philippe Lang 96fe47ea19 Disabled broken textile references (#4354). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3141 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-12-09 10:30:23 +00:00
Jean-Philippe Lang 1d8b4ee778 Fixed pre tags containing "<pre*" (#4125). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3030 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-11-11 16:23:11 +00:00
Jean-Philippe Lang 668ec7f694 Fixes a regexp for ruby1.9. 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@3015 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-11-07 09:43:02 +00:00
Jean-Philippe Lang 9943f64ff0 Fixed: inline images in wiki headings (#4112). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2999 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-11-04 10:22:57 +00:00
Jean-Philippe Lang dcba9f18e6 Allow line breaks in wiki table cells (#2346). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2824 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-07-19 14:23:15 +00:00
Jean-Philippe Lang 6bb5508387 Less aggressive textile image tag parsing (#3209). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2677 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-04-21 12:49:16 +00:00
Jean-Philippe Lang bab9b0d6ff Allow textile mailto links (#3127). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2664 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-04-07 17:35:52 +00:00
Jean-Philippe Lang 2ca4eea244 Less strict textile links parsing (#2582). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2344 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2009-01-31 14:50:56 +00:00
Jean-Philippe Lang 8b7fb7213f Stricter textile links parsing (#2417). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2212 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-12-30 16:23:05 +00:00
Jean-Philippe Lang 35f5e36838 Disable textile inline styles to prevent XSS attacks (#2377). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2192 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-12-28 13:38:34 +00:00
Jean-Philippe Lang a140c9bd74 Fixed bold syntax around single character in series (#2351). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2191 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-12-28 10:12:09 +00:00
Jean-Philippe Lang 7776b5b665 Escape textile titles and styles (#2377). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2170 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-12-23 17:05:38 +00:00
Jean-Philippe Lang 4ec5b1600a Escape double-quotes in image titles. 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2144 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-12-19 10:16:15 +00:00
Jean-Philippe Lang 737bbb3d3d Less agressive Redcloth lang attribute parsing (#2091). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2020 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-11-11 16:26:05 +00:00
Jean-Philippe Lang 9ae6e60c26 Fixes syntax highlighting broken by r1930 (#2143). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@1993 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-11-08 15:18:02 +00:00
Jean-Philippe Lang d143019dbb Adds back textile acronyms support (#2077). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@1956 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-10-27 11:50:23 +00:00
Jean-Philippe Lang ff449b197f Fixed: textile footnotes no longer work after r1113 (#974). 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@1941 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-10-18 11:25:27 +00:00
Jean-Philippe Lang 2ed9aa13f3 Remove pre tag attributes. 
git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@1930 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-10-12 19:13:36 +00:00
Jean-Philippe Lang 2e7e26fbb4 Fixes html escaping. 
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1901 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-09-23 17:03:51 +00:00
Jean-Philippe Lang 14b4afeec9 Fixed: http links containing parentheses fail to reder correctly (#1591). Patch by Paul Rivier. 
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1871 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-09-17 16:48:04 +00:00
Jean-Philippe Lang a592d6c40d Renames bundled RedCloth to RedCloth3 to avoid RedCloth 4 to be loaded instead (#1754). 
git-svn-id: http://redmine.rubyforge.org/svn/trunk@1800 e93f8b46-1217-0410-a6f0-8f06a7374b81
 2008-09-11 17:19:26 +00:00