]> git.vanrenterghem.biz Git - git.ikiwiki.info.git/blobdiff - IkiWiki/Render.pm
meta: Security fix; don't allow alternative stylesheets to be added on pages where...
[git.ikiwiki.info.git] / IkiWiki / Render.pm
index dd4d9ca0cfe4994544b6d2a0ddebb57a7fc52e8e..a653ab2da02e542828349c3d9f3ac200340608f4 100644 (file)
@@ -43,7 +43,7 @@ sub backlinks ($) {
        my @links;
        foreach my $p (backlink_pages($page)) {
                my $href=urlto($p, $page);
-                
+
                # Trim common dir prefixes from both pages.
                my $p_trimmed=$p;
                my $page_trimmed=$page;
@@ -62,8 +62,8 @@ sub genpage ($$) {
        my $page=shift;
        my $content=shift;
        
-       run_hooks(postscan => sub {
-               shift->(page => $page, content => $content);
+       run_hooks(indexhtml => sub {
+               shift->(page => $page, destpage => $page, content => $content);
        });
 
        my $templatefile;
@@ -74,20 +74,24 @@ sub genpage ($$) {
                        $templatefile=$file;
                }
        });
-       my $template=template(defined $templatefile ? $templatefile : 'page.tmpl', blind_cache => 1);
-       my $actions=0;
+       my $template;
+       if (defined $templatefile) {
+               $template=template_depends($templatefile, $page,
+                       blind_cache => 1);
+       }
+       else {
+               # no explicit depends as special case
+               $template=template('page.tmpl', 
+                       blind_cache => 1);
+       }
 
+       my $actions=0;
        if (length $config{cgiurl}) {
                if (IkiWiki->can("cgi_editpage")) {
                        $template->param(editurl => cgiurl(do => "edit", page => $page));
                        $actions++;
                }
-               if (exists $hooks{auth}) {
-                       $template->param(prefsurl => cgiurl(do => "prefs"));
-                       $actions++;
-               }
        }
-               
        if (defined $config{historyurl} && length $config{historyurl}) {
                my $u=$config{historyurl};
                $u=~s/\[\[file\]\]/$pagesources{$page}/g;
@@ -102,10 +106,10 @@ sub genpage ($$) {
                        $actions++;
                }
        }
-
        if ($actions) {
                $template->param(have_actions => 1);
        }
+       templateactions($template, $page);
 
        my @backlinks=sort { $a->{page} cmp $b->{page} } backlinks($page);
        my ($backlinks, $more_backlinks);
@@ -127,8 +131,9 @@ sub genpage ($$) {
                backlinks => $backlinks,
                more_backlinks => $more_backlinks,
                mtime => displaytime($pagemtime{$page}),
-               ctime => displaytime($pagectime{$page}),
+               ctime => displaytime($pagectime{$page}, undef, 1),
                baseurl => baseurl($page),
+               html5 => $config{html5},
        );
 
        run_hooks(pagetemplate => sub {
@@ -167,6 +172,7 @@ sub scan ($) {
                else {
                        $links{$page}=[];
                }
+               delete $typedlinks{$page};
 
                run_hooks(scan => sub {
                        shift->(
@@ -280,64 +286,73 @@ sub srcdir_check () {
        
