update url

[git.ikiwiki.info.git] / doc / plugins / po.mdwn

diff --git a/doc/plugins/po.mdwn b/doc/plugins/po.mdwn
index 0a8a77a3ce429ae2e23fd7dd925cf87771ac6a91..53327c1dae94ef5896119cc874133a9a3c1a9b4e 100644 (file)
--- a/doc/plugins/po.mdwn
+++ b/doc/plugins/po.mdwn
@@ -5,6 +5,10 @@ This plugin adds support for multi-lingual wikis, translated with
 gettext, using [po4a](http://po4a.alioth.debian.org/).
 
 It depends on the Perl `Locale::Po4a::Po` library (`apt-get install po4a`).
 gettext, using [po4a](http://po4a.alioth.debian.org/).
 
 It depends on the Perl `Locale::Po4a::Po` library (`apt-get install po4a`).

+As detailed bellow in the security section, `po4a` is subject to
+denial-of-service attacks before version 0.35.
+
+[[!toc levels=2]]

 
 Introduction
 ============
 
 Introduction
 ============


@@ -29,6 +33,12 @@ Example: `bla/page.fr.po` is the PO "message catalog" used to
 translate `bla/page.mdwn` into French; if `usedirs` is enabled, it is
 rendered as `bla/page/index.fr.html`, else as `bla/page.fr.html`
 
 translate `bla/page.mdwn` into French; if `usedirs` is enabled, it is
 rendered as `bla/page/index.fr.html`, else as `bla/page.fr.html`
 

+(In)Compatibility
+=================
+
+This plugin does not support the `indexpages` mode. If you don't know
+what it is, you probably don't care.
+

 
 Configuration
 =============
 
 Configuration
 =============


@@ -45,7 +55,7 @@ Supported languages
 languages, such as:
 
         po_slave_languages => { 'fr' => 'Français',
 languages, such as:
 
         po_slave_languages => { 'fr' => 'Français',

-                                'es' => 'Castellano',
+                                'es' => 'Español',

                                 'de' => 'Deutsch',
         }
 
                                 'de' => 'Deutsch',
         }
 


@@ -62,39 +72,40 @@ worry about excluding them explicitly from this [[ikiwiki/PageSpec]].
 Internal links
 --------------
 
 Internal links
 --------------
 

+### Links targets
+

 The `po_link_to` option in `ikiwiki.setup` is used to decide how
 internal links should be generated, depending on web server features
 and site-specific preferences.
 
 The `po_link_to` option in `ikiwiki.setup` is used to decide how
 internal links should be generated, depending on web server features
 and site-specific preferences.
 

-### Default linking behavior
+#### Default linking behavior

 
 If `po_link_to` is unset, or set to `default`, ikiwiki's default
 linking behavior is preserved: `\[[destpage]]` links to the master
 language's page.
 
 
 If `po_link_to` is unset, or set to `default`, ikiwiki's default
 linking behavior is preserved: `\[[destpage]]` links to the master
 language's page.
 

-### Link to current language
+#### Link to current language

 
 If `po_link_to` is set to `current`, `\[[destpage]]` links to the
 `destpage`'s version written in the current page's language, if
 available, *i.e.*:
 
 
 If `po_link_to` is set to `current`, `\[[destpage]]` links to the
 `destpage`'s version written in the current page's language, if
 available, *i.e.*:
 

-- `foo/destpage/index.LL.html` if `usedirs` is enabled
-- `foo/destpage.LL.html` if `usedirs` is disabled
+* `foo/destpage/index.LL.html` if `usedirs` is enabled
+* `foo/destpage.LL.html` if `usedirs` is disabled

 
 

-### Link to negotiated language
+#### Link to negotiated language

 
 If `po_link_to` is set to `negotiated`, `\[[page]]` links to the
 negotiated preferred language, *i.e.* `foo/page/`.
 
 (In)compatibility notes:
 
 
 If `po_link_to` is set to `negotiated`, `\[[page]]` links to the
 negotiated preferred language, *i.e.* `foo/page/`.
 
 (In)compatibility notes:
 

-- if `usedirs` is disabled, it does not make sense to set `po_link_to`
+* if `usedirs` is disabled, it does not make sense to set `po_link_to`

   to `negotiated`; this option combination is neither implemented
   nor allowed.
   to `negotiated`; this option combination is neither implemented
   nor allowed.

