Introduction

Pre-installed Extensions

• Plugins: CommentPlugin, EditTablePlugin, EmptyPlugin, HeadlinesPlugin, InterwikiPlugin, PreferencesPlugin, RenderListPlugin, SlideShowPlugin, SmiliesPlugin, SpreadSheetPlugin, TablePlugin, TinyMCEPlugin, TWikiNetSkinPlugin, TwistyPlugin, WysiwygPlugin
• Contribs: BehaviourContrib, JSCalendarContrib, MailerContrib, TipsContrib, TWikiUserMappingContrib, TwistyContrib
• Skins: ClassicSkin, PatternSkin, TWikiNetSkin,

New Features Highlights

• Security Enhancements

• • S/MIME support to sign administrative e-mails
• Usability Enhancements
  • Replace question mark links with red-links to point to non-existing topics

• Enterprise Collaboration Enhancements
  • Pre-installed HeadlinesPlugin to show headline newsfeeds in TWiki topics
  • Pre-installed TWikiNetSkin, TWikiNetSkinPlugin for corporate look and feel
• Search Enhancements
  • Add footer parameter to Formatted Search
  • Add number of topics to Formatted Search
• Miscellaneous Feature Enhancements
  • Control over variable expansion at topic creation time
  • 17 new TWikiDocGraphics images
  • Include URL supports list of domains to exclude from proxy
  • Adding Korean language
• Plugin Enhancements
  • SpreadSheetPlugin: 5 new functions

See the full list of bug fixes at the bottom of this topic.

Deprecation Notices

The %MAINWEB% and %TWIKIWEB% variables have been deprecated. For compatibility reasons they are unlikely to ever be removed completely, but you should use the %USERSWEB% and %SYSTEMWEB% variables instead.

In Func getOopsUrl and permissionsSet have been declared deprecated. There is no plan to remove them yet.

TWiki-4.3.0 Minor Release - Details

TWiki-4.3.0 was built from SVN http://svn.twiki.org/svn/twiki/branches/TWikiRelease04x03 revision 17948 (2009-03-30)

Highlights

• Security:
  • Review code for robustness and security
  • Secure configure script with taint mode turned on
• Rendering:
  • %TOC% does not distinguish two headlines that have the same text
  • TablePlugin produces bad links for sorting when using "short" URLs
  • %SCRIPTSUFFIX% is added twice in %TOC% links
  • Incorrect Content-length breaks HTTP headers, a.o. pound fail results
  • TablePlugin: Date sorting is broken
  • Bullet lists in form fields are not rendered properly
  • TWiki Forms expand variables like $nop, $quote $percnt
  • TwistyPlugin: Twisty can't be placed in TWiki table cells
• Users and groups:
  • TWikiGroups shows all members twice
• Editing:
  • WysiwygPlugin: Bolding single character within a word introduces spaces around bolded character
• Miscellaneous:
  • configure's get more extensions does not work well without LWP
  • CommentPlugin: Lost data if it's targeted before/after a missing anchor
  • Plugin installation fails on windows: extender.pl line 684
  • Statistics script does not handle properly topics with special characters

Enhancements

Item3647	Usability: Control over variable expansion in topic templates
Item5025	InterwikiPlugin: Allow special characters in "Page" of Site:Page
Item6148	HeadlinesPlugin: Support for {PROXY}{HOST} and {PROXY}{PORT} configure settings
Item6176	Search: Add footer parameter to Formatted Search
Item6180	HeadlinesPlugin: Support for {PROXY}{SkipProxyForDomains} configure setting, USERAGENTNAME plugin setting
Item6184	Search: Add Number of Topics to Formatted Search
Item6189	Usability: Replace question mark links with red links to point to non-existing topics
Item6199	Enhancement: Add TWikiNetSkin to Distribution
Item6200	Enhancement: Add HeadlinesPlugin to Distribution
Item6222	SpreadSheetPlugin: New functions $EMPTY(), $INSERTSTRING(), $LEFTSTRING(), $RIGHTSTRING(), $SUBSTRING() functions
Item6226	Include: Specify a list of domains to exclude from proxy with {PROXY}{SkipProxyForDomains} setting
Item6227	Documentation: 17 new TWikiDocGraphics images
Item6228	Security: Option to send signed e-mail with S/MIME