 }
 
-sub verify_src_file ($$) {
-       my $file=decode_utf8(shift);
-       my $dir=shift;
-
-       return if -l $file || -d $file;
-       $file=~s/^\Q$dir\E\/?//;
-       return if ! length $file;
-       my $page = pagename($file);
-       if (! exists $pagesources{$page} &&
-               file_pruned($file)) {
-               $File::Find::prune=1;
-               return;
-       }
-
-       my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint
-       if (! defined $f) {
-               warn(sprintf(gettext("skipping bad filename %s"), $file)."\n");
-       }
-       return ($file,$page,$f);
-}
-
 sub find_src_files () {
        my @files;
        my %pages;
        eval q{use File::Find};
        error($@) if $@;
-       find({
-               no_chdir => 1,
-               wanted => sub {
-                       my ($file,$page,$f) = verify_src_file($_,$config{srcdir});
-                       if ($file) {
-                               push @files, $file;
-                               if ($pages{$page}) {
-                                       debug(sprintf(gettext("%s has multiple possible source pages"), $page));
+
+       eval q{use Cwd};
+       die $@ if $@;
+       my $origdir=getcwd();
+       my $abssrcdir=Cwd::abs_path($config{srcdir});
+
+       my ($page, $underlay);
+       my $helper=sub {
+               my $file=decode_utf8($_);
+
+               return if -l $file || -d _;
+               $file=~s/^\.\///;
+               return if ! length $file;
+               $page = pagename($file);
+               if (! exists $pagesources{$page} &&
+                   file_pruned($file)) {
+                       $File::Find::prune=1;
+                       return;
+               }
+
+               my ($f) = $file =~ /$config{wiki_file_regexp}/; # untaint
+               if (! defined $f) {
+                       warn(sprintf(gettext("skipping bad filename %s"), $file)."\n");
+                       return;
+               }
+       
+               if ($underlay) {
+                       # avoid underlaydir override attacks; see security.mdwn
+                       if (! -l "$abssrcdir/$f" && ! -e _) {
+                               if (! $pages{$page}) {
+                                       push @files, $f;
+                                       $pages{$page}=1;
                                }
-                               $pages{$page}=1;
                        }
-               },
-       }, $config{srcdir});
-       foreach my $dir (@{$config{underlaydirs}}, $config{underlaydir}) {
-               find({
-                       no_chdir => 1,
-                       wanted => sub {
-                               my ($file,$page,$f) = verify_src_file($_,$dir);
-                               if ($f) {
-                                       # avoid underlaydir override
-                                       # attacks; see security.mdwn
-                                       if (! -l "$config{srcdir}/$f" &&
-                                           ! -e _) {
-                                               if (! $pages{$page}) {
-                                                       push @files, $f;
-                                                       $pages{$page}=1;
-                                               }
-                                       }
-                               }
-                       },
-               }, $dir);
+               }
+               else {
+                       push @files, $f;
+                       if ($pages{$page}) {
+                               debug(sprintf(gettext("%s has multiple possible source pages"), $page));
+                       }
+                       $pages{$page}=1;
+               }
+       };
+
+       chdir($config{srcdir}) || die "chdir $config{srcdir}: $!";
+       find({
+               no_chdir => 1,
+               wanted => $helper,
+       }, '.');
+       chdir($origdir) || die "chdir $origdir: $!";
+
+       $underlay=1;
+       foreach (@{$config{underlaydirs}}, $config{underlaydir}) {
+               if (chdir($_)) {
+                       find({
+                               no_chdir => 1,
+                               wanted => $helper,
+                       }, '.');
+                       chdir($origdir) || die "chdir: $!";
+               }
        };
+
        return \@files, \%pages;
 }
 
@@ -346,8 +361,39 @@ sub find_new_files ($) {
        my @new;
        my @internal_new;
 
+       my $times_noted;
+
        foreach my $file (@$files) {
                my $page=pagename($file);
+
+               if ($config{rcs} && $config{gettime} &&
+                   -e "$config{srcdir}/$file") {
+                       if (! $times_noted) {
+                               debug(sprintf(gettext("querying %s for file creation and modification times.."), $config{rcs}));
+                               $times_noted=1;
+                       }
+
+                       eval {
+                               my $ctime=rcs_getctime($file);
+                               if ($ctime > 0) {
+                                       $pagectime{$page}=$ctime;
+                               }
+                       };
+                       if ($@) {
+                               print STDERR $@;
+                       }
+                       my $mtime;
+                       eval {
+                               $mtime=rcs_getmtime($file);
+                       };
+                       if ($@) {
+                               print STDERR $@;
+                       }
+                       elsif ($mtime > 0) {
+                               utime($mtime, $mtime, "$config{srcdir}/$file");
+                       }
+               }
+
                if (exists $pagesources{$page} && $pagesources{$page} ne $file) {
                        # the page has changed its type
                        $forcerebuild{$page}=1;
@@ -359,15 +405,6 @@ sub find_new_files ($) {
                        }
                        else {
                                push @new, $file;
-                               if ($config{getctime} && -e "$config{srcdir}/$file") {
-                                       eval {
-                                               my $time=rcs_getctime("$config{srcdir}/$file");
-                                               $pagectime{$page}=$time;
-                                       };
-                                       if ($@) {
-                                               print STDERR $@;
-                                       }
-                               }
                        }
                        $pagecase{lc $page}=$page;
                        if (! exists $pagectime{$page}) {
@@ -384,7 +421,7 @@ sub find_del_files ($) {
        my @del;
        my @internal_del;
 
-       foreach my $page (keys %pagemtime) {
+       foreach my $page (keys %pagesources) {
                if (! $pages->{$page}) {
                        if (isinternal($page)) {
                                push @internal_del, $pagesources{$page};
@@ -393,6 +430,7 @@ sub find_del_files ($) {
                                push @del, $pagesources{$page};
                        }
                        $links{$page}=[];
+                       delete $typedlinks{$page};
                        $renderedfiles{$page}=[];
                        $pagemtime{$page}=0;
                }
@@ -405,7 +443,7 @@ sub remove_del (@) {
        foreach my $file (@_) {
                my $page=pagename($file);
                if (! isinternal($page)) {
-                       debug(sprintf(gettext("removing old page %s"), $page));
+                       debug(sprintf(gettext("removing obsolete %s"), $page));
                }
        
                foreach my $old (@{$oldrenderedfiles{$page}}) {
@@ -419,6 +457,7 @@ sub remove_del (@) {
                }
        
                delete $pagecase{lc $page};
+               $delpagesources{$page}=$pagesources{$page};
                delete $pagesources{$page};
        }
 }
@@ -494,6 +533,29 @@ sub remove_unrendered () {
        }
 }
 
