]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki.pm
Report portability bug, partway to a fix
[git.ikiwiki.info.git] / IkiWiki.pm
index fa71f479107a2388fde2fe00a67bfa2daa4fb3a9..90cb96e5865ba193db122ce42ea7d4cb449bb49f 100644 (file)
@@ -1232,6 +1232,19 @@ sub cgiurl_abs (@) {
        URI->new_abs(cgiurl(@_), $config{cgiurl});
 }
 
+# Same as cgiurl_abs, but when the user connected using https,
+# will be a https url even if the cgiurl is normally a http url.
+#
+# This should be used for anything involving emailing a login link,
+# because a https session cookie will not be sent over http.
+sub cgiurl_abs_samescheme (@) {
+       my $u=cgiurl_abs(@_);
+       if (($ENV{HTTPS} && lc $ENV{HTTPS} ne "off")) {
+               $u=~s/^http:/https:/i;
+       }
+       return $u
+}
+
 sub baseurl (;$) {
        my $page=shift;
 
@@ -1293,14 +1306,20 @@ sub formattime ($;$) {
 
 my $strftime_encoding;
 sub strftime_utf8 {
-       # strftime doesn't know about encodings, so make sure
+       # strftime didn't know about encodings in older Perl, so make sure
        # its output is properly treated as utf8.
        # Note that this does not handle utf-8 in the format string.
+       my $result = POSIX::strftime(@_);
+
+       if (Encode::is_utf8($result)) {
+               return $result;
+       }
+
        ($strftime_encoding) = POSIX::setlocale(&POSIX::LC_TIME) =~ m#\.([^@]+)#
                unless defined $strftime_encoding;
        $strftime_encoding
-               ? Encode::decode($strftime_encoding, POSIX::strftime(@_))
-               : POSIX::strftime(@_);
+               ? Encode::decode($strftime_encoding, $result)
+               : $result;
 }
 
 sub date_3339 ($) {
@@ -1648,7 +1667,10 @@ sub preprocess ($$$;$$) {
                                        my $error=$@;
                                        chomp $error;
                                        eval q{use HTML::Entities};
-                                       $error = encode_entities($error);
+                                       # Also encode most ASCII punctuation
+                                       # as entities so that error messages
+                                       # are not interpreted as Markdown etc.
+                                       $error = encode_entities($error, '^-A-Za-z0-9+_,./:;= '."'");
                                        $ret="[[!$command <span class=\"error\">".
                                                gettext("Error").": $error"."</span>]]";
                                }
@@ -1826,7 +1848,7 @@ sub check_canchange (@) {
                $file=possibly_foolish_untaint($file);
                if (! defined $file || ! length $file ||
                    file_pruned($file)) {
-                       error(gettext("bad file name %s"), $file);
+                       error(sprintf(gettext("bad file name %s"), $file));
                }
 
                my $type=pagetype($file);