Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
136 check-ins using file src/zip.c version 5df02ce80e
|
2023-10-30
| ||
| 17:59 | Create new branch named "code" ... (Leaf check-in: daeb874438 user: admiralcobb tags: code) | |
| 17:55 | Hi, this is the first commit made in the repository ... (Leaf check-in: 6ca729a8f8 user: admiralcobb tags: trunk) | |
|
2023-10-29
| ||
| 22:52 | Update the built-in SQLite to the first 3.44.0 release candidate, for testing. ... (check-in: e4d2c1d1fc user: drh tags: trunk) | |
| 22:20 | Replicated the server load aveage limit on the robot-defenses configuration page. ... (check-in: a72e9e181d user: drh tags: trunk) | |
| 19:19 | Fix typos in and otherwise improved the docs for the "fossil all set" command. ... (check-in: 67094bc299 user: drh tags: trunk) | |
|
2023-10-26
| ||
| 10:53 | Suppress compilation warnings for jimsh0 in autosetup-find-tclsh. OpenBSD compilation warnings (sprintf(), strcpy() and rand()) goes to stdout and ./configure then uses the warnings as part of the path to execute. ... (Leaf check-in: c8a1cfb62b user: preben tags: openbsd-jimsh0-warnings) | |
|
2023-10-25
| ||
| 14:52 | Let "fossil ui repo.fossil" use the web-browser setting, if set. ... (Leaf check-in: 559856437d user: preben tags: fossil-ui-web-browser) | |
| 12:52 | Clarity pass on the definition of "Project" in the glossary, removing redundancies and simplifying the illlustrative examples. Also clarified the purpose of the bullet points after each definition. ... (check-in: db6674638a user: wyoung tags: trunk) | |
| 12:19 | Fix the password reset request form so that it passes CSRF security tests. ... (check-in: ce8598b6c1 user: drh tags: trunk) | |
| 11:47 | Small tweaks to the gitusers doc ... (check-in: 3bfae2309c user: wyoung tags: trunk) | |
|
2023-10-24
| ||
| 20:53 | Remove stray JS console debug output. No functional changes. ... (check-in: 03bb48a3b9 user: stephan tags: trunk) | |
| 20:27 | Attempt to prevent forum FORM elements from a double-submit via stray double-clicks on the various submit buttons, as reported in [forum:6bd02466533aa131|forum post 6bd02466533aa131]. ... (check-in: 600f171306 user: stephan tags: trunk) | |
| 12:04 | Update the built-in SQLite to the first 3.44.0 beta, for testing. ... (check-in: 39bcd310e8 user: drh tags: trunk) | |
|
2023-10-23
| ||
| 10:44 | Remove all calls to sprintf() from makeheaders and mkversion in order to appease prudish compilers. ... (check-in: 8c7bf45096 user: drh tags: trunk) | |
| 10:21 | Update the built-in SQLite to the latest 3.44.0 alpha yet again. This time, also remember to include the "shell.c" source file from SQLite that includes the removal of an "sprintf()" call, thereby avoiding scary MacOS warnings. ... (check-in: 6ac015311e user: drh tags: trunk) | |
| 01:47 | Squished a potential null pointer dereference in th.c caught by ubsan. ... (check-in: 39cac07254 user: wyoung tags: trunk) | |
| 01:17 | Replaced a few sprintf() calls with sqlite3_snprintf() to squish warnings from Clang on macOS when configured with extra debugging. (These warnings don't normally appear.) There is one left in extsrc/shell.c which needs fixing upstream. ... (check-in: dfa41afeab user: wyoung tags: trunk) | |
| 00:56 | Reworked the handling of "./configure --with-zlib=FOO", yielding several benefits: * FOO can now point to both a flat directory as before or to a directory one level up with lib/ and include/ subdirs, as zlib installs to when configured with a --prefix, fixing an issue [forum:/forumpost/9c64b51d44 | reported on the forum]. * The old method would check the default paths before trying what you gave it, preventing local overrides when you know the platform version isn't what you want and you've built from source, then pointed Fossil at the replacement. It isn't always safe or advisable to remove the platform version in this case merely to get Fossil's configuration script to move on and obey your explicit directive. * The old method checked for the header and the library in a single step, resulting in unhelpful configure output, requiring that one dig through config.log to figure out what happened. ... (check-in: 9d0b52e2d2 user: tangent tags: trunk) | |
