-
Notifications
You must be signed in to change notification settings - Fork 38
/
ReleaseNotes01x01.txt
2019 lines (1730 loc) · 173 KB
/
ReleaseNotes01x01.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
%META:TOPICINFO{author="ProjectContributor" date="1448293212" format="1.1" version="1"}%
%META:TOPICPARENT{name="ReleaseHistory"}%
---+!! Foswiki Release 1.1.10
%TWISTY{showlink="Table of Contents..." hidelink="hide TOC"}%
%TOC%
%ENDTWISTY{}%
---++ Foswiki - The Free and Open Source Wiki
Foswiki is an enterprise collaboration and information sharing tool targeted for professional use in many types of organizations: from small businesses to multi-nationals, from one-product open source groups, to worldwide research networks.
Foswiki is a wiki: fundamentally, a website with editable web pages. It looks like a normal web site but it encourages contributions, edits, updates, questions, and answers from its users. It's a powerful way of enabling a community to communicate asynchronously using intranet and public internet websites. Foswiki is simple to learn and use. It aims to provide a transparent way for you to publish and exchange your ideas with others over the web and eliminates the one-webmaster syndrome of outdated intranet content.
Foswiki is a structured wiki with tools that enable users without programming skills to build powerful yet simple applications to process information and support workflows. Developers can extend the functionality of Foswiki with plugins.
Foswiki is the old TWiki project under a new name. Restrictions on the use of the TWiki brand resulted in many of its developers continuing the project under the new Foswiki name. Foswiki is backwards compatible with all content from older TWiki installations. Foswiki 1.1 ships with a !TWikiCompatibilityPlugin, thus enabling most extensions made for TWiki to work under Foswiki. Since the start of the Foswiki project there have been several releases of TWiki, However there have been very few functionality changes, and the useful changes have all been tracked in Foswiki, so topics and wiki applications supported by TWiki should also work with Foswiki.
Foswiki is released under the GNU General Public License.
---++ Foswiki Releases
%TWISTY{showlink="Release 1.0 releases..." hidelink="hide Release 1.0"}%
* Foswiki 1.0.0, the first Foswiki was released on 09 Jan 2009.
* Foswiki 1.0.1, 1.0.2 and 1.0.3 were released internally in the development community, but were never publicly released.
* Foswiki 1.0.4 was built 19 Mar 2009. It is a patch release with more than 120 bug fixes relative to 1.0.0 and only very few minor enhancements.
* Foswiki 1.0.5 was built 25 Apr 2009. It is a patch release with more than 150 bug fixes relative to 1.0.0 and a few enhancements. This patch release further enhances the robustness and the security of the Foswiki software.
* Foswiki 1.0.6 was built 21 Jun 2009. It is a patch release with more than 200 bug fixes relative to 1.0.0 and some enhancements. This version introduces a major enhancement in security against Cross-Site Request Forgery. Further more a central translation framework got introduced which ease the translation process and enables all users to contribute to translations.
* Foswiki 1.0.7 was built 20 Sep 2009. It is a patch release with more than 240 bug fixes relative to 1.0.0 and some enhancements. This release fixes some serious issues introduced by the CSRF fix and the redirect cache fix in 1.0.6. Major enhancement that also fixes many annoying editor bugs is the upgrade of the !Tiny MCE editor to version 3.2.2.
* Foswiki 1.0.8 was built 29 Nov 2009. It is a patch release with more than 280 bug fixes relative to 1.0.0 and some enhancements. This release fixes a short list of quite annoying old bugs incl a bug that prevented efficient use of MailerContrib for producing newsletters. The Wysiwyg editor has been upgraded with the latest Tiny MCE editor release 3.2.7.
* Foswiki 1.0.9 was built 17 Jan 2010. It is a patch release with more than 320 bug fixes relative to 1.0.0 and several enhancements. This release fixes many bugs in the Wysiwyg editor, bugs related to more advanced wiki applications and bugs in the Plugin API. It contains several bug fixes and enhancements related to security and spam fighting.
* Foswiki 1.0.10 was built 08 Sep 2010 as a patch release with more than 410 bug fixes relative to 1.0.0. It is assumed to be the last 1.0.X release.
%ENDTWISTY{}%
* Foswiki 1.1.0 was built 04 Oct 2010. It is a release with more than 270 bug fixes relative to 1.0.10 and more than 680 bug fixes relative to 1.0.0. And the release adds more than 100 enhancements. Foswiki 1.1.0 introduces jQuery Javascript user interface framework, improved topic history display, new QUERY and FORMAT macros, better userinterfaces for groups, much improved WYSIWYG editor, facelift of the default skin, much improved configure tool, and many more enhancements.
* Foswiki 1.1.1 was built 25 Oct 2010. It is a release that fixes some important bugs that were introduced in 1.1.0. It is highly recommended that all running 1.1.0 upgrade to 1.1.1.
* Foswiki 1.1.2 was built 09 Nov 2010. It is a release that fixes some very important bugs incl. a security related bug. Installations running 1.1.0 and 1.1.1 should be upgraded to 1.1.2
* Foswiki 1.1.3 was built 16 Apr 2011. It is a release that fixes more than 150 bugs. jQuery has been updated to 1.4.3. The default PatternSkin has some usability improvements.
* Foswiki 1.1.4 was built 20 Dec 2011. It is a release that fixes some very important including some security related issues. It contains 143 fixes and 27 enhancements. jQuery has been updated to 1.7.1.
* Foswiki 1.1.5 was built 10 Apr 2012. It is a release that fixes some very important issues including some security related issues. It contains 100 fixes and 20 enhancements.
* Foswiki 1.1.6 was built 02 Dec 2012. It is a release that fixes some important issues including some minor security related issues. It contains 94 fixes and 27 enhancements.
* Foswiki 1.1.7 was built 01 Feb 2013. It is a release that fixes *CVE-2012-6329* and *CVE-2012-6330*. It contains 20 fixes and 4 enhancements.
* Foswiki 1.1.8 was built 28 Feb 2013. It is a release that fixes *CVE-2013-1666*. It contains 4 fixes.
* Foswiki 1.1.9 was built 18 Nov 2013. It is a release that contains 44 fixes and 4 enhancements.
* Foswiki 1.1.10 was built 23 Nov 2015. It is a release that contains 8 fixes and 8 enhancements.
Foswiki 1.1.10 is indended to be the final patch release in the Foswiki 1.1 Release stream.
---++ Pre-installed Extensions
Foswiki 1.1 ships with the following:
* *Plugins:* !AutoViewTemplatePlugin, !CommentPlugin, !EditTablePlugin, !EmptyPlugin, !HistoryPlugin, !InterwikiPlugin, !JQueryPlugin, !PreferencesPlugin, !RenderListPlugin, !SlideShowPlugin, !SmiliesPlugin, !SpreadSheetPlugin, !TablePlugin, !TinyMCEPlugin, !TwistyPlugin, !WysiwygPlugin
* *Contribs:* !CompareRevisionsAddOn, !FamFamFamContrib, !JSCalendarContrib, !MailerContrib, !PatchFoswikiContrib, !TipsContrib, !TopicUserMappingContrib
* *Skins:* !PatternSkin
* *Compatibility support* - !TWikiCompatibilityPlugin
#Release01x01Changes
---++ Important changes in Foswiki 1.1.10 (This release)
Foswiki 1.1.10 is a compatibility release for sites unable to upgrade to Foswiki 2.0. It contains fixes for Perl and CPAN compatibility issues that can
arise after a system upgrade. It has been tested with perl versions 5.8.8 thru 5.23. It also contains backports of important Foswiki 2.0 features necessary
for compatibility with extensions released for Foswiki 2.0.
This release refreshes all default extensions to the version shipped with Foswiki 2.0, with the exception of TopicUserMappingContrib and PatternSkin.
The new version of these extensions are not compatible with Foswiki 1.1.
Foswiki 1.1.10 does *not* contain fixes for security issues fixed in the Foswiki 2.0.x releases. Upgrade to the latest Foswiki release is strongly recommended.
---+++ ACL Changes
Foswiki 1.1.10 backports the new wildcard ACL. ALLOW and DENY rules can now be set to "*" asterisk, which means always match. In Foswiki 2.0, this is
used to deprecate the old "Empty" deny rule. Foswiki 1.1.10 still supports the empty deny rules, but also supports the "ALLOW *" for allow all.
---+++ SpreadSheetPlugin changes
The CALC and CALCULATE macros now encode =<= and =>= as entities, which prevents some paths used to insert script tags. If your user's topics require
CALC or CALCULATE to generate HTML, then you must enable the following setting:
* Set SPREADSHEETPLUGIN_ALLOWHTML=1
This setting can be set in the topic, web, user or site perferences.
---++ Important changes in Foswiki 1.1.9
Release 1.1.9 fixes a number of important bugs. Several are security related and we strongly recommend that sites upgrade to this release.
* The =%<nop>TOPICLIST%= macro now omits topics that cannot be read by the user. Foswiki should not reveal the presence of topics to users who don't have the authority to view the topic.
* Login using url parameters has been restricted. Details below..
Release 1.1.9 addresses several issues that impact sites that have upgraded or will upgrade to newer versions of perl and CPAN modules. We strongly
recommend that foswiki be upgraded to 1.1.9 prior to updating to a new release of perl or CPAN modules.
Two serious performance issues have been corrected. The TablePlugin amassed CSS from all visited topics, growing with each view. And an error in SEARCH
caused exponential growth of the search expressions which could cause out of memory issues on the server. These could be especially severe for sites using
FastCGI or Mod_Perl.
See [[#Rel01x01x09Details]] for details.
---+++ JQuery upgrade
This release ships with several upgraded versions of JQuery, and changes the default release to version =1.8.3=. It also replaces the deprecated JQuery
Tooltip plugin with the new UI::Tooltip. Upgraders should visit =bin/configure= and make the following changes to the Jquery configuration:
* Update ={JQueryPlugin}{JQueryVersion}= to version =1.8.3=
* Disable ={JQueryPlugin}{Plugins}{Tooltip}{Enabled}= and
* Enable ={JQueryPlugin}{Plugins}{'UI::Tooltip'}{Enabled}=
Note that although the jquery autocomplete plugin was replaced with ui::autocomplete back in Foswiki release 1.1.4, recent changes to jquery
required some additional changes to some UI::Autocomplete examples. See
[[http://trac.foswiki.org/changeset/17042/branches/Release01x01/JQueryPlugin/data/System/JQueryAjaxHelper.txt][Revision 17042]] for details of this change.
---+++ Changes to login using URL parameters
All versions of foswiki previously allowed the username and password parameters to be provided on the URL. For ex:
=bin/view/Myweb/SomeTopic?username=JoeUser;password=SEcrET=. Foswiki 1.1.9 has been changed to further restrict login:
* username and password will only be accepted on POST type operations. a simple GET url with username and password will not accept the supplied credentials.
