Cookies op Tweakers

Tweakers maakt gebruik van cookies, onder andere om de website te analyseren, het gebruiksgemak te vergroten en advertenties te tonen. Door gebruik te maken van deze website, of door op 'Ga verder' te klikken, geef je toestemming voor het gebruik van cookies. Wil je meer informatie over cookies en hoe ze worden gebruikt, bekijk dan ons cookiebeleid.

Meer informatie

Door , , 11 reacties
Bron: MediaWiki, submitter: pbb

MediaWiki is een open source wiki-engine die gebruikt kan worden om content te creŽren en te beheren voor onder andere de websites van de Wikimedia Foundation, zoals Wikipedia, Wiktionary, Wikisource, Wikibooks en Wikiquote. Sinds enige dagen is versie 1.5.0 beschikbaar waar de ontwikkelaars druk aan gewerkt hebben. De aankondiging ziet er als volgt uit:

MediaWiki 1.5.0 is the new stable release branch of MediaWiki, and is recommended for all new installations.

Any wikis running a 1.5 beta or release candidate are strongly recommended to upgrade to the final release, which includes a number of bug fixes and a security fix for CSS bugs in Microsoft Internet Explorer.

What's new in 1.5?

Schema:
    The core table schema has changed significantly. This should make better use of the database's cache and disk I/O, and make significantly speed up rename and delete operations on pages with very long edit histories.

    Unfortunately this does mean upgrading a wiki of size from 1.4 will require some downtime for the schema restructuring, but future storage backend changes should be able to integrate into the new system more easily.
Permalinks:
    The current revision of a page now has a permanent 'oldid' number assigned immediately, and the id numbers are now preserved across deletion/undeletion. A permanent reference to the current revision of a page is now just a matter of going to the 'history' tab and copying the first link in the list.
Page move log:
    Renames of pages are now recorded in Special:Log and the page history. A handy revert link is available from the log for sysops.
Editing diff:
    Ever lost track of what you'd done so far during an edit? A 'Show diff' button on the edit page now makes it easy to remember.
Uploads:
    It's now possible to specify the final filename of an upload distinct from the original filename on your disk. An image link for a missing file will now take you straight to the upload page. More metadata is pre-extracted from uploaded images, which will ease pressure on disk or NFS volumes used to store images. EXIF metadata is displayed on the image description page if PHP is configured with the necessary module.

    If .svg files are added to the upload whitelist, you can choose to render them to rasterized .png images for inline display using one of several external helper programs. See DefaultSettings.php for SVG options.
User accounts:
    There are some changes to the user permissions system, with assignable groups. Note that this does *not* allow you to make pages which are only accessible to certain groups.
E-mail:
    User-to-user e-mail can now be restricted to require a mail-back confirmation first to reduce potential for abuse with false addresses. Updates to user talk pages and watchlist entries can optionally send e-mail notifications.
External hooks:
    A somewhat experimental interface for hooking in an external editor application is included.
And... A bunch of stuff we forgot to mention.

What's gone?

Latin-1:
    Wikis must now be encoded in Unicode UTF-8; this has been the default for some time, but some languages could optionally be installed in Latin-1 mode. This is no longer supported. You can check if your current wiki is in Latin-1 mode by using your browser's "view source"; look for a line like this:
    meta http-equiv="Content-Type" content="text/html; charset=utf-8"
    If it says charset=utf-8, you're ready. If it says charset=iso8859-1, you may need to convert your data. (English-language wikis avoiding any accented characters may be able to get away without conversion.)
MySQL 3.x:
    Some optimization hacks for MySQL 3.x have been removed as part of the schema clean-up (specifically, the inverse_timestamp fields). MediaWiki 1.5 may still run on 3.x, but wikis of non-trivial size should very seriously consider upgrading to a more modern release. MySQL 3.x support will probably be entirely dropped in the next major release.
Special:Maintenance
    These tools were, ironically enough, not really maintained. This special page has been removed; insofar as some of its pieces were useful and haven't already been supplanted by other special pages they should be rewritten in an efficient and safe manner in the future.
[break]Er is een beveiligingslek gevonden in de vorige versies van MediaWiki in verband met de afhandeling van CSS door Internet Explorer. Hiervoor zijn versie 1.4.11 en versie 1.3.17 uitgebracht met de volgende aankondiging:[/break]MediaWiki 1.3.17 and MediaWiki 1.4.11 are security maintenance releases. Unsafe handling of CSS by Microsoft Internet Explorer could be exploited to produce cross-site scripting attacks by JavaScript injection to clients running that browser.

These releases blacklists several additional variants from use in HTML inline style attributes.

All publicly accessible wikis are recommended to upgrade to reduce the risk to visitors using Microsoft web browsers.[break]De volgende downloads zijn beschikbaar:
* MediaWiki 1.5.0
* MediaWiki 1.4.11
* MediaWiki 1.3.17
Moderatie-faq Wijzig weergave

Reacties (11)

Ja, Internet Explorer ondersteunt JavaScript binnen Cascading Style Sheets... Helaas!

#myDiv {
left: expression(document.body.offsetWidth - 110 + "px");
}

Zie ook: http://msdn.microsoft.com...dhtml/overview/recalc.asp
Of nog leuker:
body {
background-image: url('javascript:alert("doei")');
}
Wat moet ik me voorstellen bij een beveiligslek wat gebruik maakt van CSS? IE kan veel, maar dat??
Cross Site Scripting ;)

[edit] hoewel deze wel wat schimmiger lijkt dan anders. Wellicht dat IE javascript toelaat in bepaalde stukken Cascaded Style Sheet handling...
Dan is het een fout in de post, want Cross Site Scripting duid je aan met de afkorting XSS.
bestaat er ook een programmaatje waarmee je wikipedia artikelen op kan vragen zonder naar de wikipedia site te hoeven gaan?
Als ik me niet vergis komt dat in nieuwe versies van KDE te zitten. Als je dus een Unix gebruikt, moet je bij KDE maar eens kijken en misschien staat er op SourceForge ook wel iets?
Zit al in 3.4.2 als ik me niet vergis!
Voor Mac OS X is er een Dashboard Widget die dat voor je kan doen.
Hey Cris; ik weet niet of je Mozilla gebruikt; maar ik kwam tijdens het surfen wel een leuke WikiPedia Extension tegen: http://wikipedia.mozdev.org/ :)

Op dit item kan niet meer gereageerd worden.



Apple iOS 10 Google Pixel Apple iPhone 7 Sony PlayStation VR AMD Radeon RX 480 4GB Battlefield 1 Google Android Nougat Watch Dogs 2

© 1998 - 2016 de Persgroep Online Services B.V. Tweakers vormt samen met o.a. Autotrack en Carsom.nl de Persgroep Online Services B.V. Hosting door True