737c9dda302a

Update readme.
[view raw] [browse files]
author Chris Eldredge <chris.eldredge@gmail.com>
date Mon, 13 Aug 2012 18:33:19 +0100
parents 8659ef2c4757
children c4e554f545cb
branches/tags (none)
files ReadMe.markdown

Changes

diff -r 8659ef2c4757 -r 737c9dda302a ReadMe.markdown
--- a/ReadMe.markdown	Mon Aug 13 18:33:12 2012 +0100
+++ b/ReadMe.markdown	Mon Aug 13 18:33:19 2012 +0100
@@ -2,12 +2,14 @@
 ============================
 
 Similar to GitHub, this module looks for a file named ReadMe.md or
-ReadMe.markdown (case insensitive) in the "default" revision.
+ReadMe.markdown (case insensitive).
 
 A custom theme is provided that displays the formatted contents on the summary (index) view.
 
-In addition to showing formatted information on the summary view, this module enables any
-other markdown content to be rendered using the url pattern `/repo/markdown/changeid/WikiPage.md`.
+In addition to showing formatted information on the summary view, this module replaces
+the default `file` view for `.md` or `.markdown` files, enabling you to use the
+[WikiLinks](http://packages.python.org/Markdown/extensions/wikilinks.html) extension
+to support documentation split across several pages.
 
 ##Install##
 
@@ -20,6 +22,7 @@
 	[web]
 	templates = /example/hgext.markdown
 	style = markdown
+	markdown.changeid = tip     #optional; 'tip' is default value.
 	
 	[extensions]
 	hgext.markdown=/example/hgext.markdown
@@ -33,6 +36,10 @@
 
 ##Preview##
 
-You can preview changes before committing them by browsing to `/repo/markdown/_preview/ReadMe.markdown`.
-The `_preview` keyword makes this extension look for content in the working copy.
+You can preview changes in your working copy before committing them by browsing to e.g. `http://localhost:8000/preview/ReadMe.markdown`.
+
+##Security##
 
+This extension enables users with commit/push access to hgweb to create arbitrary html content that may be browsed by other users.
+At this time no attempt has been made to detect or prevent attacks such as cross-site scripting (xss) and other types of attacks.
+In general this extension should only be used if you trust all users with push access.