* The previous behaviour can be restored by enabling =$Foswiki::cfg{Session}{AcceptUserPwParamOnGET}= in the configuration
* username and password will only be accepted as login credentials on the =view=, =viewauth= and =login= scripts.
* Other scripts can be authorized by configuring =$Foswiki::cfg{Session}{AcceptUserPwParam}=
---+++ Improved compatibility with Perl 5.18+
Foswiki 1.1.9 has been tested with perl 5.18+. Perl 5.18 has made a very significant change in how hash tables are randomized and stored.
See [[http://search.cpan.org/dist/perl-5.18.0/pod/perldelta.pod#Hash_overhaul][5.18 perldelta]]
for more information. The change has had some minor impact on Foswiki, most of which were test failures, not core code issues, and were fixed in [[%BUGS%/Item12616][Item12616]]. It did however
result in discovery of some core bugs that were also fixed.
Sites upgrading to perl 5.18 should carefully test foswiki and review the open tasks at [[http://foswiki.org/Tasks/PlatformPerl518]]. Please report any new issues there.
The following differences have been noticed when running under Perl 5.18, and have *not* been corrected:
* The order of search results order when the requested sort has duplicates is unpredictable. Ex: When sorting by "modified", the order of multiple topics modified at the exact same time will be unpredictable. ([[%BUGS%/Item12618][Task Item12618]])
* The order of groups presented by =%USERINFO= and =%GROUPINFO= macros is unpredictable. As a result, the order of groups listed by the Main.WikiGroups topic change on each page view. ([[%BUGS%/Item12635][Task Item12635]])
* The order of data in a =perl= formatted =%QUERY= result is unpredictable. (No plan to fix)
Any data internally stored by Foswiki or extensions using a perl hash array will be presented in unpredictable order.
---++ Important changes in Foswiki 1.1.8
Release 1.1.8 fixes a *Critical Security Vulnerability*. All previous releases of Foswiki are vulnerable to a security issue in [[http://metacpan.org/module/Locale::Maketext][Locale::Maketext]]. It is described further in [[http://foswiki.org/Support/SecurityAlert-CVE-2013-1666][SecurityAlert-CVE-2013-1666]].
It is expected that this will be the last release in the Foswiki 1.1 series. The next major release will be a feature release: Foswiki 1.2.0
Release 1.1.8 also includes a configuration checker that will report an error if a vulnerable version of Locale::Maketext is installed.
See [[#Rel01x01x08Details]]
---++ Important changes in Foswiki 1.1.7
Release 1.1.7 fixes a *Critical Security Vulnerability*. All previous releases of Foswiki are vulnerable to a security issue in [[http://metacpan.org/module/Locale::Maketext][Locale::Maketext]]. It is described further in [[http://foswiki.org/Support/SecurityAlert-CVE-2012-6329][SecurityAlert-CVE-2012-6329]].
A 2nd vulnerability in the Foswiki =%<nop>MAKETEXT%= macro was also discovered, and is described further in [[http://foswiki.org/Support/SecurityAlert-CVE-2012-6330][SecurityAlert-CVE-2012-6330]] . It is expected that this will be the last release in the Foswiki 1.1 series. The next major release will be a feature release: Foswiki 1.2.0
Release 1.1.7 also includes a security fix for configure that reduces exposure of important passwords in confirmation and log messages.
See [[#Rel01x01x07Details]]
---+++ Module version strings and new module dependency in 1.1.6 and 1.1.7
The Foswiki and default extension version strings have been changed from a developer oriented string _Foswiki-1.1.5, Tue, 10 Apr 2012, build 14595,_ to a simple perl version string - "v1.1.6".
The "RELEASE" string will continue to be more descriptive and can be displayed with a new macro =%<nop>WIKIRELEASE%=.
*This adds a new dependency on =version 0.77= - the Perl module version class.*
* Sites using Perl 5.10.1 or newer have the correct version of version.
* Sites on older versions of perl should install the latest =version= using CPAN or their system's package manager.
<blockquote class="foswikiAlert"><b>%X% Before upgrading to Foswiki 1.1.6 or 1.1.7, verify that the installed version of CPAN:version is at least version =0.77=. If not, upgrade CPAN:version before attempting to upgrade Foswiki!</b> For example:
<verbatim> perl -Mversion -e 'print "$version::VERSION\n"'
0.9901
</verbatim></blockquote>
Note: Extensions may not have been upgraded to use the new 'dotted-decimal' version string format for dependency checking.
If an extension includes a dependency on an SVN-style revision, Foswiki 1.1.6 assumes that the dependency is satisfied by a 'dotted-decimal' version.
---+++ Wysiwyg / !TinyMCE Editor changes
Release 1.1.6 changed the editor to treat all links as real HTML links in TMCE. This had an annoying side effect: when a user changes the link text displayed in-line, the editor _only_ updated the link text, and the target page was not changed.
This even including auto-linked !WikiWords. The editor will now save the original !WikiWord. During the save, if the new link text is still a !WikiWord, and the link target still points to the original !WikiWord, it will also be updated to match the new !WikiWord..
* Ex. if a !InlineWikiWord is changed to !ADifferentWikiWord, the link will now point to !ADifferentWikiWord, which is probably what the user intended.
*Note:* This change required a setting change to the !TinyMCEPlugin Init setting found in System.TinyMCEPlugin. If the =TINYMCEPLUGIN_INIT= settings have been customized, this change will need to be merged into your customized settings or the new behavior will be ignored.
---+++ Force Default Host URL toggle
Sites that use HTTP Proxies, load balancers and SSL Accelerators often modify the users original input URL. When this happens, Foswiki can generate incorrect links on the pages. A new expert configuration parameter
={ForceDefaultUrlHost}= can be enabled to force Foswiki to override the user entered URL with the ={DefaultUrlHost}= setting.
---+++ New configuration parameter ={Register}{ExpireAfter}=
Foswiki 1.1.6 added code to clean up expired pending registrations, and tied the request lifetime to the ={Sessions}{ExpireAfter}= timer. This is much too short, especially when registration requests are redirected to a 3rd party
approver, as described in [[http://foswiki.org/Support/Faq12][FAQ 12]] and [[http://foswiki.org/System/ManagingUsers#Authentication_and_Access_Control][Managing Users]] documentation.
[[%BUGS%/Item12329][Item12329]] breaks this out to a separate timer for registration requests. Default is 21600 seconds (6 hours). If this setting is not in the configuration, the code will fall back to the ={Sessions}{ExpireAfter}=
timer, and if that is not configured, the default is 36000 (10 hours). Extend this setting to a longer value to give the approver ample time to process the request.
---+++ When upgrading, a new setting is needed for PatternSkin
If you are upgrading an existing Foswiki system, verify the following:
* Ensure that !Main.SitePreferences or System.DefaultPreferences have the setting for PATTERNSKIN_JQUERY_THEME. <verbatim> * Set PATTERNSKIN_JQUERY_THEME = PatternSkinTheme</verbatim>
* Be sure to run through an edit / save cycle in [[%SCRIPTURL{"configure"}%][bin/configure]].
The new =System.DefaultPreferences= topic has this setting, but if you have customized you !DefaultPreferences, then this setting may need to be added.
The save cycle of configure is necessary to register the new JQuery pattern theme in the configuration. (If configure reports no changes, make a minor change and save again, and configure will merge in the changed settings). Or edit the =LocalSite.cfg= file by hand and add
<verbatim>
$Foswiki::cfg{JQueryPlugin}{Themes}{PatternSkinTheme}{Url} =
'$Foswiki::cfg{PubUrlPath}/$Foswiki::cfg{SystemWebName}/PatternSkinTheme/jquery-ui.css';
$Foswiki::cfg{JQueryPlugin}{Themes}{PatternSkinTheme}{Enabled} = 1;</verbatim>
---+++ Font changes
A change made in 1.1.6 changed the default size and family of the body font. This change resulted in unexpected word wrap in tables that had column widths set to avoid wrapping. Foswiki 1.1.7 reverts the font setting back to that of Foswiki 1.1.5.
Changes to the skin that impact layout should not have been made in a patch release.
---+++ Minor change to =Main.WebHome=
The [[Main.WebHome]] topic was changed to display the =%<nop>WIKIRELEASE%= macro instead of the =%<nop>WIKIVERSION%=. =WIKIRELEASE= is a more friendly user readable version string.
---++ Important changes in Foswiki 1.1.6
Release 1.1.6 is a security focused and bug fix release. There are a number of fixes and small enhancements designed to improve the security of Foswiki.
---+++ Default format of "New Topic" links has changed.
The old format used a trailing questionmark to create a topic. Missing topics are now rendered with red text, and underlined with a dotted line. The entire missing-topic name is a link to create the new topic, instead of just the
question mark. If you have applied a custom new topic setting in your Main.SitePreferences, you shouldn't see any changes. Remove the override from Main.SitePreferences to get the new behavior.
---+++ JQuery version updates
* The default version of JQuery has been bumped to <code>JQuery 1.8.2</code>
* All versions of jquery older than 1.7.1 have been removed.
Be sure to run configure and verify that the JQuery version is set to one still available, and preferably the default 1.8.2.
---+++ Registration handling
* The check for duplicate email regisrations is now applied to pending registrations.
* Code has been added to remove stale registration approval requests.
---+++ Wysiwyg / !TinyMCE Editor changes
A number of changes have been made to make editing more "WYSIWYG" like:
* All links are now represented as real HTML links in TMCE. Editing the link text displayed in-line _only_ updates the link text, including auto-linked WikiWords. Click the link icon to update the actual link target.
* Ex. if a !InlineWikiWord is changed to !ADifferentWikiWord, the link will become <code>[<nop>[InlineWikiWord][ADifferentWikiWord]]</code>
* Verbatim blocks that are hidden will now display and can be edited.
* Escaped !WikiWords will no longer display as links when edited.
* Major issues with loss of white-space and line breaks while editing have been corrected.
* It is now possible to position the cursor above/below blocks that start or end a topic.
* HTML entities added to topics when Ctrl-i or Ctrl-b are used for Italics / Bold are now removed on save.
* Multi-line TML tables can now be edited.
* NOAUTOLINK and <noautolink> blocks are now handled correctly.
* JQuery Chili highlighter classes are now all available from the context menu of a verbatim block.
* New tables inserted with wysiwyg now show the expected borders.
* !TinyMCE has been updated to release 3.4.9
---+++ <code>Insecure dependency</code> errors when using LOCALEs
Setting a Locale in the configuration causes internal errors because of perl's mechanisms used to protect applications from potentially untrusted input. The systems Locale strings are considered "Tainted" and Foswiki fails with taint
errors. At this point we don't have a good solution. Significant work is being done for future releases to resolve this issue.