-- if the web server does not support Content Negotiation, setting
+* if the web server does not support Content Negotiation, setting

   `po_link_to` to `negotiated` will produce a unusable website.
 
   `po_link_to` to `negotiated` will produce a unusable website.
 

-

 Server support
 ==============
 
 Server support
 ==============
 


@@ -103,7 +114,8 @@ Apache
 
 Using Apache `mod_negotiation` makes it really easy to have Apache
 serve any page in the client's preferred language, if available.
 
 Using Apache `mod_negotiation` makes it really easy to have Apache
 serve any page in the client's preferred language, if available.

-This is the default Debian Apache configuration.
+
+Add 'Options MultiViews' to the wiki directory's configuration in Apache.

 
 When `usedirs` is enabled, one has to set `DirectoryIndex index` for
 the wiki context.
 
 When `usedirs` is enabled, one has to set `DirectoryIndex index` for
 the wiki context.


@@ -112,14 +124,17 @@ Setting `DefaultLanguage LL` (replace `LL` with your default MIME
 language code) for the wiki context can help to ensure
 `bla/page/index.en.html` is served as `Content-Language: LL`.
 
 language code) for the wiki context can help to ensure
 `bla/page/index.en.html` is served as `Content-Language: LL`.
 

+For details, see [Apache's documentation](http://httpd.apache.org/docs/2.2/content-negotiation.html).
+

 lighttpd
 --------
 
 lighttpd
 --------
 

-lighttpd unfortunately does not support content negotiation.
+Recent versions of lighttpd should be able to use
+`$HTTP["language"]` to configure the translated pages to be served.

 
 

-**FIXME**: does `mod_magnet` provide the functionality needed to
- emulate this?
+See [Lighttpd Issue](http://redmine.lighttpd.net/issues/show/1119)

 
 

+TODO: Example

 
 Usage
 =====
 
 Usage
 =====


@@ -127,6 +142,10 @@ Usage
 Templates
 ---------
 
 Templates
 ---------
 

+When `po_link_to` is not set to `negotiated`, one should replace some
+occurrences of `BASEURL` with `HOMEPAGEURL` to get correct links to
+the wiki homepage.
+

 The `ISTRANSLATION` and `ISTRANSLATABLE` variables can be used to
 display things only on translatable or translation pages.
 
 The `ISTRANSLATION` and `ISTRANSLATABLE` variables can be used to
 display things only on translatable or translation pages.
 


@@ -135,43 +154,21 @@ display things only on translatable or translation pages.
 The `OTHERLANGUAGES` loop provides ways to display other languages'
 versions of the same page, and the translations' status.
 
 The `OTHERLANGUAGES` loop provides ways to display other languages'
 versions of the same page, and the translations' status.
 

-One typically adds the following code to `templates/page.tmpl`:
-
-       <TMPL_IF NAME="OTHERLANGUAGES">
-       <div id="otherlanguages">
-         <ul>
-         <TMPL_LOOP NAME="OTHERLANGUAGES">
-           <li>
-             <a href="<TMPL_VAR NAME="URL">"><TMPL_VAR NAME="LANGUAGE"></a>
-             <TMPL_UNLESS NAME="MASTER">
-               (<TMPL_VAR NAME="PERCENT">&nbsp;%)
-             </TMPL_UNLESS>
-           </li>
-         </TMPL_LOOP>
-         </ul>
-       </div>
-       </TMPL_IF>
-
-The following variables are available inside the loop (for every page in):
-
-- `URL` - url to the page
-- `CODE` - two-letters language code
-- `LANGUAGE` - language name (as defined in `po_slave_languages`)
-- `MASTER` - is true (1) if, and only if the page is a "master" page
-- `PERCENT` - for "slave" pages, is set to the translation completeness, in percents
+An example of its use can be found in the default
+`templates/page.tmpl`. In case you want to customize it, the following
+variables are available inside the loop (for every page in):
+
+* `URL` - url to the page
+* `CODE` - two-letters language code
+* `LANGUAGE` - language name (as defined in `po_slave_languages`)
+* `MASTER` - is true (1) if, and only if the page is a "master" page
+* `PERCENT` - for "slave" pages, is set to the translation completeness, in percents

