Instiki
News

Home Page | All Pages | Recently Revised | Authors | Feeds | Export |

Table of Contents

Instiki

Edit this sidebar

Latest News

IE7+MathPlayer

Fixed a longstanding bug with IE7+MathPlayer. Instiki now works with that browser/plugin combination.

Rails 2.1 (6/1/2008)

  • Instiki is now running on Rails 2.1.
  • A couple of bugfixes.

Rails Update (5/21/2008)

  • Instiki is now running on the latest candidate release of Rails, 2.1 RC1 (aka 2.0.991).
  • I’ve also been working at improving Instiki’s performance. The latest version, with a new sanitizer, is significantly faster than previously. It’s worth upgrading, just for the speed boost.

Security: XSS Vulnerability (3/15/2008)

A critical XSS vulnerability has been found in Instiki. Please update!

Mongrel (1/17/2008)

  • I fixed a bunch of annoying bugs. See the log for details.
  • We now bundle the latest REXML.
  • This installation now runs on Mongrel, rather than WEBrick. There are updated instructions, should you want to do the same.

Rails 2.0.2 (1/3/2008)

  • Instiki is now based on Rails 2.0.2.
  • Made a bunch of fixes to better ensure well-formedness. (Thanks to Philip Taylor and Henri Sivonen for beating on the application to uncover these issues.)
  • Various other fixes and improvements.

SVG in Equations

Enhanced support for embedding SVG in itex equations. This requires itex2MML 1.3 or later.

New Version (10/15/2007)

It’s time to bump the version number.

  • Many improvements (some performance-related).
  • A security fix (see revision 169).
  • We’ve also migrated to Rails 1.2.5.

TeX Export (10/4/2007)

Much-improved LaTeX export (the little “TeX” link at the bottom of the page). Many thanks to Jason Blevins for his hard work on this.

S5 Themes (9/2/2007)

Instiki now sports S5 Theme support.

Security Update (9/2/2007)

  • Security: Unsafe handling of categories and of <nowiki> led to cross-site scripting vulnerabilities. Please update.

Real XHTML in Safari (7/26/2007)

  • Finally managed to get real XHTML S5 slideshows to work in Safari. So you can now use SVG in your slideshows for that browser.

Under the Hood (5/25/2007)

  • Etags (If-None-Match) and Conditional GET (If-Modified-Since) support (via a modified version of the action_cache plugin)
  • Switched to HTML5lib-based sanitizer.
  • Synced with latest version of main Instiki and Maruku.

Recent Fixes (3/30/2007)

  • Log Rotations
  • Send XHTML+MathML+SVG DOCTYPE
  • Upgrade to Rails 1.2.3
  • XML-safe output (for non-MathML-aware XHTML clients): ported MathML::Entities to Ruby and use it to filter output
  • Send S5 slideshows to Safari as text/html. Safari’s DOM support is rather broken for real XHTML.

BZR Feed (3/12/2007)

If you are tracking developments in this branch of Instiki via the BZR Repository, now there’s an easy way to keep abreast. The Repository has its own Atom feed. Subscribe, and you will be automatically informed of updates to the software. The same is true of the BZR Repository for itex2MML and its Atom feed.

Recent Fixes (3/10/2007)

Lots of bugfixes, and a few minor features additions.

  • S5 views are now visible on a published (password protected) Web. (See this example) [From Jason Blevins]
  • Methods in WikiReferences now restrict themselves (properly) to the current Web. [From Jason Blevins]
  • File uploads now work.
  • Security: ensure file upload directory is not world-writable.
  • Enabled file-system-based caching. (Should be more scalable than the in-memory caching.)
  • Security: ensure that the file-system cache is not world-writable (a security flaw in Rails).
  • Category list and recently_revised views now work properly.
  • Cache S5, TeX and Print views.
  • Deal correctly with clients that don’t send an HTTP_ACCEPT header.
  • Ensure that input is bona fide utf-8.
  • Other well-formedness issues.
  • Improvements to the S5 code.
  • Maruku bugfixes. [From Andrea Censi]
  • Minor improvements from the Instiki SVN trunk.

Minor Update (3/2/2007)

This branch of Instiki is in constant development, so I won’t make a practice of announcing each and every minor improvement. But XHTML well-formedness is a priority and I fixed a well-formedness issue in the “Rollback” function today.

You can grab the update either as a tarball or via BZR.

S5 Support (3/1/2007)

There are still a few bugs, but my branch of Instiki is now S5-enabled. Any page in the category S5-slideshow has a new “View.” Scroll to the bottom of the page and click on “S5” to view the slide show. S5 is cool, in its own right. But MathML and SVG in S5 is beyond cool. And Maruku provides a drop-dead simple authoring environment.

Check out the sample slide show.

XSS Vulnerability in Instiki (2/27/2007)

A Cross-Site-Scripting vulnerability has been found in Instiki. This is a serious flaw, allowing visitors to an unpatched Instiki Wiki to inject malicious javascript onto your Wiki. Please upgrade to the latest version.

More details about the vulnerability can be found in this blog post.

Revised on August 20, 2008 01:17:38 by Jacques Distler (70.116.17.8)
Edit | Back in time (34 revisions) | See changes | Views: Print | TeX | Linked from: HomePage, contents, Installation, TODO, Jacques Distler, Sandbox, Upgrading, Users, News, Installing on Shared Hosts, AnonymousCoward, S5, SVG, File Uploads, Housekeeping, Proxying, Bazaar, Categories, Syntax, Acknowledgements, Security, Migrating to MySQL, Edit Web, Launch at Startup, Browsers, Mongrel