Fixes

Item1607	%TOC% does not distinguish two headlines that have the same text
Item2525	TablePlugin produces bad links for sorting when using "short" URLs
Item4835	SpreadSheetPlugin: SUBSTITUTE error when text=old and replace is empty
Item5176	%SCRIPTSUFFIX% is added twice in %TOC% links
Item5471	SpreadSheetPlugin: The character 0 cannot be replaced using the REPLACE-funtion
Item5910	TablePlugin: %TOC% variable creates links with unecessary query string
Item5914	TWiki::Request::url() must support -rewrite, -absolute and -relative
Item5920	TWikiGroups shows all members twice
Item5939	Rogue <p /> below </html> on every topic in every web
Item5960	Incorrect Content-length breaks HTTP headers, a.o. pound fail results
Item5961	WysiwygPlugin: Bolding single character within a word introduces spaces around bolded character
Item5991	JSCalendarContrib: Does not work correctly in IE7
Item5994	Secure configure script with taint mode turned on
Item6005	EditTablePlugin: "label"-formatted cell changed in unexpected way
Item6022	%ENCODE{}% treats % as safe character
Item6026	With header format emtpy table is initialized with one column only
Item6031	TablePlugin: Date sorting is broken.
Item6041	TinyMCE bug with Firefox 3 and bulleted lists
Item6050	statistics script fails when cuid is not equal login name (as login name is what's in the log files...)
Item6054	TwistyPlugin: No longer possible to have a twisty on one line without linebreak
Item6060	configure's get more extensions does not work well without LWP
Item6061	TWiki::Func::getContext documention
Item6138	Bullet lists in form fields are not rendered properly
Item6163	CommentPlugin: Lost data if it's targeted before/after a missing anchor.
Item6167	TWiki Forms expand variables like $nop, $quote $percnt
Item6170	Plugin installation fails on windows: extender.pl line 684
Item6171	Per RFC 5321, single quote is allwed in e-mail addresses
Item6178	Statistics script does not handle properly topics with special characters
Item6185	Missing newline in Formatted Search if footer used
Item6186	Review code for robustness and security
Item6208	WebChanges does not work on Windows
Item6220	TwistyPlugin: Twisty can't be placed in TWiki table cells
Item6223	Users can't edit content in Main web

TWiki 4.3.1 Patch Release - Details

TWiki-4.3.1 was built from SVN http://svn.twiki.org/svn/twiki/branches/TWikiRelease04x03 revision 18054 (2009-04-29)

Highlights

• Security:
  • TWiki:Codev/SecurityAlert-CVE-2009-1339: A remote user may gain TWiki admin privileges with a specially crafted image tag. This cross-site request forgery vulnerability existed because TWiki allowed HTTP GET to save content.
• Usability:
  • Use of ISO format date promoted in this release
• Handling URLPARAM:
  • The handling of URLPARAM for empty or missing was corrected in this release.

Enhancements

Item6239	Fix TWIKIWEB to SYSTEMWEB, MAINWEB to USERSWEB
Item6254	Feature: Use ISO Date Format by Default

Fixes

Item5453	Value of "0" improperly handled in ENCODE variable
Item6232	Use of uninitialized value $1 in concatenation (.) or string at lib/TWiki.pm
Item6240	unhelpful error message when sysCommand fails
Item6243	URLPARAM "empty or missing"
Item6251	CSRF vulnerability CVE-2009-1339: Possible to gain TWiki admin privileges with a specially crafted image tag

<-- Note: Do not use TWikibug: interwiki links because interwiki rule might not be defined 

 Set BUGS = http://develop.twiki.org/~twiki4/cgi-bin/view/Bugs
 
-->