+sub link_types_changed ($$) {
+       # each is of the form { type => { link => 1 } }
+       my $new = shift;
+       my $old = shift;
+
+       return 0 if !defined $new && !defined $old;
+       return 1 if (!defined $new && %$old) || (!defined $old && %$new);
+
+       while (my ($type, $links) = each %$new) {
+               foreach my $link (keys %$links) {
+                       return 1 unless exists $old->{$type}{$link};
+               }
+       }
+
+       while (my ($type, $links) = each %$old) {
+               foreach my $link (keys %$links) {
+                       return 1 unless exists $new->{$type}{$link};
+               }
+       }
+
+       return 0;
+}
+
 sub calculate_changed_links ($$$) {
        my ($changed, $del, $oldlink_targets)=@_;
 
@@ -520,6 +582,14 @@ sub calculate_changed_links ($$$) {
                        }
                        $linkchangers{lc($page)}=1;
                }
+
+               # we currently assume that changing the type of a link doesn't
+               # change backlinks
+               if (!exists $linkchangers{lc($page)}) {
+                       if (link_types_changed($typedlinks{$page}, $oldtypedlinks{$page})) {
+                               $linkchangers{lc($page)}=1;
+                       }
+               }
        }
 
        return \%backlinkchanged, \%linkchangers;
@@ -534,13 +604,23 @@ sub render_dependent ($$$$$$$) {
        
        my %lc_changed = map { lc(pagename($_)) => 1 } @changed;
        my %lc_exists_changed = map { lc(pagename($_)) => 1 } @exists_changed;
+
+       foreach my $p ("templates/page.tmpl", keys %{$depends_simple{""}}) {
+               if ($rendered{$p} || grep { $_ eq $p } @$del) {
+                       foreach my $f (@$files) {
+                               next if $rendered{$f};
+                               render($f, sprintf(gettext("building %s, which depends on %s"), $f, $p));
+                       }
+                       return 0;
+               }
+       }
         
        foreach my $f (@$files) {
                next if $rendered{$f};
                my $p=pagename($f);
                my $reason = undef;
-       
-               if (exists $depends_simple{$p}) {
+
+               if (exists $depends_simple{$p} && ! defined $reason) {
                        foreach my $d (keys %{$depends_simple{$p}}) {
                                if (($depends_simple{$p}{$d} & $IkiWiki::DEPEND_CONTENT &&
                                     $lc_changed{$d})
@@ -560,12 +640,12 @@ sub render_dependent ($$$$$$$) {
                if (exists $depends{$p} && ! defined $reason) {
                        foreach my $dep (keys %{$depends{$p}}) {
                                my $sub=pagespec_translate($dep);
-                               next if $@ || ! defined $sub;
+                               next unless defined $sub;
 
                                # only consider internal files
                                # if the page explicitly depends
                                # on such files
-                               my $internal_dep=$dep =~ /internal\(/;
+                               my $internal_dep=$dep =~ /(?:internal|comment|comment_pending)\(/;
 
                                my $in=sub {
                                        my $list=shift;
@@ -577,34 +657,35 @@ sub render_dependent ($$$$$$$) {
                                                        if ($type == $IkiWiki::DEPEND_LINKS) {
                                                                next unless $linkchangers->{lc($page)};
                                                        }
-                                                       return $page;
+                                                       $reason=$page;
+                                                       return 1;
                                                }
                                        }
                                        return undef;
                                };
 
