aboutsummaryrefslogtreecommitdiffstats
path: root/filters
Commit message (Collapse)AuthorAgeFilesLines
* filters: apply HTML escapingLazaros Koromilas2015-08-121-1/+1
| | | | http://www.w3.org/International/questions/qa-escapes#use
* filters: Add sample gentoo scriptJason A. Donenfeld2015-03-131-0/+320
|
* simple-authentication.lua: tie secure cookies to field namesJason A. Donenfeld2015-03-051-13/+21
|
* match other common markdown file extensionsChris Burroughs2014-12-231-1/+1
|
* repolist: add owner-filterChris Burroughs2014-12-231-0/+17
| | | | | | This allows custom links to be used for repository owners by configuring a filter to be applied in the "Owner" column in the repository list.
* filter: fix libravatar email-filter https issueChristian Hesse2014-12-131-1/+2
| | | | | | Serving cgit via https and getting avatar via http gives error messages about untrusted content. This decides whether or not to use https link by looking at the environment variable HTTPS, which is set in CGI.
* remove trailing whitespaces from source filesChristian Hesse2014-04-171-18/+18
|
* filter: add libravatar email-filter lua scriptChristian Hesse2014-03-131-0/+26
|
* simple-authentication: styleJason A. Donenfeld2014-01-231-1/+1
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: document tweakables in lua scriptJason A. Donenfeld2014-01-171-0/+10
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: have cgit calculate login addressJason A. Donenfeld2014-01-161-6/+1
| | | | | | | This way we're sure to use virtual root, or any other strangeness encountered. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: lua string comparisons are time invariantJason A. Donenfeld2014-01-161-2/+2
| | | | | | By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* authentication: use hidden form instead of refererJason A. Donenfeld2014-01-161-79/+121
| | | | | | | This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* auth: add basic authentication filter frameworkJason A. Donenfeld2014-01-161-0/+225
| | | | | | | | | | | | | | | | This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* email-gravatar: fix html syntax issuesChristian Hesse2014-01-152-2/+2
| | | | | an attribute value specification must be an attribute value literal unless SHORTTAG YES is specified
* email-gravatar: do not scale icons upJason A. Donenfeld2014-01-142-2/+2
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: allow returning exit code from filterJason A. Donenfeld2014-01-141-0/+1
| | | | | | | Filters can now indicate a status back to cgit by means of the exit code for exec, or the return value from close for Lua. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* email-gravatar: fix html syntax issuesChristian Hesse2014-01-142-2/+2
| | | | | | * make ampersand a html entity * add required alt attribute * add required img end tag
* email-gravatar.py: fix UTF-8Christian Hesse2014-01-141-0/+4
|
* email-gravatar.lua: fix for lua 5.2Christian Hesse2014-01-141-1/+1
|
* filter: add page source to email filterJason A. Donenfeld2014-01-142-1/+3
| | | | | | | | Since the email filter is called from lots of places, the script might benefit from knowing the origin. That way it can modify its contents and/or size depending. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filter: add gravatar scriptsJason A. Donenfeld2014-01-142-0/+58
| | | | | | | The lua one is hugely faster than the python one, but both are included for comparison. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filters: Improved syntax-highlighting.pyStefan Tatschner2014-01-131-19/+33
| | | | | | | | | | | | | | | | - Switched back to python2 according to a problem in pygments with python3. With the next release of pygments this problem should be fixed. Issue see here: https://bitbucket.org/birkenfeld/pygments-main/issue/901/problems-with-python3 - Just read the stdin, decode it to utf-8 and ignore unknown signs. This ensures that even destroyed files do not cause any errors in the filter. - Improved language guessing: -> At first use guess_lexer_for_filename for a better detection of the used programming languages (even mixed cases will be detected, e.g. php + html). -> If nothing was found look if there is a shebang and use guess_lexer. -> As default/fallback choose TextLexer. Signed-off-by: Stefan Tatschner <stefan@sevenbyte.org>