In the meantime, if you require a custom Locale, and are experiencing errors like <code>Insecure dependancy in x while running with -T switch</code> our only solution presently is to disable Taint checking by removing the "-T" switch
from the first line of each script in the bin directory.
---+++ A serious performance problem when renaming topics has been resolved
The resolution results in a change to what is renamed. Prior to this resolution, an extra scan of the entire web was performed. The new behavior
is that "Incoming" links (Links pointing to the topic being renamed) will be listed and updated when their checkbox is checked. However "Outgoing" links
(links internal to the renamed topic, pointing to other topics in the original web) will not be updated.
---+++ Performance problems when logs are "Rotated" at end of month.
The plainfile logger was using too much resources when rotating the logs at end of month. This has been improved somewhat, however there still can be issues for very busy sites. To help resolve this, the settings for the "Compatibility Logger" have been restored to the configuration. The
compatibility logger writes to "date-stamped" filenames instead of doing an end-of-month rotation.
As an alternative, there is a new Foswiki:Extensions.LogDispatchContrib for more advanced logging. This extension will be the default logger in Foswiki 1.2.
---+++ JQuery Chili highlighter is enabled by default.
This was temporarily disabled because Firefox and Safari had errors which will corrupt the highlighted text. Recent browser releases have resolved this issue, and Chili is again enabled by default. It may still be necessary to
disable Chili if your user community still is using the buggy browsers.
---+++ <code>configure</code> now backs up the configuration
<code>configure</code> now will save the previous configuration to a file named <code>LocalSite.cfg.[n]</code> where <code>[n]</code> is increased by 1 prior to each save. By default, 10 prior revisions are kept.
---+++ Markup within input fields are no longer rendered
[[%BUGS%/Item11480][Item11480]] now prevents the rendering of Topic Markup (TML) within input fields. Previously if an input field was "pre-filled" with markup for ex: <b><code><literal>some *marked* text</literal></code></b>,
it would be renderd as <b><code>some <strong>marked<strong> text</code></b>. Foswiki will no longer render the contents of input fields.
This exposes a potential issue. If input field initial content is manually protected using the <code><literal></code> to prevent the rendering, the resulting html will be corrupted.
Foswiki allows for <code><nop></code>, however any other unencoded < and > is not legal within <code><input></code> tag and must be removed.
<verbatim>
<input ... text=' WikiWord *bold* text'> previously was rendered, on 1.1.6 will be shown exactly as written.
<input ... text='<nop>WikiWord' > Is acceptable, but the <nop> is unnecessary.
<input ... text='<literal>some *bold* text</literal' > The <literal> tags MUST be removed
</verbatim>
---+++ Sandbox WebHome topic updated with improved validation of new topic name
Foswiki upgrade packages and manual upgrade procedures typically do not upgrade any !WebHome topics. The 1.1.6 upgrade package will include a new !WebHome for the Sandbox web. If you upgrade manually, you should copy the =data/Sandbox/WebHome.txt= file from the full Foswiki distribution onto your system.
If you have a customized Sandbox !WebHome topic, and use the upgrade package, you may need to revert back to your customized topic or re-customize the new version.
---++ Important changes in Foswiki 1.1.5
Release 1.1.5 is a security focused release. There are a number of fixes and small enhancements designed to improve the security of Foswiki.
---+++ API Change
The Foswiki API version is incremented to version 2.2 in Foswiki 1.1.5 for the following changes:
* <code>Foswiki::Func::getScriptUrlPath()</code> has been removed from deprecation, and enhanced with a new calling convention to be consistent with <code>Foswiki::Func::getScriptUrl()</code>.
---+++ Improvements to User Registration
* The complete fix for [[http://foswiki.org/Support/SecurityAlert-CVE-2012-1004][CVE-2012-1004]] has been integrated, including pluggable field validations in the User Mapper. If your installation uses a custom user mapper, there is a new function in the base user mapper <code>lib/Foswiki/Users.pm</code> that performs registration field validations. Override this method in your custom user mapper to add site specific validations.
* The user registration and group management API calls now all return error messages describing any failures. All errors are processed through MAKETEXT so that they are translated to the selected language.
* New options can reject duplicate registrations using the same email, and can either white-list or black-list email domains from registering.
---+++ Improvements to .htpasswd handling
* The =HtPasswdUser= password manager has been changed to globally cache the password file if enabled. In an installation running =fcgi= or =mod_perl=, this will reduce the overhead of reading the file for each transaction.
* The =.htpasswd= lock file is now configurable. There was a small risk that when multiple foswiki installations shared a common =.htpasswd= file, simultaneous updates would not be prevented, resulting in file corruption.
* The default for ={Htpasswd}{Encoding}= has been changed to =apache-md5=. We _strongly_ recommend that installations migrate away from =crypt= encoding - the prior default. =crypt= truncates passwords at 8 characters.
* The ={Htpasswd}{AutoDetect}= option is enabled by default. This ensures that an existing =.htpasswd= file cannot be accidentally corrupted due to the change in default encoding.
* A new password encoding hash has been added. =bcrypt= encoding. (Ref. http://yorickpeterse.com/articles/use-bcrypt-fool )
---+++ Better session support for mixed http and https environments
If your foswiki is set up to accept both https and http requests, your users may find themselves logged out much faster than desired.
1.1.5 fixes this by using separate authentication session cookies when using =http= and =https=, but this may mean your users may need to login again. This applies to both =TemplateLogin= and =ApacheLogin=.
---+++ Changes to the =configure= password handling
The encoding of the =bin/configure= and "sudo" =admin= user has been changed. Sites should change their configure password as soon as possible. Note that this change is not backwards compatible. Once the password has been changed, if fallback to 1.1.4 is required, the password will have to be reset by removing the password from =lib/LocalSite.cfg.=
---+++ Changes to Statistics processing
The !WebStatistics topics are no longer shipped with Foswiki. Two new topics have been included; %SYSTEMWEB%.DefaultWebStatistics and %SYSTEMWEB%.WebStatisticsTemplate. The =statistics= script now has the optional capability of creating the missing !WebStatistics topics.
* The Foswiki configuration has a new parameter: ={Stats}{AutoCreateTopic}= (Default is disabled)
* The =statistics= script has a new parameter: =-autocreate 1= or =autocreate=1= (Default is 0 or disabled)
* The =statistics= script must now only be run using =POST=. HTML =GET= should never result in an update.
The details of this change are in %SYSTEMWEB%.SiteTools#WebStatistics, including a tool to help with creating the missing !WebStatistics topics.
---+++ Changes to !PlainFile logger to improve log rotation
In previous versions of foswiki, the default =PlainFile= logger failed to rotate the logs if any log records were corrupted. This is more likely in the error log file, but can be caused by any log record that is written containing embedded newlines. If a log record is read without the expected =| Timestamp |= as the first column, rotation stops.
This behavior has been corrected, however sites where rotation was failing may have extremely large log files. When foswiki performs the rotation at the beginning of the next month, rotation can take an extended time, resulting in extended response time.
Rotation is performed when the timestamp of the log file (=events.log=, =error.log=, =debug.log=) is in a month prior to the current month. In order for rotation to proceed:
* The directory containing the log files must be writable.
* Archive files named =[logfile].YYYYMM= must not exist for any records in the current =[logfile].log= file.
* For example, if =events.log= contains an event dated =2012-01-15:=, then the archive file =events.201201= must not exist.
In order to force rotation and avoid extended web server response time:
* Quiesce the web server to prevent logging activity
* Upgrade to 1.1.5, which will install the updated =lib/Foswiki/Logger/PlainFile.pm=
* Reset the timestamps to the previous month on the logfile requiring rotation
* =touch -t 201202280101 events.log= will set the timestamp to February 28th on a linux/unix system.
* Windows users will need to install a 3rd party tool to change timestamps, or wait for the next month
* Change to the =bin= directory and run the view script from the shell as the web user.
* =sudo -u www ./view= _(Actual user will vary depending on the distribution)_
The plainfile logger will now report additional information on the rotation process, including displaying bad records to STDERR. Edit =lib/Foswiki/Logger/Plainfile.pm= and change the line =use constant TRACE => 0;= to use =constant TRACE => 1;= to enable more detailed debug messages.
---++ Important changes in Foswiki 1.1.4
---+++ 1.1.3 may have changed some =form.name= MetaData to contain fully-qualified (with web name prefix) values
In Foswiki 1.1.4 this problem has been fixed by [[%BUGS%/Item10874][Item10874]], however, users upgrading from 1.1.3 may wish to review the following information to determine if they need to take action on their existing SEARCHes or !DataForm topics.
<blockquote class="foswikiHelp">%I% Please note, you may be unaffected by %BUGS%/Item10874 if:
* You have never used Foswiki 1.1.3
* You are not [[%SYSTEMWEB%.QuerySearch][QuerySearching]] =form.name= MetaData for exact topic-only (without web prefix) values, or
* Your users are not adding or changing DataForms on their topics via the edit screen's "add/change form" button, or
* Your installation is using Foswiki:Extensions.NatEditPlugin </blockquote>
---++++ Description
Any topics which have had a [[%SYSTEMWEB%.DataForms][DataForm]] added or changed using the "Add/change form" button on the edit screen while running Foswiki 1.1.3 will now have "fully-qualified" Web.Topic names in the =form.name= %SYSTEMWEB%.MetaData even if the =WEBFORMS= preference variable omitted web prefixes from [[%SYSTEMWEB%.DataForms][DataForm]] topic names. In other words, if you were using a =WEBFORMS= preference which looked like this:%JQREQUIRE{"chili"}%
<verbatim class="tml"> * Set WEBFORMS = MyForm</verbatim>
In Foswiki 1.1.3, the "Add/change form" button on the edit screen actually treats it like this:
<verbatim class="tml"> * Set WEBFORMS = TheWeb/TheSubWeb.MyForm</verbatim>
Having selected "MyForm", the =form.name= value is actually stored as =TheWeb/SomeSubWeb.MyForm=. This prevents %SYSTEMWEB%.QuerySearch type [[%SYSTEMWEB%.VarSEARCH][SEARCHes]] for an exact match on the topic-only value of =form.name= from working correctly, for example:
<verbatim class="tml">%SEARCH{"form.name='MyForm'" type="query" ...}%</verbatim>
... will not match these topics. Instead, a search on both possible values can be used:
<verbatim class="tml">%SEARCH{"form.name='MyForm' OR form.name='TheWeb/SomeSubWeb.MyForm'" type="query" ...}%</verbatim>
Or a regex query:
<verbatim class="tml">%SEARCH{"form.name=~'\bMyForm$'" type="query" ...}%</verbatim></blockquote>
Alternatively, the erroneous =form.name= values can be repaired by searching for and fixing them using one of the solutions detailed in %BUGS%/Item10874#Solution
---+++ Email enhancements
Significant enhancements were made to the Foswiki email implementation. These changes increase our compatibility with email services like Google's gmail, add enterprise features like S/MIME signed mail, and add a test facility to
help the administrator better diagnose email problems before testing registration.
