| Age | Commit message (Collapse) | Author |
|---|
|
Place file contents into a single block so that syntax highlighting can
be applied in the usual fashion. Place the alternating color bars
behind the file contents. Force the default syntax highlighting
background to transparent.
Signed-off-by: Jeff Smith <[email protected]>
Reviewed-by: John Keeping <[email protected]>
|
|
Signed-off-by: Ville Skyttä <[email protected]>
|
|
|
|
Otherwise we get the classic Python UTF-8 errors, and the text is all
out of order. While we're at it, switch to python3 so we only have to
support one set of oddball semantics.
Signed-off-by: Jason A. Donenfeld <[email protected]>
Suggested-by: Daniel Campbell <[email protected]>
|
|
|
|
|
|
|
|
|
|
Signed-off-by: Christian Hesse <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
http://www.w3.org/International/questions/qa-escapes#use
|
|
|
|
|
|
|
|
This allows custom links to be used for repository owners by
configuring a filter to be applied in the "Owner" column in the
repository list.
|
|
Serving cgit via https and getting avatar via http gives error messages
about untrusted content. This decides whether or not to use https link
by looking at the environment variable HTTPS, which is set in CGI.
|
|
|
|
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
This way we're sure to use virtual root, or any other strangeness
encountered.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
By default, strings are compared by hash, so we can remove this comment.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
This also gives us some CSRF protection. Note that we make use of the
hmac to protect the redirect value.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
This leverages the new lua support. See
filters/simple-authentication.lua for explaination of how this works.
There is also additional documentation in cgitrc.5.txt.
Though this is a cookie-based approach, cgit's caching mechanism is
preserved for authenticated pages.
Very plugable and extendable depending on user needs.
The sample script uses an HMAC-SHA1 based cookie to store the
currently logged in user, with an expiration date.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
an attribute value specification must be an attribute value literal
unless SHORTTAG YES is specified
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
Filters can now indicate a status back to cgit by means of the exit code
for exec, or the return value from close for Lua.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
* make ampersand a html entity
* add required alt attribute
* add required img end tag
|
|
|
|
|
|
Since the email filter is called from lots of places, the script might
benefit from knowing the origin. That way it can modify its contents
and/or size depending.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
The lua one is hugely faster than the python one, but both are included
for comparison.
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
- Switched back to python2 according to a problem in pygments with python3.
With the next release of pygments this problem should be fixed.
Issue see here:
https://bitbucket.org/birkenfeld/pygments-main/issue/901/problems-with-python3
- Just read the stdin, decode it to utf-8 and ignore unknown signs. This ensures
that even destroyed files do not cause any errors in the filter.
- Improved language guessing:
-> At first use guess_lexer_for_filename for a better detection of the used
programming languages (even mixed cases will be detected, e.g. php + html).
-> If nothing was found look if there is a shebang and use guess_lexer.
-> As default/fallback choose TextLexer.
Signed-off-by: Stefan Tatschner <[email protected]>
|
|
Previously the script tried to encode output from Pygments with
the ASCII codec, which failed.
Signed-off-by: Přemysl Janouch <[email protected]>
|
|
dash failed to parse the script.
Signed-off-by: Přemysl Janouch <[email protected]>
|
|
v2: add highlight 3.13 as present on Fedora 19
Signed-off-by: Ferry Huberts <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
Signed-off-by: Jason A. Donenfeld <[email protected]>
|
|
By not quoting the argument, an attacker with the ability to add files
to the repository could pass arbitrary arguments to the highlight
command, in particular, the --plug-in argument which can lead to
arbitrary command execution.
This patch adds simple argument quoting.
|
|
There are 2 situations:
1- empty extension: assuming text is better than highlight
producing no output because of a missing argument.
2- no extension at all: assuming text is better than setting
the extension to the filename, which is what now happens.
Signed-off-by: Ferry Huberts <[email protected]>
|
|
This reverts commit f50be7fda0a7ab57009169dd5905fcbab8eb5166.
An update with the latest highlight landed in EPEL. This new version
doesn't have the --force bug, so the workaround can now be removed.
Signed-off-by: Ferry Huberts <[email protected]>
|
|
|
|
|
|
|
|
The default length for sha1 abbreviations in git is 7.
A '#num' at the beginning of the commit message is now
recognised, a ':#num' as well, etc.: a '#num' anywhere
is now converted to a link.
Signed-off-by: Ferry Huberts <[email protected]>
Signed-off-by: Lars Hjemli <[email protected]>
|
|
Signed-off-by: Ferry Huberts <[email protected]>
Signed-off-by: Lars Hjemli <[email protected]>
|
|
This allows for putting descriptions closer to their expressions. It
should also make it clearer how to apply an expression conditionally.
|