 
 ### Display the current translation status
 
 The `PERCENTTRANSLATED` variable is set to the translation
 
 ### Display the current translation status
 
 The `PERCENTTRANSLATED` variable is set to the translation

-completeness, expressed in percent, on "slave" pages.
-
-One can use it this way:
-
-       <TMPL_IF NAME="ISTRANSLATION">
-       <div id="percenttranslated">
-         <TMPL_VAR NAME="PERCENTTRANSLATED">
-       </div>
-       </TMPL_IF>
+completeness, expressed in percent, on "slave" pages. It is used by
+the default `templates/page.tmpl`.

 
 Additional PageSpec tests
 -------------------------
 
 Additional PageSpec tests
 -------------------------


@@ -192,14 +189,18 @@ Also, when the plugin has just been enabled, or when a page has just
 been declared as being translatable, the needed POT and PO files are
 created, and the PO files are checked into version control.
 
 been declared as being translatable, the needed POT and PO files are
 created, and the PO files are checked into version control.
 

-Discussion pages
-----------------
+Discussion pages and other sub-pages
+------------------------------------

 
 Discussion should happen in the language in which the pages are
 written for real, *i.e.* the "master" one. If discussion pages are
 enabled, "slave" pages therefore link to the "master" page's
 discussion page.
 
 
 Discussion should happen in the language in which the pages are
 written for real, *i.e.* the "master" one. If discussion pages are
 enabled, "slave" pages therefore link to the "master" page's
 discussion page.
 

+Likewise, "slave" pages are not supposed to have sub-pages;
+[[WikiLinks|wikilink]] that appear on a "slave" page therefore link to
+the master page's sub-pages.
+

 Translating
 -----------
 
 Translating
 -----------
 


@@ -209,86 +210,184 @@ interface could also be implemented at some point).
 If [[tips/untrusted_git_push]] is setup, one can edit the PO files in one's
 preferred `$EDITOR`, without needing to be online.
 
 If [[tips/untrusted_git_push]] is setup, one can edit the PO files in one's
 preferred `$EDITOR`, without needing to be online.
 

+Markup languages support
+------------------------
+
+[[Markdown|mdwn]] and [[html]] are well supported. Some other markup
+languages supported by ikiwiki mostly work, but some pieces of syntax
+are not rendered correctly on the slave pages:
+
+* [[reStructuredText|rst]]: anonymous hyperlinks and internal
+  cross-references
+* [[wikitext]]: conversion of newlines to paragraphs
+* [[creole]]: verbatim text is wrapped, tables are broken
+* LaTeX: not supported yet; the dedicated po4a module
+  could be used to support it, but it would need a security audit
+* other markup languages have not been tested.
+
+Security
+========
+
+[[po/discussion]] contains a detailed security analysis of this plugin
+and its dependencies.
+
+When using po4a older than 0.35, it is recommended to uninstall
+`Text::WrapI18N` (Debian package `libtext-wrapi18n-perl`), in order to
+avoid a potential denial of service.
+

