Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 most recent check-ins
2025-08-17
| ||
19:38 | Wrap the robot_restrict() JS check in an onload handler so that it won't run until the external resources (namely style.css) are loaded. ... (Leaf check-in: e5991efb68 user: stephan tags: trunk) | |
19:04 | Improvements to robot detection in the robot_restrict() function. ... (check-in: e5b00c610d user: drh tags: trunk) | |
19:02 | Obfuscation of the robot-test code. ... (Closed-Leaf check-in: 2fdd7ace52 user: drh tags: robotck-instant) | |
18:44 | Merge the robot tests from trunk with the new tests from this branch so that *all* the tests are run. ... (check-in: 95a57c637f user: drh tags: robotck-instant) | |
18:33 | Merge recent trunk enhancements into the robotck-instant branch. ... (check-in: dd11b563f4 user: drh tags: robotck-instant) | |
18:20 | Use the UserAgent value from the HTTP request header, rather than the client IP address, as the additional factor in the anonymous login cookie hash, since some client are on networks where their IP address can shift frequently. ... (check-in: 0693766805 user: drh tags: trunk) | |
17:47 | Because this new check is too fast to see the progress indicator, make the final result label more explicit. ... (check-in: b6cf0c2052 user: stephan tags: robotck-instant) | |
17:16 | Make anonymous cookies valid for 8 hours. Include the client IP address as part of the cookie hash, but do not display the client IP address within the text of the cookie. ... (check-in: 68da4784aa user: drh tags: trunk) | |
15:37 | Move the z-level style into default.css, in case the adversaries read inlined STYLE tags (which now, in hindsight, seems more likely to me). Change the HTTP result code from robot_proofofwork() to a non-200 code, the hope being that the adversaries will stop on a non-200 code. ... (check-in: c7ad43638d user: stephan tags: robotck-instant) | |
15:00 | Remove some dead code from /chat. ... (check-in: 144c5dbe00 user: stephan tags: trunk) | |
14:52 | Correct a mis-calculation of fontSize for /chat attachments which use the Embed checkbox. ... (check-in: e3f0dcc325 user: stephan tags: trunk) | |
13:21 | Add a comment explaining why document.body's z-level is explicitly set to 0. Remove some EOL whitespace. ... (check-in: 7c57a20ebd user: stephan tags: robotck-instant) | |
12:52 | Add (stash rename) to the changelog. ... (check-in: c834adb656 user: stephan tags: trunk) | |
12:50 | Add (stash rename) subcommand to change the label associated with a stash entry. ... (check-in: 1aaa6fc58d user: stephan tags: trunk) | |
12:29 | Fix the previous checkin to actually compute the work value. This slows it down by a tiny fraction of a second but it's still effectively instant. This calculation can be moved up a level into the C code to turn this back into an instant operation, but leaving it on the client seems like a reasonable choice. ... (check-in: c27cfa9f60 user: stephan tags: robotck-instant) | |
12:10 | An experiment in reducing the proof-of-work to a single operation. (This description is intentionally vague.) ... (check-in: b765e65267 user: stephan tags: robotck-instant) | |
2025-08-16
| ||
16:48 | Add a simple UI that allows any registered user (not "anonymous" or "nobody") to create access tokens. ... (check-in: 2a3d303124 user: drh tags: trunk) | |
15:54 | Change the name of the robot-test cookie to fossil-client-ok. Decode that cookie's meaning on the /cookies page. ... (check-in: dc2232c6bd user: drh tags: trunk) | |
14:44 | Cache the results of calling robot_restrict() so that subsequent calls are very fast. ... (check-in: 1bdda5d01d user: drh tags: trunk) | |
14:20 | Open up access to /test-robotck to all users. Clear the "Press OK to continue" from the screen when the Ok button is pressed, so that it does not linger for zip and tarball downloads. ... (check-in: 508d3cd98a user: drh tags: trunk) | |
13:59 | Improvements and simplifications to anti-robot defenses. ... (check-in: 16b33097fe user: drh tags: trunk) | |
13:57 | Improved anti-robot captcha. ... (Closed-Leaf check-in: 206089acd1 user: drh tags: robot-restrict-simplified) | |
10:10 | Correct the signature of an extern decl of fossil_strndup(), as reported in [forum:21ac5f59a0 | forum post 21ac5f59a0]. ... (check-in: d546932976 user: stephan tags: trunk) | |
00:36 | Add the "timelineX" tag to robot-restrict processing. Move /honeypot over to the captcha.c file and have it use the resources found there. ... (check-in: 54afc94ce0 user: drh tags: robot-restrict-simplified) | |
2025-08-15
| ||
23:46 | Convert the g.isHuman variable into g.isRobot. ... (check-in: 6422bca15d user: drh tags: robot-restrict-simplified) | |