* [[%BUGS%/Item10521][Item10521]]: Implement SSL support, which adds direct support for gmail.
* [[%BUGS%/Item10522][Item10522]]: Implement S/MIME support for signed email using either =sendmail= or the =Net::SMTP= methods.
* [[%BUGS%/Item10523][Item10523]]: Add configure parameter to select GMT or Servertime in generated email messages
* [[%BUGS%/Item10919][Item10919]]: Implement an Email test function in configure.
These changes are backwards compatible with =LocalSite.cfg= however it is recommended to visit the Email tab in configure, correct any warnings, and save the configuration parameters guessed when the configuration is migrated.
Note that there are some subtle changes to the Email implementation. Prior to these changes, Foswiki guessed the email send method based upon the setting of the mail server name, which can be configured in =LocalSite.cfg=, as well as a
deprecated preference setting =SMTPMAILHOST=. Once the configuration is updated for 1.1.4, the Email send method is an explicit setting in =LocalSite.cfg=. If the email send method is set to one of the =Net::SMTP= choices but the
MAILHOST parameter is not set, Foswiki will still fall back to the
=MailProgram= (like =sendmail=). However if the email method is set to use the =MailProgram= explicitly, it will ignore any hostname set in =MAILHOST= or =SMTPMAILHOST=.
---++++ Email linking improvements in Foswiki topic rendering.
The following tasks made significant changes to rendering of email addresses in Foswiki topics:
* [[%BUGS%/Item10905][Item10905]]: Unable to include spaces in the query string of mailto links
* [[%BUGS%/Item10660][Item10660]]: Some email address autolinking doesn't work
* [[%BUGS%/Item11059][Item11059]]: Email address followed by a dot generates email link with dot included
An old legacy link format deprecated in 2005 was interfering with the ability to pass complex query params to explicit http: and mailto: links. This issue is fixed, but there is a loss of some backwards compatbility. Before this fix, this link: =[<nop>[mailto:user@example.com?subject=some email]]= woud generate a message with the subject = "some" and link text of "email". After the fix, the link text will be the entire email address and the subject will be "some email". If the original link text is required, it should be entered as =[<nop>[mailto:user@example.com?subject=some][email]]=
Note that this fix also adds a new configuration parameter: =$Foswiki::cfg{AntiSpam}{EntityEncode}=. Entity encoding of email addresses as an anti-spam technique was previously controlled by the parameter =$Foswiki::cfg{AntiSpam}{HideUserDetails}=. Both parameters default to enabled. If you disabled the =$Foswiki::cfg{AntiSpam}{HideUserDetails}= option and desire the same behavior, you should also disable. =$Foswiki::cfg{AntiSpam}{EntityEncode}=. This fix corrects an issue where mailto links were double-encoded, breaking the ability to include more than one option in the query string.
Also the detection of email addresses in topics is significantly improved and is much closer to the Email address specification in RFC:5322 and the mailto URL specifications in RFC:3696.
---+++ Password Authentication enhancements [[%BUGS%/Item9164][Item9164]] and [[%BUGS%/Item10962][Item10962]]
The <nop>PasswordManager <code>Foswiki::Users::HtpasswdUser</code> has been enhanced with an <nop>AutoDetect mode to detect the format of the stored password and to validate old passwords using the stored form instead of the encoding configured in <code>{Htpasswd}{Encoding}</code>. Enable this new feature by setting the configuration parameter <code>{Htpasswd}{AutoDetect}</code> to enabled.
* With this change, it is now possible to migrate to an alternate password Encoding without invalidating existing user passwords.
* The performance of <code>HtpasswdUser.pm</code> has been improved by up to 30% with large <code>.htpasswd</code> files
* A new encryption mode - <code>apache-md5</code> has been added. This official Apache variation on MD5 encoding is compatible with the passwords generated by the <code>htpasswd -m</code> command.
* The encoding previously labeled <code>md5</code> has been renamed to <code>htdigest-md5</code> and is compatible with the encoding generated by the Apache <code>htdigest</code> command. The config setting will be modified by a config checker the first time you run configure after upgrade. It is recommended to save your configuration.
* Note that it is also now possible to modify the <code>{AuthRealm}</code> setting without invalidating existing passwords.
* Cross-platform compatibility issues between Linux, Apple OSX and MS Windows have been resolved and <code>.htpasswd</code> files should be portable regardless of the selected encoding.
* The <code>Crypt::PasswdMD5</code> CPAN module is required for the <code>apache-md5</code> encoding, as well as for better cross-platform compatibility.
<blockquote class="foswikiHelp">%X% Note: It is *strongly* recommended that sites using the old default "crypt" encoding migrate to a stronger method. The crypt method truncates passwords at 8 characters and silently discards the rest. For the highest security, choose htdigest-md5 encoding with Apache htdigest authentication. If using Template authentication, if possible use a SSL client connection - HTTPS.</blockquote>
---+++ Changes to User Registration topics [[%BUGS%/Item1539][Item1539]]
The URL parameters passed in from User Registration were previously still prefixed with =Twk=. This has been changed to =Fwk= to be consistent with Foswiki naming conventions. Note however that backwards compatbility has been
maintained and either prefix can still be used, so it is not required to update customized User Registration topics.
---+++ Changes to Foswiki Logging - [[%BUGS%/Item10637][Item10637]], [[%BUGS%/Item11157][Item11157]]
A new Logging method has been added: =Foswiki::Logger::PlainFile::Obfuscating=. If this module is chosen as the Logger, IP addresses by default will be replace with a pseudo-address derived
from a MD5 hash of the original address. This is provided for use in regulatory domains where systems are not permitted to track IP addresses of
users.
* An Expert parameter is provided to use a mask (=x.x.x.x=) instead of the hashed IP address where absolute anonymity is required.
* Note that AUTHENTICATION FAILURE messages are never obfuscated. This permits tools like =fail2ban= to be used to block penetration attempts.
---+++ Major JQuery changes
* Foswiki has been updated to include JQuery 1.7.1, and this is now the default version of JQuery. After installing Foswiki 1.1.4, be sure to visit =bin/configure= and verify that the JQuery Plugin is configured to use this version.
* The JQuery Autocomplete plugin has been replaced by the *incompatible* JQueryUI Autocomplete widget. If your site has implemented forms using the old version of Autocomplete, they will not work until converted to the new API. See http://foswiki.org/Support/JQueryMigrationGuide
* The JQuery Textboxtlist plugin has been updated with an incompatible version. See the above referenced !JQueryMigrationGuide for details.
* The JQuery Chili syntax highlighting plugin is incompatible with Firefox 7 and Safari Rev. 6-17-2011.
---+++ Changes to Store
Foswiki has improved handling of files that are modified outside of Foswiki's control. Topic changes made by external programs may cause unexpected results. The following behaviour is expected:
* If a topic is modified (file revision date of file is newer than the date of the =.txt,v= file):
* The TOPICINFO metadata stored with the topic textfile is ignored.
* Modified by is reported as =UnknownUser=
* Modified timestamp is the file timestamp
* Revision number is 1 greater than the last revision known to RCS.
* Topic comment is =pending=, indicating there are changes not yet checked into RCS.
* The *next change* to the topic under Foswiki control will record the external changes into RCS, and create a new revision for the changes saved in this iteration.
* If a topic rcs =.txt,v= file is newer than the topic file
* The TOPICINFO is trusted
* This avoids unnecessary overhead by the RCS system.
* If a topic is modified externally and checked into RCS outside of Foswiki control, it is very important to generate a valid TOPICINFO line or the data reported by Foswiki will be incorrect.
Note that Foswiki also now requires that the %META:TOPICINFO be the first line of the file.
---+++ Changes to SpreadSheetPlugin
Several SpreadSheetPlugin functions were found to provide inconsistent results when cells contained leading spaces. Leading/trailing spaces are part of cell formatting and should be uniformly stripped when extracting data from cells.
* LEFTSTRING position of first character would vary.
* LISTUNIQUE would fail to eliminate duplicate entries due to leading or trailing spaces.
Changes were made in the code that extracts cell data to uniformly remove leading and trailng spaces. This change may require changes to spreadsheet formula if they had been adjusted to accommodate these spaces. Unit tests have also been added to better detect inconsistencies and improve the quality of this plugin.
Also the SpreadSheetPlugin was synchronized with features added to the TWiki version of the plugin. This added the following functions:
* =SPLIT( separator, text )= -- split a string into a list.
* =HEXENCODE= and =HEXDECODE= -- Encode and decode a string to/from printable hex.
* =XOR( list )= Logical XOR of integers in a list.
* =BITXOR( list )= -- Bitwise XOR of integers in a list.
* =BITXOR( string )= -- Bitwise NOT operation on the string.
* =LISTNONEMPTY( list )= -- Remove all empty elements from a list
* =WHILE( condition, do )= -- Repeat the "do" function while the "condition" remains true.
* isodate formats -- ISO 8601 week support.
* DOY -- Day of Year dates: DOYyyyy.ddd for example to specify the ddd day of yyyy
---+++ Changes to JSCalendarContrib.
The changes to JSCalendarContrib made post 1.1.3, and released in JSCalendarContrib version 1.4.x have been reverted. The changes attempted to make dates stored in the formfields format per the requested JSCalendarContrib format. However it was incompatible with alternative date formats that were not understood by the core Foswiki time code.
JSCalendarContrib saves dates in whatever format is set in the configuration ={JSCalendarContrib}{format}=. If the format is changed, Foswiki makes no attempt to change the displayed format of existing dates. The format can be updated by re-selecting the date using the calendar display.
---++ Important changes in Foswiki 1.1.3
---+++ SEARCHDEFAULTTTYPE restored
The default search type used in the WebSearch page was not carried forward from 1.0. to 1.1. This option has been restored in 1.1.4, with some changes:
* It only applies to the WebSearch and WebSearchAdvanced. On Foswiki 1.0 it also applied to the =%SEARCH= macro.
* The (ignored) default in DefaultPreferences is =keyword=, but on 1.1, WebSearch defaulted to =word=
* WebSearchAdvanced had a hardcoded default of =word= on both 1.0 and 1.1. This is changed to use the SEARCHDEFAULTTTYPE setting.