|
2023-10-22
| ||
| 23:46 | Update the built-in Fossil to a newer 3.44.0 alpha that fixes the 8-byte alignment problem with duplicated Expr objects, as well as other minor fixes. ... (check-in: 128e503031 user: drh tags: trunk) | |
|
2023-10-21
| ||
| 21:38 | Update the built-in SQLite to the first 3.44.0 alpha, for testing. ... (check-in: b0db6ddb5e user: drh tags: trunk) | |
|
2023-10-20
| ||
| 16:45 | For 'timeline --verbose' with some formatting options, display the list of changed files closer to the check-in info block. ... (check-in: 7e63c86e6b user: danield tags: trunk) | |
|
2023-10-18
| ||
| 12:14 | Rename policy setting for private merges to 'unpublished.' ... (Leaf check-in: f2322d9044 user: preben tags: warn-on-merging-private-branch) | |
|
2023-10-17
| ||
| 11:27 | Remove old warning-policy definition. ... (check-in: 1b010f0179 user: preben tags: warn-on-merging-private-branch) | |
|
2023-10-16
| ||
| 14:37 | Add warning-policy setting functionality. ... (check-in: af73acb2df user: preben tags: warn-on-merging-private-branch) | |
| 14:33 | Implement propagating settings that are sent to clients that pull. The warning-policy is used as example, but not yet applied. ... (check-in: f812fedc44 user: preben tags: warn-on-merging-private-branch) | |
|
2023-10-06
| ||
| 10:41 | Simplify handling of /dev/null with external diff commands in [fd359387ca], reveting to using existing temp file naming convention. Also avoids attempting to remove non-temporary files. ... (Leaf check-in: be3eb3b85d user: preben tags: diff-deleted-files) | |
|
2023-10-05
| ||
| 14:09 | With fossil commit -v, indicate added or deleted files in diff output, too. ... (check-in: 30559adbaf user: preben tags: diff-deleted-files) | |
| 13:26 | With external diff command, use /dev/null for added or deleted files. Implemented for Unix as I am unsure how Windows diff tools would deal with NUL. ... (check-in: fd359387ca user: preben tags: diff-deleted-files) | |
| 12:17 | After fossil rm, do not read content from disk with fossil diff. This way, fossil diff output reflects what would be committed. ... (check-in: e93797317d user: preben tags: diff-deleted-files) | |
| 11:57 | Consistently use /dev/null in diff output for added and deleted files. ... (check-in: 200dcdcd37 user: preben tags: diff-deleted-files) | |
|
2023-10-02
| ||
| 12:46 | Warn user of before merging private to public, or afterwards with --force. ... (check-in: f3fef43c2e user: preben tags: warn-on-merging-private-branch) | |
| 11:38 | Prompt user to publish artifacts when merging a private branch into a public branch. ... (check-in: c07679128e user: preben tags: warn-on-merging-private-branch) | |
|
2023-09-29
| ||
| 13:35 | merge in hash-admin-user-password ... (check-in: 593e801bdf user: preben tags: trunk) | |
| 13:35 | merge in fts-ticket-updates ... (check-in: c0d402fe81 user: preben tags: trunk) | |
| 13:35 | merge in fossil-settings-value-only ... (check-in: 0d4a31a9f5 user: preben tags: trunk) | |
| 13:35 | merge in find-options-last-arg-fix ... (check-in: ad0b5f0e2d user: preben tags: trunk) | |
| 13:33 | merge in filter-branch-ls-by-user ... (check-in: d6cdd955e1 user: preben tags: trunk) | |
| 12:53 | Fix self-registration bug created by the enhanced CSRF defense changes. ... (check-in: 6ae9941860 user: drh tags: trunk) | |
| 06:56 | Fixing the long opt broke final short option if expected argument is not present. ... (Leaf check-in: d8b23d71c9 user: preben tags: find-options-last-arg-fix) | |
|
2023-09-28
| ||
