Re: Spurious unsafe include errors?

25 views
Skip to first unread message

Todd Zullinger

unread,
Jul 21, 2009, 8:59:04 AM7/21/09
to asci...@googlegroups.com
(Sorry for breaking the threading, but I can't convince googlegroups
to send me mail for this list even though I'm subscribed...)

Stuart Rackham wronte:
> Todd Zullinger wrote:
[...]
>> Fedora just updated to asciidoc-8.4.5 in rawhide and I'm having
>> trouble using it to build the git documentation. I get:
>>
>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11.css
>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-manpage.css
>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-quirks.css
[...]
>> Does anyone have suggestions on how to properly fix this?
>
> Thanks for your clear description of the problem Todd. Personally my
> "fix" would be to get rid of the --unsafe option altogether, it just
> gets in the way of the user and muddies the code. How many people out
> there actually find the --unsafe option useful?

I don't know the use cases enough to weigh in on that much. My
work-around for building git and some other asciidoc projects in
Fedora is to pass the --unsafe option. Maybe making that the default
would be a suitable compromise? A trivial patch to do so should be
attached, though I'm not certain if I've caught all the places that
need changed. I have used this patch to successfully build a number
of the Fedora packages that were failing with 8.4.5.

> I recently put this work-around in the FAQ:
> http://www.methods.co.nz/asciidoc/faq.html#_the_asciidoc_unsafe_option_is_a_pain_can_it_be_enabled_by_default

Heh, I should have checked that when I first noticed the errors. It
would have saved me some time.

>> (Incidentally, I think it might be worth calling os.path.normpath in
>> safe_filename() to strip out the ./ in /etc/asciidoc/./stylesheets.
>> Attached is a patch to do so. Feel free to use or not. :)
>
> I've added your patch (did it manually, the attachment was encrypted):
> http://hg.sharesource.org/asciidoc/rev/aae9af8655c7

That was my mistake. I sent the message without the patch attached.
The 'encrypted' part was just the PGP/MIME signature for the mail. :/

--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Thanks for a country where nobody is allowed to mind his own
business. Thanks for a nation of finks.
-- William S. Burroughs, A Thanksgiving Prayer

asciidoc-default-to-unsafe-mode.patch

Stuart Rackham

unread,
Aug 27, 2009, 2:24:23 AM8/27/09
to asci...@googlegroups.com
Todd Zullinger wrote:
> (Sorry for breaking the threading, but I can't convince googlegroups
> to send me mail for this list even though I'm subscribed...)
>
> Stuart Rackham wronte:
>> Todd Zullinger wrote:
> [...]
>>> Fedora just updated to asciidoc-8.4.5 in rawhide and I'm having
>>> trouble using it to build the git documentation. I get:
>>>
>>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11.css
>>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-manpage.css
>>> ERROR: unsafe: include file: /etc/asciidoc/./stylesheets/xhtml11-quirks.css
> [...]
>>> Does anyone have suggestions on how to properly fix this?
>> Thanks for your clear description of the problem Todd. Personally my
>> "fix" would be to get rid of the --unsafe option altogether, it just
>> gets in the way of the user and muddies the code. How many people out
>> there actually find the --unsafe option useful?
>
> I don't know the use cases enough to weigh in on that much. My
> work-around for building git and some other asciidoc projects in
> Fedora is to pass the --unsafe option. Maybe making that the default
> would be a suitable compromise? A trivial patch to do so should be
> attached, though I'm not certain if I've caught all the places that
> need changed. I have used this patch to successfully build a number
> of the Fedora packages that were failing with 8.4.5.

Thanks for the patch Todd, I think this is a good compromise, I've added
your patch (plus doc changes and holding on to the --unsafe option so I
don't break existing scripts) to the trunk.
http://hg.sharesource.org/asciidoc/rev/92ac91220443

Cheers, Stuart

Reply all
Reply to author
Forward
0 new messages