| Commit message (Collapse) | Author | Age |
... | |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch changes fetch.php ability to download external files. It now checks
for the returned MIME type and will only download images. For all other
MIME types a redirect is sent back to the browser. This reduces the risc of
being misused as open proxy.
Additionally the download facility is disabled completly by default by setting
the fetchsize option to 0. Users who want the feature need to overwrite the option
in their local.php.
Background: The ability to download external files is needed to resize external
images on the server side. When disabled, a redirect is sent to the browser which
will download the fullsize image and rescale it on the client side which is more
bandwidth and CPU intensive.
darcs-hash:20061017175329-7ad00-cd1b1bfa043a04540c51ca8380d28deaa14147d1.gz
|
|
|
|
|
|
| |
Fixes a header injection/XSS vulnerability
darcs-hash:20061008100523-7ad00-be06a942badb6a2a9ed862be003ee0050504b4b0.gz
|
|
|
|
|
|
| |
Fixes a shell injection and a DOS vulnerability
darcs-hash:20060926200551-7ad00-5ef27940dda6e48e7e2f8743fc90fa80b7b5cdff.gz
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds an option to configure the maximum size for files the fetch.php
will ever download. Setting this to 0 completely turns of the caching of external
media files.
Disadvantages of setting a low or zero fetchsize:
* fetch.php needs to download images to be able to resize them. When the used
fetchsize prevents the downloading the images can only be resized by the
browser which means the browser will need to download the fullsized image first.
* If the linked external media files vanishes it will no longer display in the
wiki because it is not cached.
Advantages of setting a low or zero fetchsize:
* fetch.php may be used for a possible denial of service attack by requesting
many big external files.
* The created cache files may take a lot of space on the server
I recommend to leave the setting at 2MB for internal and private wikis and lower
the setting to about 200 to 500 Kb for bigger public Wikis.
Note: the caching of files uploaded through the media manager is not affected by
this setting.
darcs-hash:20060615184847-7ad00-04fc39928f7d72e56f5c5e271013ef265436e6c9.gz
|
|
|
|
| |
darcs-hash:20060519212751-7ad00-ace54b61706fdf4f1b7c2abdbabee215a1e256ab.gz
|
|
|
|
|
|
|
|
|
|
| |
- Adds a jpg quality setting for scaled images
(Some images were getting too many jpg artifacts
at the hard-coded compression setting.)
- Creates a group for the media settings in the
config plugin.
darcs-hash:20060516062321-05dcb-a175b0de3264322a335cf60d8ee96317f7b03144.gz
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The HTTP Cache-Control header output now respects the Dokuwiki media parameters
'cache', 'recache', and 'nocache'.
- cache: cachetime or one hour (which ever is larger)
- recache: remaining cachetime + 10 seconds so the newly recached media is used
- nocache: no caching
Notes:
- 'proxy-revalidate' should ensure that public caches always revalidate, this
will keep caches from (accidentally) ignoring Dokuwiki's ACL rules.
- 'no-transform' should keep media from being modified in transit by caches.
Impact:
Speeds up page layout/display by browsers when they already have the media
in their [memory] cache. For example the 2nd time a page is viewed. This
also reduces server load by eliminating most of the overhead needed to
return '304 Not Modified' responses each time an image is viewed.
darcs-hash:20060421025424-05dcb-23ff26c5cb410bcd166299a840f4c500fa0d112e.gz
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes a major bug in fetching remote media with 'recache' and improves
the efficiency of 'nocache'.
Recache:
- Used to reload the remote media on EVERY request.
- Now it behaves as intended and only reloads the remote media
into the Dokuwiki cache every $conf['cachetime'] time.
Nocache:
- No longer stores remote media in the Dokuwiki cache.
- No longer loads, saves, and forwards remote media -- just redirects.
- No longer resizes images on the server because the cached results
can not be reused.