| 18:59 | Handle --opt=arg as final command line argument, discussed in [forum:a90b5ebd36f4c134]. ... (check-in: 9ac38481ec user: preben tags: find-options-last-arg-fix) | |
| 18:39 | Use verify_all_options() with fossil branch ls/lsh. ... (Leaf check-in: 34e0f6817a user: preben tags: filter-branch-ls-by-user) | |
| 17:58 | Fix find_option() error and badly type --users in argument test. ... (check-in: 119cc37ac5 user: preben tags: filter-branch-ls-by-user) | |
| 17:16 | Add branch ls --users to list users participating in branches. ... (check-in: 4615e2072a user: preben tags: filter-branch-ls-by-user) | |
| 14:15 | Update to the change log. ... (check-in: e3e28f43dc user: drh tags: trunk) | |
| 14:13 | Changing a setting to an empty string is now the same as unsetting that value, in most cases. Settings that are exceptions to the rule are marked with the "keep-empty" flag. Fix for the issue reported by [forum:/forumpost/a17b5fa51d607e3d|forum post a17b5fa51d607e3d]. ... (check-in: 1f6ae1efb4 user: drh tags: trunk) | |
| 14:08 | Minor tweaks to the hash color test page. ... (check-in: 19799565b7 user: drh tags: trunk) | |
| 13:51 | The "branch ls" command should flag private branches with -R. ... (check-in: 016f6c5ec5 user: drh tags: trunk) | |
| 13:43 | Remove an unnecessary while() loop. ... (check-in: 225abb37df user: drh tags: trunk) | |
| 13:38 | Mark closed leaves with an X on the timeline graph. ... (check-in: 57bea365a3 user: drh tags: trunk) | |
| 13:18 | branch ls should also flag private branches with -R. ... (Closed-Leaf check-in: fcb40ac931 user: preben tags: branch-ls-private-fix) | |
| 11:40 | Reword branch ls description for --self ... (check-in: d66ccf646e user: preben tags: filter-branch-ls-by-user) | |
| 10:42 | Filter branch ls output by user with check-ins on the branches. ... (check-in: d0f15a1b65 user: preben tags: filter-branch-ls-by-user) | |
|
2023-09-27
| ||
| 19:43 | Remove while(1) loop made redundant by [239b4c1362]. ... (Closed-Leaf check-in: f36e8886c0 user: preben tags: redundant-while-loop) | |
| 15:17 | Check-mark alternative for closed branches. ... (Closed-Leaf check-in: 62ab3a1d80 user: preben tags: indicate-closed-branches-in-timeline) | |
| 11:24 | Draw an X instead of a horizontal line. Uses SVG as attempts with characters differed wildly among browsers. ... (check-in: 63785bd911 user: preben tags: indicate-closed-branches-in-timeline) | |
| 05:28 | Make the horisontal line for lcosed leafes thinner. ... (check-in: 6c27f4136e user: preben tags: indicate-closed-branches-in-timeline) | |
|
2023-09-26
| ||
| 13:03 | Allow styling leaves of closed branches in /timeline. ... (check-in: e042be53cf user: preben tags: indicate-closed-branches-in-timeline) | |
| 11:04 | Update FTS when creating/updating tickets. Also avoids a stray row with rid 0. ... (Leaf check-in: fb5d53ec11 user: preben tags: fts-ticket-updates) | |
| 10:20 | Generate output at the end of get_stext_by_mimetype() instead of within conditional branches. ... (Leaf check-in: 3105a0c5c3 user: preben tags: search-wiki-titles) | |
| 10:18 | Allow searching for wiki page titles as discussed in [forum:31d8831c2d9809fa]. ... (check-in: e6b8cc9f71 user: preben tags: search-wiki-titles) | |
|
2023-09-25
| ||
| 15:47 | If the value of a setting is changed into an empty string, then unset it, except for the rare setting that has the new keep-empty property. ... (Closed-Leaf check-in: b9bbb8d7fd user: drh tags: unset-empty-settings) | |
|
2023-09-19
| ||
| 22:03 | Correction of simple typos in patch usage text. ... (check-in: 9b10bf4575 user: mgagnon tags: trunk) | |
| 11:59 | Fix formatting for the help text of the 'branch' command. ... (check-in: 132af984d0 user: danield tags: trunk) | |
| 11:41 | Improvements to documentation for the "patch" command. ... (check-in: 14ebbe9d99 user: drh tags: trunk) | |
| 11:31 | Improvements to help-text HTML formatting. ... (check-in: ccc780f552 user: drh tags: trunk) | |