* The historical mis-spelling =(SEARCHDEFAULT<b>T</b>TYPE)= is preserved.
| *Migration* | ==%SEARCH== | ==WebSearch== | ==WebSearchAdvanced== |
| 1.0 to <= 1.1.3 | Default type is =word=, configuration setting no longer used. | Type =word=, not configurable. | No change |
| 1.0 to 1.1.4 | Default type is =word=, configuration setting no longer used. | No Change | Default type changes from =word= to configured =%<nop>SEARCHDEFAULTTTYPE% (%SEARCHDEFAULTTTYPE%)= |
| 1.1.x to 1.1.4 | No Change | Default changes from =word= to configured =%SEARCHDEFAULTTTYPE% (%SEARCHDEFAULTTTYPE%= | Default type changes from =word= to configured =%<nop>SEARCHDEFAULTTTYPE% (%SEARCHDEFAULTTTYPE%)= |
---++ Important Changes in Foswiki 1.1.2
---+++ Changes to %<nop>GROUPS% and %<nop>GROUPINFO% Macros
See %BUGS%/Item10176. On releases prior to Foswiki 1.1.3 it was possible that the GROUP related macros could expose User WikiNames that would be hidden from the currently autenticated user. This has been changed, and if the current user does not have VIEW authority for the user's topic, then the user will not be shown as a group member. See the new FAQHiddenUsersAndGroups topic for more information.
---+++ JQueryPlugin update to jQuery 1.4.3
On releases prior to Foswiki 1.1.3, JQueryPlugin shipped with jQuery 1.3.2 enabled. It now uses 1.4.3, and some Foswiki javascript will no longer work correclty with 1.3.2 and earlier. As a result, upgraders will need to
1 set ={JQueryVersion}= in [[%SCRIPTURLPATH{"configure"}%#JQueryPlugin$Extensions][configure]] under Extensions -> JQueryPlugin to =1.4.4=
1 [[UpgradeGuide#ManagingBrowserCache][Clear browser cache]]
1 test non-default plugins and any custom jQuery javascript code for compatibility with jQuery 1.4.3.
---+++ Improved handling of legacy logging format
Foswiki 1.1 changed the logging format and the default location of the log files. See below for more information.
As of 1.1.3, if any of the 1.0 Debug, Warning or Log filenames are found, the "compatibility" logger will be used regardless of the =Implementation= setting.
---++ Important changes in Foswiki 1.1.0
Foswiki 1.1 has many improvements that end users as well as administrators will appreciate. In addition Foswiki 1.1 comes with a lot of "under the hood" improvements to the core code, with the goal of making it easier to plug in work from other projects, such as jQuery, !KinoSearch, Solr and others. Work has been made to improve the definition of internal APIs to allow other not-yet-written modules, such as store implementations, to plug in. Most of these modifications should be invisible to the end user and the admin, but are important to position Foswiki for the next generation of improvements. Here is a list of the most important enhancements in Foswiki 1.1.0
---+++!! Adoption of the jQuery Javascript user interface framework
Since Foswiki 1.1, the industry-standard [[http://jquery.com][jQuery Javascript user interface framework]] has been more closely integrated; the existing !JQueryPlugin is included into the core distribution. Reflecting the move to jQuery, the !BehaviourContrib has been removed from the core distribution; it is still available for download from Foswiki.org. The default !PatternSkin now depends on this jQuery framework.
Also added are the new [[VarADDTOZONE][ADDTOZONE]] and [[VarRENDERZONE][RENDERZONE]] macros that manage dependencies between Javascript modules, making use of this sophisticated toolset much easier. See Foswiki:Development.UpdatingExtensionsScriptZone on how to replace [[VarADDTOHEAD][ADDTOHEAD]] usage.
---++++!! New macros enabled by jQuery
* =BUTTON{"text" ...}= -- renders a nice button
* =TABPANE{...}=, =ENDTABPANE=, =TAB{"text" ...}=, =ENDTAB= -- tabpane widget
* =JQICON{"name" ...}= -- render an image
* =JQICONPATH{"name"}= -- render the urlpath to an image
* =JQPLUGINS{"plugins" ... }= -- display a summary of avaliable plugins
* =JQREQUIRE{"plugin, plugin, ... "}= -- enable a plugin on the current page
* =JQTHEME{"name" ...}= -- switch jQuery UI theme
* =POPUPWINDOW{"topic" ...}= -- opens a topic or url in a new window
See %SYSTEMWEB%.JQueryPlugin for details.
---+++!! Powerful new =QUERY= macro
A number of new features have been added with the goal of improving support for wiki applications. These include the powerful new =QUERY= macro, which:
* supports formatted access to formfields and other meta-data in topics using the same syntax as is used in =IF= and =SEARCH= statements,
* gives access to *all* meta-data, including that added by extensions,
* supports reporting values using JSON and other standards, simplifying the retrieval of meta-data for REST applications,
* replaces the =FORMFIELD= macro for most applications.
Use of the ="formfield"= parameter to the =META= macro has been deprecated (it is still available, but use is discouraged and it will be removed at some point in the future).
---+++!! Re-architecting of the SEARCH macro
To improve the speed, consistency and extendability of the most complex and important Macro, we've started to separate the generation of search results from the outputing of FormattedSearch. The most significant user facing improvements are speed and reliability changes - with many more unit tests written to ensure future compatibility.
---+++!! FORMAT macro
The extraction of the FormattedSearch system has made it possible to provide a Macro that allows users to render a list of topics into any =header=, =footer=, =format= style, using the same formatting controls as used by =[[VarSEARCH][SEARCH]]=. This macro will be further enhanced in future Foswiki releases and will play an increaingly important role as it is extended to format other types of object lists.
---+++!! %USERSWEB%.WikiGroups have add & remove user interface
!WikiGroups are now be edited using a much simpler HTML form.
For developers additional API's have been added to the Foswiki code to allow these Forms to also be used for non-Foswiki user and group backends.
With some configuration, Foswiki can also add users to groups on registration - either automatically, or allowing the users to select groups to join.
---+++!! TinyMCEPlugin updates
TinyMCEPlugin has been updated to the latest 3.3 release from Moxiecode. Additionally, several improvements to the Foswiki integration have been made, such as:
* Smarter attach dialogue
* Background autosave feature has been enabled (saves to local browser storage at 3 minute intervals)
* New context (right-click) menu:
* Set syntax highlighting classes on verbatim blocks
* table rows/columns may be duplicated, cells merged/split
* Customisation via the =TINYMCEPLUGIN_INIT= preference has been improved. [[TinyMCEPlugin#UpgradeFrom01x00][Read the upgrade advice]] if you are upgrading a Foswiki installation which uses a custom =TINYMCEPLUGIN_INIT= preference setting.
---+++!! Testing configuration variables in %IF
Prior to 1.1, =%<nop>IF= could be used to test the value of any configuration variable (those defined in =configure=). This represented a security risk, so now only those variables listed in ={AccessibleCFG}= may be accessed this way. Note that ={AccessibleCFG}= also controls which variables are visible in =%<nop>SEARCH{type="query"= and the new [[VarQUERY][QUERY]] macro.
---+++!! "Copy topic" now copies attachments
The "Copy Topic" function in "More topic actions" now copies attachments as well as the topic text and form.
---+++!! Tailoring of user registration made easier.
The topic %SYSTEMWEB%.UserRegistration has been enhanced so it now determines whether a custom user registration page exists in %USERSWEB%, and includes it if it does; otherwise it includes DefaultUserRegistration.
This means that your tailored version in %USERSWEB% web will not be overwritten by future upgrades.
You can create a custom version of the UserRegistration form by first copying the topic DefaultUserRegistration to !UserRegistration in %USERSWEB% web. This will ensure that your changes will remain intact next time you upgrade.
A couple of common fields are hidden from normal view to make the registration page as simple as possible. You can unhide those fields on the page by removing =EXCLUDED_= from the =INCLUDE= tags).
---+++!! Easy tailoring of reset/change password and change email forms
The topics %SYSTEMWEB%.ResetPassword and %SYSTEMWEB%.ChangePassword now only show the change forms when Foswiki is managing the passwords (the =configure= setting ={PasswordManager}= set to a manager that handles setting of passwords).
If the {PasswordManager} does not support password changing, the ChangePassword and ResetPassword topics will show a simple message. This message is defined iby the preference =CHANGEPASSWORDDISABLEDMESSAGE= in %SYSTEMWEB%.DefaultPreferences. You can redefine this setting by copying it to %USERSWEB%.SitePreferences and change it to include a link to the password management website of your organisation.
ChangeEmailAddress will now guide the user to define the email address in the user topic when the !PasswordManager does not handle hidden email addresses, so you should not need to tailor this topic any longer.
---+++!! TMPL:DEFs may now access previous (overridden) TMPL:DEF
SkinTemplates authors are often limited by the fact that =%<nop>TMPL:DEF{"something"}%= statements override whatever DEF may have previously existed in the SKIN path. Now, when overriding these DEFs, SkinTemplates authors may access the previous definition using the new =%<nop>TMPL:PREV%= template token.
---+++!! New Logging architecture and location for log files
The Foswiki logging architecture has been changed to make processing of the "current" logs easier, and the logs have been moved from the =data/= directory into =working/logs=. The configuration of the logging files have also been updated.
*If Foswiki detects the presence of the old logging configuration, it will continue to use the old files. =configure= will issue warnings about the deprecated settings.*
| *Foswiki 1.0.x* | *Foswiki 1.1.x* ||
| *Current & Prior* | *Current Month* | *Prior Months* |
| =foswiki-root/data/logYYYYMM= | =foswiki-root/working/logs/events.log= | =foswiki-root/working/logs/events.YYYYMM= |
| =foswiki-root/data/warnYYYYMM= | _warnings written to error log_ | n/a |
| =foswiki-root/data/error.log= | =foswiki-root/working/logs/error.log= | =foswiki-root/working/logs/error.YYYYMM= |
| =foswiki-root/data/debug.txt= | =foswiki-root/working/logs/debug.log= | =foswiki-root/working/logs/debug.YYYYMM= |
| =foswiki-root/data/configurationlog.txt= | =foswiki-root/working/logs/configure.log= | _The configuratiog log does not roll_ |
---++++!! Migration considerations
Foswiki provides two Logger implementations selectable in =configure=. =Foswiki::Logger::Plainfile= implements the new file naming conventions and locations. =Foswiki::Logger::Compatibility= uses the old locations and settings. The Compatibility logger is used if the old file locations are detected in the configuration.
The primary use of the logs by Foswiki is for generation of Statistics. If changing to the new logger ( *strongly recommended* ) it is best to get a full statistics refresh prior to migration. Copy / rename the log files into their new location using the above table as a guide. Manually edit =lib/LocalSite.cfg= to remove the obsolete parameters, and then run configure to verify the new settings.
---+++++!! Logging Configuration
The 1.0 configuration settings should be manually removed from !LocalSite.cfg, and configure then used to verify the new settings. If the 1.0 Warning filename is found, the "compatibility" logger will be used even if the PlainFile logger is selected.
<ul><li>As of Release 1.1.6, the Compatibility logger can be configured using the configure web interface. On extremely busy systems with very large log files, the Compaibility logger provides better performance at month end because it does not "rotate" the log files.