 TODO
 ====
 
 TODO
 ====
 

-Security checks
----------------
-
-- `refreshpofiles` uses `system()`, whose args have to be checked more
-  thoroughly to prevent any security issue (command injection, etc.).
-  > Always pass `system()` a list of parameters to avoid the shell.
-  > I've checked in a change fixing that. --[[Joey]]
-- `refreshpofiles` and `refreshpot` create new files; this may need
-  some checks, e.g. using `IkiWiki::prep_writefile()`
-  > Yes, it would be ideal to call `prep_writefile` on each file 
-  > that they write, beforehand. This way you'd avoid symlink attacks etc to the
-  > generated po/pot files. I haven't done it, but it seems pretty trivial.
-  > --[[Joey]]
-- Can any sort of directives be put in po files that will
-  cause mischief (ie, include other files, run commands, crash gettext,
-  whatever).
-- Any security issues on running po4a on untrusted content?
-
-gettext/po4a rough corners
---------------------------
+Better links
+------------
+
+Once the fix to
+[[bugs/pagetitle_function_does_not_respect_meta_titles]] from
+[[intrigeri]]'s `meta` branch is merged into ikiwiki upstream, the
+generated links' text will be optionally based on the page titles set
+with the [[meta|plugins/meta]] plugin, and will thus be translatable.
+It will also allow displaying the translation status in links to slave
+pages. Both were implemented, and reverted in commit
+ea753782b222bf4ba2fb4683b6363afdd9055b64, which should be reverted
+once [[intrigeri]]'s `meta` branch is merged.
+
+An integration branch, called `meta-po`, merges [[intrigeri]]'s `po`
+and `meta` branches, and thus has this additional features.
+
+Language display order
+----------------------
+
+Jonas pointed out that one might want to control the order that links to
+other languages are listed, for various reasons. Currently, there is no
+order, as `po_slave_languages` is a hash. It would need to be converted
+to an array to support this. (If twere done, twere best done quickly.)
+--[[Joey]] 
+
+> Done in my po branch, preserving backward compatibility. Please
+> review :) --[[intrigeri]]
+
+>> Right, well my immediate concern is that using an array to hold
+>> hash-like pairs is not very clear to the user. It will be displayed
+>> in a confusing way by websetup; dumping a setup file will probably
+>> also cause it to be formatted in a confusing way. And the code
+>> seems to assume that the array length is even, and probably blows
+>> up if it is not.. and the value is marked safe so websetup can be
+>> used to modify it and break that way too. --[[Joey]] 
+
+>>> I have added a sanity check for the even array problem. This was
+>>> the easy part.
+>>>
+>>> About the hash-like vs. dump and websetup issue,
+>>> I can think of a few solutions:
+>>>
+>>> - keep the current hash-like pairs and unmark this setting as safe
+>>>   for websetup: this does not solve the dump setup issue, though;
+>>> - replace the array of pairs with an array of
+>>>   "LANGUAGECODE|LANGUAGENAME" elements, using a pipe or whatever
+>>>   separator seems adequate;
+>>> - add support for ordered hashes to `$config`, websetup and
+>>>   dumpsetup, using Tie-IxHash or any similar module;
+>>> - replace the array of hash-like pairs with an array of real
+>>>   pairs, such as `[ ['de', 'Deutsch'], ['fr', 'Français'] ]`; this
+>>>   brings once again the need for `$config` to support arrays of
+>>>   arrays, which I have already implemented in my mirrorlist branch
+>>>   (see [[todo/mirrorlist_with_per-mirror_usedirs_settings]] for
+>>>   details).
+>>>
+>>> Joey, which of these solutions do you prefer? Or another one?
+>>> I tend to prefer the last one. --[[intrigeri]]
+
+>>>> I prefer the pipe separator, I think. I'm concerned that there is 
+>>>> no way to really sanely represent complex data structures in web
+>>>> setup. --[[Joey]]
+
+Pagespecs
+---------
+
+I was suprised that, when using the map directive, a pagespec of "*"
+listed all the translated pages as well as regular pages. That can 
+make a big difference to an existing wiki when po is turned on,
+and seems generally not wanted.
+(OTOH, you do want to match translated pages by
+default when locking pages.) --[[Joey]]
+
+Edit links on untranslated pages
+--------------------------------
+
+If a page is not translated yet, the "translated" version of it
+displays wikilinks to other, existing (but not yet translated?)
+pages as edit links, as if those pages do not exist. 

 
 

-- fix infinite loop when synchronizing two ikiwiki (when checkouts
-  live in different directories): say bla.fr.po has been updated in
-  repo2; pulling repo2 from repo1 seems to trigger a PO update, that
-  changes bla.fr.po in repo1; then pushing repo1 to repo2 triggers
-  a PO update, that changes bla.fr.po in repo2; etc.; fixed in
-  `629968fc89bced6727981c0a1138072631751fee`?
-- new translations created in the web interface must get proper
-  charset/encoding gettext metadata, else the next automatic PO update
-  removes any non-ascii chars; possible solution: put such metadata
-  into the Pot file, and let it propagate; should be fixed in
-  `773de05a7a1ee68d2bed173367cf5e716884945a`, time will tell.
+That's really confusing, especially as clicking such a link
+brings up an edit form to create a new, english page.

 
 

-Misc. improvements
-------------------
+This is with po_link_to=current or negotiated. With default, it doesn't
+happen.. 