| 11:19 | Updates to the change log. ... (check-in: 5afa42e4ec user: drh tags: trunk) | |
| 10:42 | Fix a harmless compiler warning in SQLite. This is a direct edit to the imported sqlite3.c file, which will be overwritten the next time we update SQLite. But that's ok since the warning is fixed in the SQLite tree too. ... (check-in: ead5a95b47 user: drh tags: trunk) | |
|
2023-09-18
| ||
| 22:27 | Whitespace fix in previous ... (check-in: f8bec8f74c user: wyoung tags: trunk) | |
| 22:26 | Removal of the Tcl example in §5.5 of the containers doc left hanging references in the Python example in a few places. ... (check-in: 40e537e94d user: wyoung tags: trunk) | |
| 22:10 | Added §5.6 to the containers doc, "Email Alerts," explaining how to get email alerts out by use of the included tools/email-sender.tcl script and the "write mail to DB" feature since the default option (sendmail -ti) won't work by default and it wouldn't be appropriate to make it work besides. This then obviated the earlier half-baked advice on injecting a Tcl environment into the container; the essential point is adequately made by the Python example, so there is no point trying to rescue this plan. ... (check-in: 616a37f4f7 user: wyoung tags: trunk) | |
| 20:43 | Merge the CSRF-defense enhancements into trunk. ... (check-in: 920ace1739 user: drh tags: trunk) | |
| 17:13 | Omit the SameSite=strict specifier for the login cookie, since that prevents users from clicking a hyperlink on an email notification and then going directly to the relevant page and getting logged in. ... (Closed-Leaf check-in: fc5b49e990 user: drh tags: csrf-defense-enhancement) | |
| 15:36 | Set the "SameSite=strict" value on cookies (used for authentication) as a further defense-in-depth against CSRF attacks. ... (check-in: bc643c32f8 user: drh tags: csrf-defense-enhancement) | |
| 15:24 | Fix forum-post approval buttons so that they send the CSRF token. ... (check-in: bf9974cf8d user: drh tags: csrf-defense-enhancement) | |
| 15:10 | More intensive use of the Synchronizer Token Pattern for CSRF defense. ... (check-in: 0a66be2b75 user: drh tags: csrf-defense-enhancement) | |
| 14:32 | Strengthen CSRF requirements for the skin editor. ... (check-in: 6912636dc3 user: drh tags: csrf-defense-enhancement) | |
| 14:29 | Cleanup forms on the skin editor page. ... (check-in: 5feae3fd75 user: drh tags: csrf-defense-enhancement) | |
| 14:13 | Stronger CSRF token based on a SHA1 hash of the login cookie. ... (check-in: ff3746c4c2 user: drh tags: csrf-defense-enhancement) | |
| 13:18 | Try to simplify and rationalize the defenses against cross-site request forgery attacks. A hodgepodge of techniques have been used in the past. This changes attempts to make everything work more alike and to centralize CSRF defenses for easier auditing. ... (check-in: 88a402fe2a user: drh tags: csrf-defense-enhancement) | |
|
2023-09-14
| ||
| 08:25 | Add the ability for 'branch list' to filter the branches that have/have not been merged into the current branch. ... (check-in: 8ff63db2e6 user: danield tags: trunk) | |
| 08:04 | Update the built-in SQLite to version 3.43.1. ... (check-in: 1fea5c2ce9 user: danield tags: trunk) | |
|
2023-09-11
| ||
| 21:42 | Untangled some awkward grammar in the new doc section ... (check-in: 383f6d4f1a user: wyoung tags: trunk) | |
| 21:39 | Backed off on the strength of the disapprobation in the new "Converting Repositories on Windows" doc section, being both unnecessary and possibly wrong. ... (check-in: 3e464b0265 user: wyoung tags: trunk) | |
| 08:16 | Added the "Converting Repositories on Windows" section to the inout doc to cover a problem case involving PowerShell and to give solutions. ... (check-in: 19c347b460 user: wyoung tags: trunk) | |
|
2023-09-10
| ||
| 17:34 | Fix a bug in [1ef6499a9af8] which caused resolution of certain builtin symbolic names to not resolve. ... (check-in: 7faa1f4e23 user: stephan tags: trunk) | |