Overall this is faster for Dokuwiki. The bandwidth usage for
the 3rd party server is the same (less for Dokuwiki). Page loading
should also be faster because data is not being forwarded through
Dokuwiki (and the 3rd part server's cache control headers will be
respected automatically).
darcs-hash:20060421012210-05dcb-a6029baa0fad218ace28e0e3c2f442b1ca645a99.gz
|
|
|
|
|
|
| |
headers were not sent
darcs-hash:20060315120248-05dcb-5d5d4e06d0074a687185131cda2000b914346e19.gz
|
|
|
|
| |
darcs-hash:20060315064506-05dcb-92833a95f37a43ef50e6b993930ac9d25caed81f.gz
|
|
|
|
| |
darcs-hash:20060302125020-6e07b-25b701312aa4da899f299d82ccac1f5fd66e0255.gz
|
|
|
|
| |
darcs-hash:20051203145501-7ad00-a5c1f52b98fc26772d6585fe9218a3351da39b95.gz
|
|
|
|
| |
darcs-hash:20051203133713-7ad00-6c4d3126fb5de8e5396c214b1f6c82f99eca98ae.gz
|
|
|
|
| |
darcs-hash:20051021212304-7ad00-f01b3954b6b71ecc9e0cf899ed62bfb33e0c437e.gz
|
|
|
|
|
|
|
|
| |
fetch.php used is_executable() to check for the ImageMagick convert
tool. The function is not available prior PHP 5 for Windows systems.
fetch now only checks if the config variable is set.
darcs-hash:20050922165540-7ad00-f787b5be5c4e9ce4eb31399a1f3ce8dcd1654c60.gz
|
|
|
|
|
|
|
|
| |
This patch allows one to set $conf['im_convert'] to use ImageMagick
instead of PHPs libGD to resize images. convert is more powerful
than libGD - it can resize animated gifs for example.
darcs-hash:20050911140225-c484b-10fbb66d003c839debc98edf814e261bddea3aa6.gz
|
|
|
|
| |
darcs-hash:20050827151739-7ad00-fefec363750c18869a9fadacbe8c87328efa260a.gz
|
|
|
|
|
|
|
|
|
|
| |
This patch adds nicer URLs for media files (for fetch.php and
detail.php)
!IMPORTANT! Users of rewrite mode 1 need to adjust their .htaccess
See .htaccess.dist for an example
darcs-hash:20050814101834-7ad00-37ef1dea00affc9d808d9ee1289fa7454199cd24.gz
|
|
|
|
| |
darcs-hash:20050728184238-93e20-0c838d887fb148de48dd01b34afdf3f150e94765.gz
|
|
|
|
|
|
|
|
| |
This cleans up the directory structure as discussed on the mailning
list. Users should delete their previous _cache directories to
recover diskspace.
darcs-hash:20050626100913-9977f-83c0fdc32047db2090fc52a843ffae50cbf12248.gz
|
|
|
|
|
|
|
|
|
|
| |
I just learned that PHP does lock it's session objects. This is realy
bad if you have multiple images in a page as each one will call fetch.php
which locks the session, so everything can only be loaded sequentially.
The fix for this is to close the session after using it which is after doing
the auth and the breadcrumbs. I added the needed calls everywhere.
darcs-hash:20050608213514-9977f-f2dfc467ebbd06406e10e33a386fa1db6cb32dba.gz
|
|
|
|
|
|
|
|
|
|
| |
This patch adds a cache control header to fetch.php. Without
this header media files can't be opened and viewed with third
party programs directly from the IE browser window. For eg.
Acrobat Reader will display an error message after clicking
on a link to a PDF file. Firefox will work without it.
darcs-hash:20050606154420-7ef76-2b46b0eb626488cec122a00cc32f86a28542b161.gz
|
|
|
|
|
|
| |
fetch.php was not fully adapted to the new directory structure - fixed
darcs-hash:20050605130154-7ef76-22d557d49733aaa8d992e767ebfed16c92fb3c76.gz
|
|
This patch changes the directory structure of dokuwiki as suggested
in http://www.freelists.org/archives/dokuwiki/06-2005/msg00045.html
As the changes.log is not managed through darcs you need to move it your
self to the new location in data/changes.log
I think I modified the code at all nessessary places, but I may have
forgotten a few things.
darcs-hash:20050605103842-9977f-af20f63c1d604888375d175d89ac6bd71566d47d.gz
|