 
 

-### page titles
+Also, this may only happen if the page being linked to is coming from an
+underlay, and the underlays lack translation to a given language.
+--[[Joey]] 

 
 

-Use nice page titles from meta plugin in links, as inline already
-does. This is actually a duplicate for
-[[bugs/pagetitle_function_does_not_respect_meta_titles]], which might
-be fixed by something like [[todo/using_meta_titles_for_parentlinks]].
+> Any simple testcase to reproduce it, please? I've never seen this
+> happen yet. --[[intrigeri]]

 
 

-### websetup
+>> Sure, go here <http://l10n.ikiwiki.info/smiley/smileys/index.sv.html>
+>> (Currently 0% translateed) and see the 'WikiLink' link at the bottom,
+>> which goes to <http://l10n.ikiwiki.info/ikiwiki.cgi?page=ikiwiki/wikilink&from=smiley/smileys&do=create>
+>> Compare with eg, the 100% translated Dansk version, where
+>> the WikiLink link links to the English WikiLink page. --[[Joey]] 

 
 

-Which configuration settings are safe enough for websetup?
+Double commits of po files
+--------------------------
+
+When adding a new english page, the po files are created, committed,
+and then committed again. The second commit makes this change:
+
+       -"Content-Type: text/plain; charset=utf-8\n"
+       -"Content-Transfer-Encoding: ENCODING"
+       +"Content-Type: text/plain; charset=UTF-8\n"
+       +"Content-Transfer-Encoding: ENCODING\n"
+
+Same thing happens when a change to an existing page triggers a po file
+update. --[[Joey]] 

 
 

-> I see no problems with `po_master_language` and `po_slave_languages`
-> (assuming websetup handles the hashes correctly). Would not hurt to check
-> that the values of these are legal language codes, in `checkconfig`. 
-> `po_translatable_pages` seems entirely safe. `po_link_to` w/o usedirs
-> causes ikiwiki to error out. If it were changed to fall back to a safe
-> setting in this case rather than error, it would be safe.
-> --[[Joey]]
+> * The s/utf-8/UTF-8 part is fixed in my po branch.
+> * The ENCODING\n part is due to an inconsistency in po4a, which
+>   I've just send a patch for. --[[intrigeri]]

 
 

-### backlinks
+New pages not translatable
+--------------------------
+
+Today I added a new English page to l10n.ikiwiki.info. When I saved,
+the page did not have the translation links at the top. I waited until
+the po plugin had, in the background, created the po files, and refreshed;
+still did not see the translation links. Only when I touched the page
+source and refreshed did it finally add the translation links. 
+I can reproduce this bug in a test site. --[[Joey]]

 
 

-`po_link_to = negotiated`: if a given translatable `sourcepage.mdwn`
-links to \[[destpage]], `sourcepage.LL.po` also link to \[[destpage]],
-and the latter has the master page *and* all its translations listed
-in the backlinks.
+Ugly messages with empty files
+------------------------------

 
 

-`po_link_to = current`: seems to work nicely
+If there are empty .mdwn files, the po plugin displays some ugly messages.

 
 

-### license
+> This is due to a bug in po4a (not checking definedness of a
+> variable). One-liner patch sent. --[[intrigeri]]
+
+Translation of directives
+-------------------------

 
 

-> Could you please put a copyright and license on po.pm? I assume it's
-> GPLed as it's based on po4a-translate. --[[Joey]]
+If a translated page contains a directive, it may expand to some english
+text, or text in whatever single language ikiwiki is configured to "speak".

 
 

-Translation quality assurance
------------------------------
+Maybe there could be a way to switch ikiwiki to speaking another language
+when building a non-english page? Then the directives would get translated.

 
 

-Modifying a PO file via the CGI must be forbidden if the new version
-is not a valid PO file. As a bonus, check that it provides a more
-complete translation than the existing one.
+(We also will need this in order to use translated templates, when they are
+available.)

 
 

-A new `cansave` type of hook would be needed to implement this.
+Documentation
+-------------

 
 

-Note: committing to the underlying repository is a way to bypass
-this check.
+Maybe write separate documentation depending on the people it targets:
+translators, wiki administrators, hackers. This plugin may be complex
+enough to deserve this.