* Fix UTF-8 with syntax-highlighting.pyPřemysl Janouch2014-01-081-0/+1
| | | | | | | Previously the script tried to encode output from Pygments with the ASCII codec, which failed. Signed-off-by: Přemysl Janouch <p.janouch@gmail.com>
* Fix about-formatting.shPřemysl Janouch2014-01-081-1/+1
| | | | | | dash failed to parse the script. Signed-off-by: Přemysl Janouch <p.janouch@gmail.com>
* filters: highlight.sh: add css comments for highlight 2.6 and 3.8Ferry Huberts2014-01-081-1/+63
| | | | | | v2: add highlight 3.13 as present on Fedora 19 Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
* filters: toggle perl utf8 situationJason A. Donenfeld2013-05-281-4/+0
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* filters: import more modern scriptsJason A. Donenfeld2013-05-278-0/+1813
| | | | Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* syntax-highlighting.sh: Fix command injection.Jason A. Donenfeld2012-10-271-2/+2
| | | | | | | | | By not quoting the argument, an attacker with the ability to add files to the repository could pass arbitrary arguments to the highlight command, in particular, the --plug-in argument which can lead to arbitrary command execution. This patch adds simple argument quoting.
* syntax-highlight: when the file has no extension, assume textFerry Huberts2012-10-091-1/+4
| | | | | | | | | | There are 2 situations: 1- empty extension: assuming text is better than highlight producing no output because of a missing argument. 2- no extension at all: assuming text is better than setting the extension to the filename, which is what now happens. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
* Revert "filters/syntax-highlighting.sh: work around highlight --force bug"Ferry Huberts2012-10-091-17/+0
| | | | | | | | | This reverts commit f50be7fda0a7ab57009169dd5905fcbab8eb5166. An update with the latest highlight landed in EPEL. This new version doesn't have the --force bug, so the workaround can now be removed. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl>
* Merge branch 'stable'Lars Hjemli2012-03-181-0/+28
|\
| * filters/syntax-highlighting.sh: work around highlight --force bugFerry Huberts2012-03-181-0/+17
| |
| * filters/highlight.sh: manually support highlight version 2 and 3Ferry Huberts2012-03-181-0/+11
| |
* | commit-links.sh: improve regular expressionsFerry Huberts2011-07-191-2/+5
| | | | | | | | | | | | | | | | | | | | | | The default length for sha1 abbreviations in git is 7. A '#num' at the beginning of the commit message is now recognised, a ':#num' as well, etc.: a '#num' anywhere is now converted to a link. Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* | filters: document environment variables in filter scriptsFerry Huberts2011-03-262-0/+22
|/ | | | | Signed-off-by: Ferry Huberts <ferry.huberts@pelagic.nl> Signed-off-by: Lars Hjemli <hjemli@gmail.com>
* commit-links.sh: Seperate the expressions for filtering commit messages.Jeff Smith2010-07-221-7/+9
| | | | | This allows for putting descriptions closer to their expressions. It should also make it clearer how to apply an expression conditionally.
* syntax highlighting for all formats supported by "highlight"Georg Lukas2009-11-191-17/+12
| | | | | | | | | | | | | | | | | | The highlight tool can be given any of the supported file extensions as its -S parameter. This patch replaces the case-switch by extracting the extension from the supplied file name and passing it to highlight. However, this requires a shell supporting the ${var##pattern} syntax, like dash or bash. Unknown extensions cause a fall-back to plain text using the --force switch. Error messages are redirected to /dev/null. A special case maps Makefile and Makefile.* to the "mk" extension. The total overhead is reduced by calling "exec highlight". No forks are needed during script execution. Signed-off-by: Georg Lukas <georg@op-co.de>
* Add some example filter scriptsLars Hjemli2009-08-092-0/+51
Signed-off-by: Lars Hjemli <hjemli@gmail.com>