• last updated 13 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
deactivate parameter "template", which can be used for XSS attacks. Not sure, who needs this. many thanks to Stefan Sobernig for noting!

Use appropriate idiom to retrieve return_url from the query parameter

This solves also the corner case of the empty folder

Use naviserver api as methods such as exists_parameter might not always be defined on the object (e.g. when we try to bulk delete an empty folder)

Make so that child-resources includlet redirects bulk-actions to the page it is included into (this is for most upstream scenarios the folder page as before) and make www-bulk_delete sensitive to the new return_url query parameter

  1. … 1 more file in changeset.
improve spelling

  1. … 6 more files in changeset.
child-resources: specify urls involved in bulk-delete action more explicitly in a way that the includelet will work also when put in other non-folder pages

  1. … 1 more file in changeset.
prefer "nsf::is object" over ":isobject" or "info commands", since it is faster, more generic and can be used in all contexts

  1. … 3 more files in changeset.
prefer "nsf::is object" over ":isobject" or "info commands", since it is faster, more generic and can be used in all contexts

  1. … 15 more files in changeset.
modernize code: use resolver variables rather than method calls

  1. … 14 more files in changeset.
use consistently the instance variable of the package_id

prefer method "normalizepath"

just normalize the path, when it was specified

fix over-restrictive logic for template path checking

- normalize paths to template files

- do not allow paths to template files not on standard locations

web-callable method list: add optional parameter "children" to allow listing of arbitrary children of an item

  1. … 1 more file in changeset.
don't hardcode /tmp/

simplify file delivery modes

use same idioms for checking for exising commands

  1. … 5 more files in changeset.
white-space cleanup

  1. … 2 more files in changeset.
new feature: add one-button copy action to folder listings

  1. … 6 more files in changeset.
Prefer glyph-icons over sprites:

- new function xowiki::Package preferredCSSToolkit to ease access to preferred CSS toolkit

- split xowiki.css into a generic part (xowiki.css) and a preferred toolkit related part

(e.g.xowiki-bootstrap3-specific.css)

- use glyphicons in bootstrap variant instead of sprites for edit/delete/... buttons

  1. … 5 more files in changeset.
prefer absolut object references over ids

  1. … 15 more files in changeset.
- modernize code (remove "my")

- prefer fully qualified commands based on IDs

  1. … 33 more files in changeset.
provide proper fix, which makes the expectations clear

Make sure field's class implements leaf_components method

- document the web-callable methods

- separater test cases from test helper procs

  1. … 3 more files in changeset.
checkbox settings: refactor approach once more to aovid potential interactions with calls of "get_compound_value" from other call-sites

  1. … 1 more file in changeset.
close potential return vector via "data:*" URLs

  1. … 2 more files in changeset.
improve spelling and deactivate changes that were probably needed only for Firefox 2

  1. … 9 more files in changeset.
new feature: allow default of form-fields to be honored on new entries

This change allows an userfor instance to create folders with predefined

content renderer, which can be altered by the end user.