]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Plugin/inline.pm
More about security
[git.ikiwiki.info.git] / IkiWiki / Plugin / inline.pm
index b122bd0f2a4e55fca4a7be3d0d07d367c979eb0b..19dd684dda4bebd8635d18309139fec2ab4fa795 100644 (file)
@@ -119,7 +119,7 @@ sub sessioncgi ($$) {
        my $session=shift;
 
        if ($q->param('do') eq 'blog') {
        my $session=shift;
 
        if ($q->param('do') eq 'blog') {
-               my $page=titlepage(decode_utf8($q->param('title')));
+               my $page=titlepage(decode_utf8(scalar $q->param('title')));
                $page=~s/(\/)/"__".ord($1)."__"/eg; # don't create subdirs
                # if the page already exists, munge it to be unique
                my $from=$q->param('from');
                $page=~s/(\/)/"__".ord($1)."__"/eg; # don't create subdirs
                # if the page already exists, munge it to be unique
                my $from=$q->param('from');
@@ -160,16 +160,17 @@ sub preprocess_inline (@) {
                # Running in scan mode: only do the essentials
 
                if (yesno($params{trail}) && IkiWiki::Plugin::trail->can("preprocess_trailitems")) {
                # Running in scan mode: only do the essentials
 
                if (yesno($params{trail}) && IkiWiki::Plugin::trail->can("preprocess_trailitems")) {
-                       # default to sorting age, the same as inline itself,
-                       # but let the params override that
-                       IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age', %params);
+                       # default to sorting by age with fallback to title,
+                       # the same as inline itself, but let the params
+                       # override that
+                       IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age title', %params);
                }
 
                return;
        }
 
        if (yesno($params{trail}) && IkiWiki::Plugin::trail->can("preprocess_trailitems")) {
                }
 
                return;
        }
 
        if (yesno($params{trail}) && IkiWiki::Plugin::trail->can("preprocess_trailitems")) {
-               scalar IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age', %params);
+               scalar IkiWiki::Plugin::trail::preprocess_trailitems(sort => 'age title', %params);
        }
 
        my $raw=yesno($params{raw});
        }
 
        my $raw=yesno($params{raw});
@@ -182,7 +183,7 @@ sub preprocess_inline (@) {
        my $feedonly=yesno($params{feedonly});
 
        # Backwards compatibility
        my $feedonly=yesno($params{feedonly});
 
        # Backwards compatibility
-       if (defined $params{show} && $params{show} =~ m/^\d+$/) {
+       if (defined $params{show} && $params{show} =~ m/^-?\d+$/) {
                $params{limit} = $params{show};
                delete $params{show};
        }
                $params{limit} = $params{show};
                delete $params{show};
        }
@@ -256,7 +257,7 @@ sub preprocess_inline (@) {
                @list = pagespec_match_list($params{page}, $params{pages},
                        deptype => deptype($quick ? "presence" : "content"),
                        filter => sub { $_[0] eq $params{page} },
                @list = pagespec_match_list($params{page}, $params{pages},
                        deptype => deptype($quick ? "presence" : "content"),
                        filter => sub { $_[0] eq $params{page} },
-                       sort => exists $params{sort} ? $params{sort} : "age",
+                       sort => exists $params{sort} ? $params{sort} : "age title",
                        reverse => yesno($params{reverse}),
                        ($num ? (num => $num) : ()),
                );
                        reverse => yesno($params{reverse}),
                        ($num ? (num => $num) : ()),
                );
@@ -612,7 +613,7 @@ sub absolute_urls ($$) {
                                        $v=$baseurl.$v; # anchor
                                }
                                elsif ($dv=~/^(?!\w+:)[^\/]/) {
                                        $v=$baseurl.$v; # anchor
                                }
                                elsif ($dv=~/^(?!\w+:)[^\/]/) {
-                                       $v=$url.$v; # relative url
+                                       $v=URI->new_abs($v, $url)->canonical; # relative url
                                }
                                elsif ($dv=~/^\//) {
                                        if (! defined $urltop) {
                                }
                                elsif ($dv=~/^\//) {
                                        if (! defined $urltop) {
@@ -724,6 +725,7 @@ sub genfeed ($$$$$@) {
 
        my $template=template_depends($feedtype."page.tmpl", $page, blind_cache => 1);
        $template->param(
 
        my $template=template_depends($feedtype."page.tmpl", $page, blind_cache => 1);
        $template->param(
+               wants_absolute_urls => 1,
                title => $feedtitle,
                wikiname => $config{wikiname},
                pageurl => $url,
                title => $feedtitle,
                wikiname => $config{wikiname},
                pageurl => $url,