<li>Some very old (pre-Foswiki) Extensions write directly to Log File configured in =$Foswiki::cfg{LogFileName}=. Foswiki will attempt to set a reasonable default value to maintain backwards compatibility. It is recommended to configure this filename if you run old pre-Foswiki extensions that write directly to the log.
</ul>
<table>
<tr>
<td>
*Foswiki 1.0.x Defaults*
<verbatim>
$Foswiki::cfg{Log}{Implementation} = 'Foswiki::Logger::PlainFile';
$Foswiki::cfg{Log}{view} = 1;
$Foswiki::cfg{Log}{search} = 1;
$Foswiki::cfg{Log}{changes} = 1;
$Foswiki::cfg{Log}{rdiff} = 1;
$Foswiki::cfg{Log}{edit} = 1;
$Foswiki::cfg{Log}{save} = 1;
$Foswiki::cfg{Log}{upload} = 1;
$Foswiki::cfg{Log}{attach} = 1;
$Foswiki::cfg{Log}{rename} = 1;
$Foswiki::cfg{Log}{register} = 1;
$Foswiki::cfg{ConfigurationLogName} = 'foswiki-root/data/configurationlog.txt';
$Foswiki::cfg{DebugFileName} = 'foswiki-root/data/debug.txt';
$Foswiki::cfg{LogFileName} = 'foswiki-root/data/log%DATE%.txt';
$Foswiki::cfg{WarningFileName} = 'foswiki-root/data/warn%DATE%.txt';
</verbatim>
</td>
<td>
*Foswiki 1.1 Defaults*
<verbatim>
$Foswiki::cfg{Log}{Dir} = '$Foswiki::cfg{WorkingDir}/logs';
$Foswiki::cfg{Log}{Implementation} = 'Foswiki::Logger::PlainFile';
$Foswiki::cfg{Log}{Action} = {
'search' => 1,
'rest' => 1,
'viewfile' => 1,
'edit' => 1,
'register' => 1,
'save' => 1,
'rename' => 1,
'changes' => 1,
'view' => 1,
'rdiff' => 1,
'upload' => 1,
'attach' => 1
};
$Foswiki::cfg{DebugFileName} = '';
$Foswiki::cfg{LogFileName} = '';
$Foswiki::cfg{WarningFileName} = '';
</verbatim>
</td>
</tr>
</table>
---+++!! Logging of access failures
Configure and !TemplateLogin now log authentication failures to the event logs:
* =working/logs/configure.log=
* =working/logs/events.log=
It is possible to monitor these logs with a product like =fail2ban= which will set firewall filters due to excessive failures.
---+++!! =configure= user interface revamp
Also included in 1.1 is a major improvement to the =configure= user interface, that clarifies and simplifies setting configuration options.
---+++!! Configure file system checks
The configuration tool =bin/configure= now performs extensive checks of file system permissions. The pub and data directories are checked to verify that all data files match the requested default permissions of =755= for directories and =644= for data files. Files with excess permissions are reported as a warning. Files with insufficient permissions are noted as an error.
Because of prior inconsistencies in the files distributed with Foswiki and TWiki core and extensions, migration of older Foswiki or TWiki installs may see excessive errors reported by configure. You are recommended to correct the file system permissions.
---+++!! Newer modern icon set for Document Graphics
To celebrate our new look, project and momentum, Foswiki now has a new ICON set to update the one shipped for the last 10 years. Using the !FamFamFam icon set, augmented with icons from other leading graphic artists.
---+++ Table Plugin has been improved
HTML formatting has been replaced by pure CSS rendering. You can however enable inline markup HTML, in addition to the CSS markup, by setting the new parameter =inlinemarkup= to "on". This is useful if your users often copy/paste content of topics containing tables into HTML formatted emails or Office documents.
Sorting has been improved so the plugin can now better handle mix of formats and even empty cells.
---+++!1 Notes for extension authors
---++++!! API Enhancements
The following functions have been added to the =Foswiki::Func= API:
* =copyAttachment=
New parameters can be found on:
* =saveTopic= (=ignorepermissions=)
---++++!! Deprecated handlers
The following handlers have been deprecated (i.e. they are still available, but should not be used in new code and will be removed in a future release, so if you have been used them, you need to modify your code).
The =redirectCGIQueryHandler= plugin handler has been deprecated (it is still available, but should not be used in new code and will be removed in a future release, so if you have been used it, you need to modify your code). This handler assumed a level of interaction with the CGI handling process that is dangerous if misused, and severely limits the flexibility and optimisations available to the core.
The =beforeAttachmentSaveHandler= and =afterAttachmentSaveHandler= plugin handlers have been deprecated in favour of the newly-added =beforeUploadHandler= and =afterUploadHandler=. The new handlers operate on streams, and are more efficient as well as more secure.
Deprecated handlers will continue to work as documented in 1.1 and for the immediate future, but will be removed in a future release. Extension authors are strongly recommended to implement the new handlers as soon as possible.
---++++!! Deprecated Foswiki::Func functions
The =readTopicText= and =saveTopicText= functions have been deprecated. Use =readTopic= and =saveTopic= instead. Both =readTopic= and =saveTopic= have always been available in Foswiki (and its predecessor) and are a lot safer. Existing code can usually be modified to eliminate these deprecated functions without difficulty.
__Note:__ =readTopicText= had implicit access control checks. The replacement method, =readTopic= does not, so calling code must call =checkAccessPermission= explicitly.
---++++!! Refactored =Foswiki::Store= and new =Foswiki::Meta= functions
Access checking has been moved from Store up to the Meta and Func routines. This was done to improve perfomance of the Store backend and simplify implementation of different stores e.g. using databases.
Store was never part of the Foswiki or TWiki API. Extensions which violate this API and reference =Store::= functions directly could potentially have access that was previously blocked by Foswiki and/or may require other changes to be compatible with Foswiki 1.1.
Extension authors should first try to use the =Foswiki::Func= API. This is the preferred API. Pay careful attention to whether or not each =Func::= method verifies access control and use the =Foswiki::Func::checkAccessPermission= to verify access.
=Foswiki::Meta= should be used only if =Foswiki::Func= does not have a needed function. Note that =Foswiki::Meta= functions do not implicitly perform any access control checks. Callers of =Foswiki::Meta== should first use the =Foswiki::Meta::haveAccess= function to verify access for the planned actions. This was done by design to reduce repetitive access control checks and improve performance.
---++++!! Tainting
The Foswiki core now checks values used for web, topic and attachment names for 'taintedness' when =FOSWIKI_ASSERTS= are enabled. Tainted values are those that have been taken from user input (for example, from topic content or from form fields) without being validated. Such unchecked values are a large potential security hole, and the authors of plugins that manipulate topics or attachments need to check their plugins with Foswiki ASSERTs enabled. If you find a taint error, you can use the functions in =Foswiki::Sandbox= to validate them. For example, to validate a web name and a topic name, you would write:
<verbatim>
$validWebName = Foswiki::Sandbox::untaint(
$webName, \&Foswiki::Sandbox::validateWebName);
$validTopicName = Foswiki::Sandbox::untaint(
$topicName, \&Foswiki::Sandbox::validateWebName);
</verbatim>
If =$webName= is not a legal web name, then =$webName= will end up being undefined. Similarly for the topic name.
Note that values are only checked for taintedness when =FOSWIKI_ASSERTS= are enabled, so unless you run your Foswiki in this mode, you will never see the errors. To enable asserts, simply add the line:
<verbatim>
$ENV{FOSWIKI_ASSERTS} = 1;
</verbatim>
to your =bin/LocalLib.cfg=.
#Rel01x01x00Details
---++ Foswiki Release 1.1.0 Details
---+++!! Fixes
<noautolink>
| [[%BUGS%/Item134][Item134]] | VIEW_TEMPLATE not copied from template |
| [[%BUGS%/Item144][Item144]] | Installer doesn't handle dependency loops very well |
| [[%BUGS%/Item660][Item660]] | "Running from configure, disabling CPAN" message needs clarification/fix |
| [[%BUGS%/Item686][Item686]] | Add FLASHNOTE to default templates |
| [[%BUGS%/Item758][Item758]] | Raw view break Chinese characters in UTF-8 |
| [[%BUGS%/Item794][Item794]] | Information in %SYSTEMWEB%.ForceNewRevision is confusing |
| [[%BUGS%/Item817][Item817]] | Malformed header anchors if header contains non A-Za-z0-9_ characters - advanced solution |
| [[%BUGS%/Item935][Item935]] | Func::saveTopicText ignorepermissions is not working as advertised |
| [[%BUGS%/Item986][Item986]] | Authen::SASL required by Net::SMTP for authentication |
| [[%BUGS%/Item1075][Item1075]] | SEARCH summary wrong when text contains / |
| [[%BUGS%/Item1117][Item1117]] | Preference within verbatim breaks PreferencesPlugin |
| [[%BUGS%/Item1157][Item1157]] | Base tag should be self closing in pattern skin header |
| [[%BUGS%/Item1224][Item1224]] | Underscores in topic name with WebTopicCreator are not possible |
| [[%BUGS%/Item1228][Item1228]] | Sort table with IP adresses in column does not work |
| [[%BUGS%/Item1303][Item1303]] | Parser uninited var in concat errormessages filling my disk |
| [[%BUGS%/Item1378][Item1378]] | Popup-Window for new links in Rich-Text-Editor is too small. |
| [[%BUGS%/Item1383][Item1383]] | Plugin Topic PREFERENCES still used in core plugins |
| [[%BUGS%/Item1392][Item1392]] | (IE only) Cursor jumps to beginning unintendedly in WYSIWYG-editor |
| [[%BUGS%/Item1394][Item1394]] | %<nop>PINK% is converted in the Rich Text Editor |
