Skip to content
  1. Feb 14, 2017
  3. Feb 07, 2017
  5. Dec 31, 2016
  7. Nov 30, 2016
  9. Aug 11, 2016
  11. Jul 01, 2016
  13. Jun 16, 2016
  15. Jun 14, 2016
    • Sean McGivern's avatar
      Forbid scripting for wiki files · 1cda245c
      Sean McGivern authored 
      Wiki files (not pages - files in the repo) are just sent to the browser
with whatever content-type the mime_types gem assigns to them based on
their extension. As this is from the same domain as the GitLab
application, this is an XSS vulnerability.

Set a CSP forbidding all sources for scripting, CSS, XHR, etc. on these
files.
      1cda245c
  17. Jun 09, 2016
    • Timothy Andrew's avatar
      Hook up the updated `WikiLinkFilter` to the wiki controllers. · e6b1d166
      Timothy Andrew authored 
      - Need to pass in a `page_slug` to the filter, so it can rewrite based
  on the current page (all links are rewritten to the level of the app root).
- The earlier `markdown_preview` endpoint was at the level of the wiki.
  We need to know the current page (for rewriting, as above), so this
  commit moves the endpoint to the level of a wiki page.
- Fix all tests
      e6b1d166
  19. Jun 03, 2016
  21. May 26, 2016
    • Yorick Peterse's avatar
      Split Markdown rendering & reference gathering · 86166d28
      Yorick Peterse authored 
      This splits the Markdown rendering and reference extraction phases into
two distinct code bases. The reference extraction phase no longer relies
on the html-pipeline Gem (and any related code) and allows for
extracting of references from multiple HTML nodes in a single pass. This
means that if you want to extract user references from 200 comments you
no longer need to run 200 times N number of queries, instead only a
handful of queries may be needed.
      86166d28
  23. Apr 29, 2016
  25. Apr 20, 2016
  27. Mar 30, 2016
  29. Mar 19, 2016
  31. Oct 03, 2015
  33. Sep 09, 2015
  35. Sep 02, 2015
  37. Aug 26, 2015
  39. Jun 26, 2015
  41. Apr 20, 2015
  43. Apr 07, 2015
  45. Mar 12, 2015
  47. Mar 03, 2015
  49. Feb 14, 2015
    • Vinnie Okada's avatar
      Upgrade to Rails 4.1.9 · 76aad9b7
      Vinnie Okada authored 
      Make the following changes to deal with new behavior in Rails 4.1.2:

* Use nested resources to avoid slashes in arguments to path helpers.
      76aad9b7
  51. Feb 03, 2015
  53. Jun 07, 2014
  55. May 05, 2014
  57. Apr 24, 2014
  59. Apr 11, 2014
  61. Apr 09, 2014
  63. Jun 23, 2013
  65. Apr 03, 2013
  67. Mar 10, 2013
    • Dan Knox's avatar
      Replace current Wiki system with Gollum Wikis. · ea9b3687
      Dan Knox authored 
      This commit replaces the old database backed Wiki system with the
excellent Gollum git based Wiki system.

The UI has been updated to allow for utilizing the extra features
that Gollum provides. Specifically:

* Edit page now allows you to choose the content format.
* Edit page allows you to provide a commit message for the change.
* History page now shows Format, Commit Message, and Commit Hash.
* A new Git Access page has been added with the Wiki Repo URL.
* The default page has been changed to Home from Index to match
the Gollum standard.

The old Wiki model has been left in tact to provide for the
development of a migration script that will move all content stored
in the old Wiki system into new Gollum Wikis.
      ea9b3687