Changes between Version 11 and Version 12 of GenshiMacro
- Timestamp:
- Mar 25, 2017, 9:08:34 AM (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GenshiMacro
v11 v12 6 6 **Notice:** This plugin is deprecated in Trac 1.3.2 and later because Trac has switched from Genshi to Jinja2 as the template engine. The plugin will not function in Trac 1.5.1 and later. 7 7 8 This plugin has '''not''' been developed with security considerations in mind. '''Only enable this macro on sites where you trust *all* users who can edit *any*wiki text with the web server's account.'''8 This plugin has '''not''' been developed with security considerations in mind. '''Only enable this macro on sites where you trust //all// users who can edit //any// wiki text with the web server's account.''' 9 9 }}} 10 10 … … 19 19 Genshi templates allow executing arbitrary Python code. So you basically give users who can insert the macro anywhere (wiki page, ticket comment, etc) permission to act as the user running Trac, including running any shell command: 20 20 21 {{{ 21 {{{#!genshi 22 22 {{{#!Genshi 23 23 <div>${open('/etc/apache2/htpasswd').read()}</div> … … 25 25 }}} 26 26 27 {{{ 27 {{{#!genshi 28 28 {{{#!Genshi 29 29 <?python … … 67 67 == Example 68 68 69 {{{ 69 {{{#!genshi 70 70 71 {{{ 72 #!Genshi 71 {{{#!Genshi 73 72 <div xmlns:py="http://genshi.edgewall.org/"> 74 73 <py:choose> … … 93 92 }}} 94 93 95 == Recent Changes96 97 [[ChangeLog(genshimacro, 3)]]98 99 94 == Author/Contributors 100 95