| [[%BUGS%/Item1415][Item1415]] | Change _default.WebPreferences to limit access to AdminGroup only |
| [[%BUGS%/Item1417][Item1417]] | Getting below a table in the Rich Text Editor is difficult / Disturbing cursor movements. |
| [[%BUGS%/Item1448][Item1448]] | Change of the handling of unique anchor names in TOC |
| [[%BUGS%/Item1470][Item1470]] | Be consistent and change "raw edit" to "edit wiki text" |
| [[%BUGS%/Item1495][Item1495]] | Can't delete an attachment if the physical file is gone for some reason |
| [[%BUGS%/Item1513][Item1513]] | FoswikiSiteSkin does not preview properly from the %SYSTEMWEB%.SkinBrowser |
| [[%BUGS%/Item1529][Item1529]] | "Wiki text" button broken before topic text loaded |
| [[%BUGS%/Item1534][Item1534]] | Typewriter text icon stays shaded |
| [[%BUGS%/Item1548][Item1548]] | Wysiwyg warns against data loss when you save from Wiki text mode |
| [[%BUGS%/Item1591][Item1591]] | "LINKTOOLTIPINFO = on" causes apache error message about uninitialized value in Render.pm |
| [[%BUGS%/Item1603][Item1603]] | Subscribing to topics that are non-wikiwords can go horribly wrong |
| [[%BUGS%/Item1642][Item1642]] | Explicit links should be updated, even within noautolink blocks after move/rename |
| [[%BUGS%/Item1666][Item1666]] | Colour is lost when applied to bold text |
| [[%BUGS%/Item1667][Item1667]] | Edits to protected text insert unwanted sticky tags |
| [[%BUGS%/Item1698][Item1698]] | Distinguish browsers more accurately in the logs |
| [[%BUGS%/Item1702][Item1702]] | Be more informative about failed execution |
| [[%BUGS%/Item1705][Item1705]] | Ensure all uses of ListIterator have a 'use' or 'require' |
| [[%BUGS%/Item1735][Item1735]] | Copying a topic with attachments results in broken attachment links |
| [[%BUGS%/Item1770][Item1770]] | Protect other plugins' xml-like markup, including the tags |
| [[%BUGS%/Item1773][Item1773]] | SEARCH separator between last result and the footer is troublesome. |
| [[%BUGS%/Item1814][Item1814]] | ATTACHEDFILELINKFORMAT expands $name counter-intuitively |
| [[%BUGS%/Item1846][Item1846]] | %SYSTEMWEB%.Plugins has duplicated content, and is mostly bollocks anyway |
| [[%BUGS%/Item1855][Item1855]] | Internal Error on any operation when Foswiki::Logger implementation is set to none |
| [[%BUGS%/Item1865][Item1865]] | username= and password= no longer work for REST handlers |
| [[%BUGS%/Item1871][Item1871]] | Cannot disable registered tag handlers in rest handler or persistent environment |
| [[%BUGS%/Item1879][Item1879]] | "Rename" does not care about access rights |
| [[%BUGS%/Item1888][Item1888]] | PreferencesPlugin obfuscates web automatically |
| [[%BUGS%/Item1900][Item1900]] | The REST cgi script documentation is out of date. |
| [[%BUGS%/Item1902][Item1902]] | Wrong dependencies in PatternSkin |
| [[%BUGS%/Item1903][Item1903]] | Unprocessed TML in {MailerContrib}{EmailFilterIn} help text |
| [[%BUGS%/Item1904][Item1904]] | pre blocks truncated in TMCE in Firefox |
| [[%BUGS%/Item1905][Item1905]] | Deprecated handlers in WysiwygPlugin |
| [[%BUGS%/Item1920][Item1920]] | Add 'template' attribute to %SYSTEMWEB%.CommandAndCGIScripts#edit |
| [[%BUGS%/Item1942][Item1942]] | Plugin handlers for failed plugins called at startup |
| [[%BUGS%/Item1945][Item1945]] | CSRF uses relative location for redirect which violates HTTP specs |
| [[%BUGS%/Item1951][Item1951]] | "Debug" topic diff should treat topic text as preformatted |
| [[%BUGS%/Item1953][Item1953]] | Login manager generates an internal server error if the credentials can't be verified |
| [[%BUGS%/Item1972][Item1972]] | PatternSkin Still relying on Twiki plugins yielding bad requests from configure? |
| [[%BUGS%/Item1998][Item1998]] | Spreadsheet Plugin $RIGHT() is broken |
| [[%BUGS%/Item2031][Item2031]] | %SYSTEMWEB%.CommandAndCGIScript save docco may be out of date |
| [[%BUGS%/Item2032][Item2032]] | Can set topicparent to non-wikiwords |
| [[%BUGS%/Item2039][Item2039]] | TablePlugin: Create CSS only HTML |
| [[%BUGS%/Item2074][Item2074]] | Sticky and Literal tags within custom XML Tags disables TMCE |
| [[%BUGS%/Item2083][Item2083]] | Improve foswiki_redirect_cache solution |
| [[%BUGS%/Item2094][Item2094]] | WebRss contains Foswiki copyright |
| [[%BUGS%/Item2096][Item2096]] | Select form fields drop down box is not working for entries containing commas |
| [[%BUGS%/Item2125][Item2125]] | !TinyMCE attachment dialog confusing |
| [[%BUGS%/Item2170][Item2170]] | Document new registration data hash passed to registrationHandler |
| [[%BUGS%/Item2191][Item2191]] | Bulkregistration fails |
| [[%BUGS%/Item2192][Item2192]] | Cannot use a subweb as a template web to create a new web |
| [[%BUGS%/Item2200][Item2200]] | Inconsistencies in WysiwigPlugin Documentation and operation |
| [[%BUGS%/Item2221][Item2221]] | Language selection not saved to LocalSite |
| [[%BUGS%/Item2234][Item2234]] | Remove legacy inline javascript from the registration topic |
| [[%BUGS%/Item2254][Item2254]] | Fix to Item1798 introduces cursor problems for Moz browsers |
| [[%BUGS%/Item2259][Item2259]] | Anything inside HTML tag BIG gets discarded |
| [[%BUGS%/Item2264][Item2264]] | getScriptUrl treats zero as an empty string values |
| [[%BUGS%/Item2274][Item2274]] | Optimise query searches with a constant expression (such as "1") |
| [[%BUGS%/Item2299][Item2299]] | edit-save-rename restores an old version |
| [[%BUGS%/Item2311][Item2311]] | WysiwygPlugin not compatible with word-break character |
| [[%BUGS%/Item2333][Item2333]] | Configure reports a need to save things that have not changed |
| [[%BUGS%/Item2340][Item2340]] | METASEARCH - uses some very funky and untested bits of SEARCH, and the documentation is out of date |
| [[%BUGS%/Item2356][Item2356]] | QUERY and IF are a little un-intuitive for simple queries |
| [[%BUGS%/Item2367][Item2367]] | In a forced wiki link, if a url occurs within the "text" part, illegal html is generated |
| [[%BUGS%/Item2393][Item2393]] | Documentation of %SYSTEMWEB%.TemplateTopics don't mention the <code>STARTSECTION{type="expandvariables"}</code> feature |
| [[%BUGS%/Item2429][Item2429]] | Deprecate AllowInlineScript |
| [[%BUGS%/Item2465][Item2465]] | Documentation on Meta Data is incomplete |
| [[%BUGS%/Item2473][Item2473]] | Clarify that mailnotify should not be run as root |
| [[%BUGS%/Item2491][Item2491]] | Improve usability of registration page |
| [[%BUGS%/Item2496][Item2496]] | Handle exceptions thrown during initPlugin |
| [[%BUGS%/Item2508][Item2508]] | No way to escape macros in a query search |
| [[%BUGS%/Item2558][Item2558]] | Improve Skin Templates documentation |
| [[%BUGS%/Item2601][Item2601]] | Missing useless 'title' attribute in META:PREFERENCE takes foswiki down |
| [[%BUGS%/Item2605][Item2605]] | Unable to position cursor into an empty bullet list item |
| [[%BUGS%/Item2612][Item2612]] | Issues with beforeSaveAttachment plugin dispatch (trunk) |
| [[%BUGS%/Item2662][Item2662]] | We have bad breadcrumbs now because of the CategoryCategory topic used a parent |
| [[%BUGS%/Item2663][Item2663]] | Default groups on registration form |
| [[%BUGS%/Item2882][Item2882]] | More should not be an "oops" function |
| [[%BUGS%/Item3288][Item3288]] | Exclamation mark not parsed when form definition topic is read |
| [[%BUGS%/Item3521][Item3521]] | Configure does not present octal settings correctly |
| [[%BUGS%/Item4672][Item4672]] | Parent of topic is not shown correctly if topic name contains brackets |
| [[%BUGS%/Item4688][Item4688]] | Foswiki password, registration and login options should be correctly handled in the registration page, change password and reset password |
| [[%BUGS%/Item5163][Item5163]] | SpreadSheetPlugin causes table to misrender an empty row |
| [[%BUGS%/Item5221][Item5221]] | Wysiwyg tables, very difficult to get rid of paragraph html tags in table cell |
| [[%BUGS%/Item5253][Item5253]] | Cannot stop pages created with disallowed characters |
| [[%BUGS%/Item5278][Item5278]] | bin/configure install error messages going to Apache error log rather than browser |
| [[%BUGS%/Item5425][Item5425]] | Renaming does not take VIEW_TEMPLATE setting into account |
| [[%BUGS%/Item5473][Item5473]] | Initial value of {TemplatePath} should copy setting of {TemplateDir} |
| [[%BUGS%/Item5608][Item5608]] | =ScriptUrlPaths= is not documented |
| [[%BUGS%/Item5665][Item5665]] | Edit on topic where WYSIWYG is disabled returns wrong Help. |
| [[%BUGS%/Item5841][Item5841]] | Move topic changes non-wiki links |
| [[%BUGS%/Item5941][Item5941]] | =nofinalnewline= attribute in SEARCH not working |
| [[%BUGS%/Item5990][Item5990]] | WYSIWYG gives fatal error when saving UTF-8/Old editor works |
| [[%BUGS%/Item6011][Item6011]] | No notifications sent in a protected web |
| [[%BUGS%/Item6068][Item6068]] | WYSIWYG removes linebreaks from pre-tag |
| [[%BUGS%/Item8122][Item8122]] | Sorting does not work if headerrows > 1 |
| [[%BUGS%/Item8190][Item8190]] | Spurious whitespace prevents rendering of TML in first line |
| [[%BUGS%/Item8207][Item8207]] | TinyMCEPlugin has wrong DEPENDENCIES |
| [[%BUGS%/Item8235][Item8235]] | JSCalendarContrib package contains unknown object method "expandMacros" |
| [[%BUGS%/Item8270][Item8270]] | Attribute cellspacing not supported |
| [[%BUGS%/Item8274][Item8274]] | Wysiwyg merges two consecutive lists |
| [[%BUGS%/Item8298][Item8298]] | Stand-alone HTML -> TML conversion broken |
| [[%BUGS%/Item8395][Item8395]] | TablePlugin does not recognize 01 Jan 1970 (epoch 0) as a date |
| [[%BUGS%/Item8398][Item8398]] | Possible race writing .changes |
| [[%BUGS%/Item8413][Item8413]] | Chrome TinyMCE copy/paste spreadsheet bug |