23:18 | Simplifications to the logic that tries to keep robots out. ... (check-in: 02adced1c1 user: drh tags: robot-restrict-simplified) | |
19:58 | Add /zip and /tarball pages to the robot-squelch mechanism. ... (check-in: 661991aa62 user: drh tags: trunk) | |
19:07 | Add the "robot-squelch" defense against bot-nets. Still incomplete, but sufficient to hold off the latest attacks. ... (check-in: de66eeaab7 user: drh tags: trunk) | |
18:49 | Bug fix in the new cgi_is_qp() routine of the previous check-in. ... (Closed-Leaf check-in: ef57ecf260 user: drh tags: robot-squelch) | |
18:47 | Further improvements to the squelch captcha. ... (check-in: 055908da97 user: drh tags: robot-squelch) | |
16:21 | Slightly more sophisticated captcha. ... (check-in: a10e785dfb user: drh tags: robot-squelch) | |
15:11 | Merge trunk enhancements into the robot-squelch branch. ... (check-in: a46ffe0fb7 user: drh tags: robot-squelch) | |
15:06 | Add a really simple captcha - the user just has to press a button. ... (check-in: b3337295f1 user: drh tags: robot-squelch) | |
13:55 | Prototyping new defenses against bot-nets ... (check-in: 3f4885a983 user: drh tags: robot-squelch) | |
12:32 | Allow /xfer to service anonymous clones if they have any of the Clone, Zip, or Read permissions. This is a temporary measure, as described in the code's comments. ... (Closed-Leaf check-in: f9547c7c84 user: stephan tags: relaxed-clone-permissions) | |
05:10 | Update [6c8c93a5f7] to fix redirects to the captcha screen and set the keyboard focus to the password input field if there's no user ID input field. ... (check-in: b8731485b0 user: florian tags: trunk) | |
04:50 | Merge the revamped Copy Buttons. ... (check-in: 63712b631c user: florian tags: trunk) | |
2025-08-14
| ||
21:01 | The "/login?anon=2" page demonstrates the captcha even if the user is currently logged in. ... (check-in: e58112a4f3 user: drh tags: trunk) | |
19:35 | Improved captcha screen. Less clutter. Easier for first-time visitors to digest. ... (check-in: 6c8c93a5f7 user: drh tags: trunk) | |
12:46 | Reduce the timeout for anonymous logins to 1 hours. Add the IP address to the anonymous login cookie. ... (check-in: 60a9fac4e1 user: drh tags: trunk) | |
2025-08-13
| ||
15:48 | Allow the mimetype query parameter for non-CGI content in /ext. ... (check-in: 639b96b9ad user: drh tags: trunk) | |
2025-08-12
| ||
15:27 | Use equal horizontal spacing for normal and "flipped" Copy Buttons (where the latter are positioned after the text to be copied). The idea is for the buttons to be tied to "their" text without spaces in between, resulting in a somewhat narrower spacing to emphasize the connection, but to have normal HTML whitespace on the other side. ... (Closed-Leaf check-in: 2bc2f7249c user: florian tags: copybtn.js-responsive) | |
15:20 | Add some higher-specificity CSS declarations to prevent dark-mode skins from overriding the relevant styles of the Copy Button layout, so users don't need to sync their skin customizations with the changes on this branch. ... (check-in: b7f2c9f329 user: florian tags: copybtn.js-responsive) | |
15:04 | Revamp the Copy Buttons for a more responsive user experience. See the [branch/copybtn.js-responsive | wiki page linked to this branch] for more details. ... (check-in: 32c3a210c8 user: florian tags: copybtn.js-responsive) | |
2025-08-10
| ||
10:28 | Raise an error when trying to insert an unversioned file if the file size would cause the database row to exceed SQLITE_LIMIT_LENGTH. ... (check-in: c6265bb3a7 user: drh tags: trunk) | |
2025-08-07
| ||
19:46 | Add an assert() in a block which cannot happen. It survives 'reconstruct', so we can probably remove the block, but leaving it around for a while seems prudent. ... (check-in: 7d4af37f39 user: stephan tags: trunk) | |
2025-08-06
| ||
10:30 | Show numstat-style statistics in the 'Changes' section of /info and friends. ... (check-in: 18151a8615 user: danield tags: trunk) | |
06:29 | Fill in more help for fossil user whoami command. ... (Leaf check-in: aef4a2c023 user: brickviking tags: user-whoami) | |
2025-08-04
| ||
23:58 | Add a NULL check where a change from [4c3e1728e1b1a9cb] inadvertently changed the semantics from NULL=="" to NULL==NULL, triggering a null pointer deref via backlinks parsing. Triggered by rebuild when encountering a tag with no value. ... (check-in: 441264b759 user: stephan tags: trunk) | |
2025-08-03
| ||
22:47 | Attempt to augment the "attempt to write a readonly database" error from Fossil by listing all databases it is using that are read-only. ... (check-in: 0ea8703b60 user: drh tags: trunk) | |