                                if ($depends{$p}{$dep} & $IkiWiki::DEPEND_CONTENT) {
-                                       last if $reason =
-                                               $in->(\@changed, $IkiWiki::DEPEND_CONTENT);
-                                       last if $internal_dep && ($reason =
+                                       last if $in->(\@changed, $IkiWiki::DEPEND_CONTENT);
+                                       last if $internal_dep && (
                                                $in->($internal_new, $IkiWiki::DEPEND_CONTENT) ||
                                                $in->($internal_del, $IkiWiki::DEPEND_CONTENT) ||
-                                               $in->($internal_changed, $IkiWiki::DEPEND_CONTENT));
+                                               $in->($internal_changed, $IkiWiki::DEPEND_CONTENT)
+                                       );
                                }
                                if ($depends{$p}{$dep} & $IkiWiki::DEPEND_PRESENCE) {
-                                       last if $reason = 
-                                               $in->(\@exists_changed, $IkiWiki::DEPEND_PRESENCE);
-                                       last if $internal_dep && ($reason =
+                                       last if $in->(\@exists_changed, $IkiWiki::DEPEND_PRESENCE);
+                                       last if $internal_dep && (
                                                $in->($internal_new, $IkiWiki::DEPEND_PRESENCE) ||
-                                               $in->($internal_del, $IkiWiki::DEPEND_PRESENCE));
+                                               $in->($internal_del, $IkiWiki::DEPEND_PRESENCE)
+                                       );
                                }
                                if ($depends{$p}{$dep} & $IkiWiki::DEPEND_LINKS) {
-                                       last if $reason =
-                                               $in->(\@changed, $IkiWiki::DEPEND_LINKS);
-                                       last if $internal_dep && ($reason =
+                                       last if $in->(\@changed, $IkiWiki::DEPEND_LINKS);
+                                       last if $internal_dep && (
                                                $in->($internal_new, $IkiWiki::DEPEND_LINKS) ||
                                                $in->($internal_del, $IkiWiki::DEPEND_LINKS) ||
-                                               $in->($internal_changed, $IkiWiki::DEPEND_LINKS));
+                                               $in->($internal_changed, $IkiWiki::DEPEND_LINKS)
+                                       );
                                }
                        }
                }
@@ -628,6 +709,49 @@ sub render_backlinks ($) {
        }
 }
 
+sub gen_autofile ($$$) {
+       my $autofile=shift;
+       my $pages=shift;
+       my $del=shift;
+
+       if (file_pruned($autofile)) {
+               return;
+       }
+
+       my ($file)="$config{srcdir}/$autofile" =~ /$config{wiki_file_regexp}/; # untaint
+       if (! defined $file) {
+               return;
+       }
+
+       # Remember autofiles that were tried, and never try them again later.
+       if (exists $wikistate{$autofiles{$autofile}{plugin}}{autofile}{$autofile}) {
+               return;
+       }
+       $wikistate{$autofiles{$autofile}{plugin}}{autofile}{$autofile}=1;
+
+       if (srcfile($autofile, 1) || file_pruned($autofile)) {
+               return;
+       }
+       
+       if (-l $file || -d _ || -e _) {
+               return;
+       }
+
+       my $page = pagename($file);
+       if ($pages->{$page}) {
+               return;
+       }
+
+       if (grep { $_ eq $autofile } @$del) {
+               return;
+       }
+
+       $autofiles{$autofile}{generator}->();
+       $pages->{$page}=1;
+       return 1;
+}
+
+
 sub refresh () {
        srcdir_check();
        run_hooks(refresh => sub { shift->() });
@@ -642,18 +766,14 @@ sub refresh () {
                scan($file);
        }
 
-       while (my $autofile = shift (@autofiles)) {
-               my $page=pagename($autofile);
-               if ($pages->{$page}) {
-                       debug(sprintf(gettext("%s has multiple possible source pages"), $page));
+       foreach my $autofile (keys %autofiles) {
+               if (gen_autofile($autofile, $pages, $del)) {
+                       push @{$files}, $autofile;
+                       push @{$new}, $autofile if find_new_files([$autofile]);
+                       push @{$changed}, $autofile if find_changed([$autofile]);
+                       
+                       scan($autofile);
                }
-               $pages->{$page}=1;
-
-               push @{$files}, $autofile;
-               push @{$new}, $autofile if find_new_files([$autofile]);
-               push @{$changed}, $autofile if find_changed([$autofile]);
-
-               scan($autofile);
        }
 
        calculate_links();
@@ -673,7 +793,7 @@ sub refresh () {
        foreach my $file (@$new, @$del) {
                render_linkers($file);
        }
-       
+
        if (@$changed || @$internal_changed ||
            @$del || @$internal_del || @$internal_new) {
                1 while render_dependent($files, $new, $internal_new,
@@ -684,14 +804,25 @@ sub refresh () {
        render_backlinks($backlinkchanged);
        remove_unrendered();
 
-       if (@$del) {
-               run_hooks(delete => sub { shift->(@$del) });
+       if (@$del || @$internal_del) {
+               run_hooks(delete => sub { shift->(@$del, @$internal_del) });
        }
        if (%rendered) {
                run_hooks(change => sub { shift->(keys %rendered) });
        }
 }
 
+sub clean_rendered {
+       lockwiki();
+       loadindex();
+       remove_unrendered();
+       foreach my $page (keys %oldrenderedfiles) {
+               foreach my $file (@{$oldrenderedfiles{$page}}) {
+                       prune($config{destdir}."/".$file);
+               }
+       }
+}
+
 sub commandline_render () {
        lockwiki();
        loadindex();