| [[%BUGS%/Item8458][Item8458]] | Search cookbook is wrong |
| [[%BUGS%/Item8460][Item8460]] | .changes inaccurate |
| [[%BUGS%/Item8477][Item8477]] | Strikeone should warn users if they have have js turned off |
| [[%BUGS%/Item8503][Item8503]] | CSRF validation token consumed by mandatory field warning |
| [[%BUGS%/Item8568][Item8568]] | PatternSkin can not create Topic without WikiWord |
| [[%BUGS%/Item8573][Item8573]] | Fix TwistyPlugin dependencies |
| [[%BUGS%/Item8578][Item8578]] | name ~ 'Web*' query is pointlessly inefficient |
| [[%BUGS%/Item8596][Item8596]] | Short URLs can cause configure to break |
| [[%BUGS%/Item8608][Item8608]] | Log file failure must never be a fatal error |
| [[%BUGS%/Item8611][Item8611]] | A COMMENT gets applied again when a save is invoked from an afterSaveHandler |
| [[%BUGS%/Item8617][Item8617]] | WebStatistics total topic history hangs |
| [[%BUGS%/Item8623][Item8623]] | Include JQueryPlugin in 1.1 |
| [[%BUGS%/Item8640][Item8640]] | Multiple issues when installing Extensions with =bin/configure= |
| [[%BUGS%/Item8660][Item8660]] | Rewrite SearchHelp |
| [[%BUGS%/Item8669][Item8669]] | Move MAINWEB definition to Site Prefs so people can disable the compatibility plugin |
| [[%BUGS%/Item8682][Item8682]] | SEARCH summary is now more careful about removing '_' '=' and '*' characters - and will only do so if they are actually for the purpose of bold/italics. |
| [[%BUGS%/Item8694][Item8694]] | [<nop>[*formatting*]] in links is a little broken |
| [[%BUGS%/Item8699][Item8699]] | %SYSTEMWEB%.Contribs need a rewrite |
| [[%BUGS%/Item8700][Item8700]] | Sorting mixed data types gives unexpected results |
| [[%BUGS%/Item8722][Item8722]] | TablePlugin sorts dates alphabetically if some cells are empty |
| [[%BUGS%/Item8723][Item8723]] | Broken (?) Inclusion order of Skin Template Topics |
| [[%BUGS%/Item8745][Item8745]] | Cleaning up default user homepage |
| [[%BUGS%/Item8765][Item8765]] | "use base qw(Somepackage);" shall not be used |
| [[%BUGS%/Item8767][Item8767]] | Add <code>viewfile</code> to log-action possibilities |
| [[%BUGS%/Item8768][Item8768]] | Simplify search templates |
| [[%BUGS%/Item8773][Item8773]] | '$n$n' does not expand to two newlines |
| [[%BUGS%/Item8792][Item8792]] | pre/post install & uninstall routines not run when extension installed by bin/configure |
| [[%BUGS%/Item8793][Item8793]] | Indirectly setting corret parent for WikiUsers |
| [[%BUGS%/Item8800][Item8800]] | SEARCH date param seems to be broken |
| [[%BUGS%/Item8802][Item8802]] | Create meaningful settings for REGISTRATIONGROUPTYPE |
| [[%BUGS%/Item8809][Item8809]] | SEARCH newline $n does not work |
| [[%BUGS%/Item8811][Item8811]] | SEARCH search string translates .* to Index. Old cruft from Athens |
| [[%BUGS%/Item8818][Item8818]] | Deprecate horribly dangerous redirectCGIQueryHandler |
| [[%BUGS%/Item8827][Item8827]] | EditTemplates show up in the Create new topic list of TopicTemplates |
| [[%BUGS%/Item8829][Item8829]] | Integer index doesn't work for queries |
| [[%BUGS%/Item8832][Item8832]] | Developer Documentation is a list of unsorted topics |
| [[%BUGS%/Item8834][Item8834]] | Add Sort::Maker to CPAN libs |
| [[%BUGS%/Item8835][Item8835]] | Remove unused PatternSkinHeaderArt |
| [[%BUGS%/Item8836][Item8836]] | Convert Foswiki site skin to a PatternSkin theme |
| [[%BUGS%/Item8837][Item8837]] | Preserve CSS skin style as theme |
| [[%BUGS%/Item8838][Item8838]] | No "undefined" value in queries |
| [[%BUGS%/Item8846][Item8846]] | Warn about template errors that causes newlines after closing html tag |
| [[%BUGS%/Item8847][Item8847]] | Make sure that the 1.1 pattern skin works well on screens with a 1000 px width screen |
| [[%BUGS%/Item8857][Item8857]] | Normalise regex syntax |
| [[%BUGS%/Item8873][Item8873]] | Macros don't expand when used in topic preference settings |
| [[%BUGS%/Item8875][Item8875]] | Multiple issues with new Package.pm installer |
| [[%BUGS%/Item8884][Item8884]] | Deprecate template oopschangelanguage |
| [[%BUGS%/Item8905][Item8905]] | Document DIFFRENDERSTYLE in DefaultPreferences |
| [[%BUGS%/Item8913][Item8913]] | Calendar widget can't parse epoch seconds |
| [[%BUGS%/Item8924][Item8924]] | Support export of arbitrary Foswiki preferences to Javascript |
| [[%BUGS%/Item8925][Item8925]] | Strikeone setting is hidden in User Logins |
| [[%BUGS%/Item8930][Item8930]] | Use JQuery to fetch init variable |
| [[%BUGS%/Item8934][Item8934]] | Func::saveAttachment does not default the save date |
| [[%BUGS%/Item8936][Item8936]] | Incorrectly closed script tag markup |
| [[%BUGS%/Item8946][Item8946]] | configure does not handle an empty ScriptUrlPath '' well |
| [[%BUGS%/Item8960][Item8960]] | REPEAT tmpl system was also assumed in changes.tmpl - and even used the SEARCH tmpls to do it - implement search tmpl feature to fix it. |
| [[%BUGS%/Item8969][Item8969]] | Document ! in Regular Expression Docs |
| [[%BUGS%/Item8971][Item8971]] | Working copy versions are pure trouble |
| [[%BUGS%/Item8987][Item8987]] | TOPICLIST does not work on webs with NOSEARCHALL set |
| [[%BUGS%/Item9007][Item9007]] | Cleanup of core templates as a result of HTML validation tests |
| [[%BUGS%/Item9030][Item9030]] | TwistyPlugin hides twisty content in print |
| [[%BUGS%/Item9031][Item9031]] | COSMETIC -- core files at least should have coherent structure |
| [[%BUGS%/Item9041][Item9041]] | TWikiCompatibilityPlugin should fix links to system topics renamed in Foswiki |
| [[%BUGS%/Item9045][Item9045]] | Should we really allow the web server to fill in a 200 Status? |
| [[%BUGS%/Item9050][Item9050]] | Debugging support: add TRACE mode for templates |
| [[%BUGS%/Item9070][Item9070]] | Single quotes in INCLUDE causes crash |
| [[%BUGS%/Item9074][Item9074]] | Configure checkers for directories and files have multiple issues |
| [[%BUGS%/Item9079][Item9079]] | ListIterator considers an element that == '' to <em>not</em> be an element and skips it. |
| [[%BUGS%/Item9102][Item9102]] | configure tells me: "Error: Check path to twiki/lib and check that LocalSite.cfg is present and readable" |
| [[%BUGS%/Item9103][Item9103]] | Fix MSWindows problems shown up by the unit tests |
| [[%BUGS%/Item9114][Item9114]] | Strikeone broken on IE |
| [[%BUGS%/Item9130][Item9130]] | 'use bytes' causes a pregnant pause |
| [[%BUGS%/Item9140][Item9140]] | =Sandbox::sysCommand= template parsing |
| [[%BUGS%/Item9141][Item9141]] | URLPARAM encodes separator as well |
| [[%BUGS%/Item9147][Item9147]] | Generating multiple checked="checked" attributes rendering %SYSTEMWEB%.DataForms |
| [[%BUGS%/Item9148][Item9148]] | HTML2TML eats some br tags inside macros |
| [[%BUGS%/Item9155][Item9155]] | Fix foswiki integration since 3.3 upgrade |
| [[%BUGS%/Item9156][Item9156]] | MailerContribPlugin does not compile |
| [[%BUGS%/Item9157][Item9157]] | Default mail templates truncated |
| [[%BUGS%/Item9161][Item9161]] | Implement Development.SoftAsserts |
| [[%BUGS%/Item9168][Item9168]] | pseudo-install.pl code to look for test does not work on windows |
| [[%BUGS%/Item9170][Item9170]] | WYSIWYG-Editor (Tiny MCE) kills German Umlauts in certain circumstances |
| [[%BUGS%/Item9204][Item9204]] | !TinyMCE strips out 'type' arguments when pasting Foswiki macros from MS Word |
| [[%BUGS%/Item9207][Item9207]] | Attach.pm not including image size for some JPEG files |
| [[%BUGS%/Item9209][Item9209]] | Category topics in System web show SEARCH generated garbage |
| [[%BUGS%/Item9215][Item9215]] | upgrade_emails.pl errors |
| [[%BUGS%/Item9237][Item9237]] | Configure save results should appear on main configure dialog |
| [[%BUGS%/Item9256][Item9256]] | If ApacheHtpasswdUser is selected, tell the admin if there the Apache::Htpasswd module is missing.. |
| [[%BUGS%/Item9257][Item9257]] | There are configuration settings that are only saved second time through configure |
| [[%BUGS%/Item9261][Item9261]] | MailerContrib installs plugin into wrong directory |
| [[%BUGS%/Item9263][Item9263]] | !TinyMCE autosave breaks on IECollections' IE6 |
| [[%BUGS%/Item9265][Item9265]] | Intro and OS checking is SNAFU |
| [[%BUGS%/Item9269][Item9269]] | Standard escapes are applied too early in FORMFIELD |
| [[%BUGS%/Item9270][Item9270]] | configure checks for perl version inconsistent with documentation |
| [[%BUGS%/Item9271][Item9271]] | Check of script path for non-executable scripts s/b in ScriptDir checker |
| [[%BUGS%/Item9281][Item9281]] | Topic names containing regex characters break parent section of =more.tmpl= |
| [[%BUGS%/Item9282][Item9282]] | configure Extension repository needs UI and information update |
| [[%BUGS%/Item9287][Item9287]] | Edit Settings page does not show topics correctly if they are not perfect wikiwords |
| [[%BUGS%/Item9288][Item9288]] | Rename topic does not show topics correctly if they are not perfect wikiwords |
| [[%BUGS%/Item9291][Item9291]] | Webmaster email missing should be a configuration error |
| [[%BUGS%/Item9295][Item9295]] | Configure does not log failed password attempts |
| [[%BUGS%/Item9325][Item9325]] | Finnish translation |
| [[%BUGS%/Item9336][Item9336]] | Manage.pm seems to have a very odd idea of what a valid htmlColor is |
| [[%BUGS%/Item9348][Item9348]] | Now that we have disabled TWikiCompatibilityPlugin by default, the installer gets silly warning in configure |
| [[%BUGS%/Item9359][Item9359]] | manage script web creation fails to set preferences |
| [[%BUGS%/Item9372][Item9372]] | The documentation, that tells where the last-sent email timestamp is saved, needs to be updated. |