| 12:46 | Help text typo fix from [forum:987bf1b023|forum post 987bf1b023]. ... (check-in: 0fd4bde736 user: stephan tags: trunk) | |
|
2023-09-09
| ||
| 15:09 | Add missing mention of forum search in fts-config command. Reported in [forum:6eb7cec6aa|forum post 6eb7cec6aa]. ... (check-in: 71b591af26 user: stephan tags: trunk) | |
| 15:05 | Correct inability to use certain commands after doing (open --empty), as reported in [forum:04f86a038c|forum post 04f86a038c] and caused by [4d8c30265b]. ... (check-in: 1ef6499a9a user: stephan tags: trunk) | |
|
2023-09-08
| ||
| 11:43 | test-delta-apply help test fix reported in [forum:4c3f5658eb|forum post 4c3f5658eb]. ... (check-in: dd62094499 user: stephan tags: trunk) | |
|
2023-09-01
| ||
| 11:36 | Eliminate duplicate folders on the /dir page when using the Ardoise skin, caused by [32297dde2bee23] and reported by Martin G. in /chat. ... (check-in: dedfb13bf6 user: stephan tags: trunk) | |
| 05:48 | Eliminate duplicate folders on the /dir page when using the Blitz skin, caused by [32297dde2bee23] and reported by Martin G. in /chat. ... (check-in: b6bb4a62be user: stephan tags: trunk) | |
|
2023-08-31
| ||
| 12:20 | Show the complete CGI environment in the error log on a 418 hack attempt error. ... (check-in: 0204f4aab5 user: drh tags: trunk) | |
|
2023-08-30
| ||
| 19:42 | Improvements to the tools/codecheck1.c injection-attack static analyzer tool. ... (check-in: 2afff83e7e user: drh tags: trunk) | |
| 19:21 | Add new example pikchr to /pikchrshow. ... (check-in: ff1c48a9bf user: stephan tags: trunk) | |
|
2023-08-29
| ||
| 09:15 | On the /dir page, move the file/dir icons so that they are clickable, per request in [forum:65a3bd20f98980b2|forum post 65a3bd20f98980b2]. ... (check-in: 32297dde2b user: stephan tags: trunk) | |
|
2023-08-27
| ||
| 19:01 | On the /docdir page, omit the submenu and other page decorations. ... (check-in: 0313f0f90d user: drh tags: trunk) | |
| 18:42 | Add the /docdir page which is an alias for /dir with the "dx" query parameter. ... (check-in: 5d7e153ff7 user: drh tags: trunk) | |
| 18:15 | Add the "dx" query parameter to the "dir" page, which if present causes links to file to use /doc instead of /file. ... (check-in: d4d10c0165 user: drh tags: trunk) | |
|
2023-08-23
| ||
| 15:57 | New Pikchr that fixes text positioning on negative thickness lines. ... (check-in: 2bdd36e4ad user: drh tags: trunk) | |
| 15:36 | Update Pikchr to support zero-thickness objects. ... (check-in: 8ed25a31b4 user: drh tags: trunk) | |
|
2023-08-20
| ||
| 18:07 | Update the built-in zlib library to version 1.3. ... (check-in: f1f1d6c4eb user: drh tags: trunk) | |
| 10:00 | Carry forward [368d97869b] to the zlib 1.3 update. (The upstream ticket for [368d97869b] is commented as "Incorporated" and closed, see [https://github.com/madler/zlib/issues/684], but doesn't seem to have landed in the zlib release package.) ... (Closed-Leaf check-in: d8f4247b13 user: florian tags: zlib-update) | |
| 09:58 | Carry forward [0f8bae079e] to the zlib 1.3 update. ... (check-in: 65583e5b74 user: florian tags: zlib-update) | |
| 09:42 | Update the built-in zlib to version 1.3, released on August 18, 2023. According to check-ins [eea86cee3a] and [511ad59ae3], all files from the doc/ and contrib/ada/ subdirectories are excluded. ... (check-in: 97016e7e8a user: florian tags: zlib-update) | |
|
2023-08-18
| ||
| 14:15 | Update the built-in SQLite to the latest 3.43.0 beta for testing. ... (check-in: b5aa9f8ab4 user: drh tags: trunk) | |
| 13:03 | Added "unicode61" to search setup usage message ... (check-in: 9965e1d86f user: wyoung tags: trunk) | |
| 12:17 | Add fts-config tokenizer unicode61 option. Prompted by [forum:a4bfcff66548a1ff|forum post a4bfcff66548a1ff]. ... (check-in: e180dbb455 user: stephan tags: trunk) | |
|
2023-08-14
| ||
| 21:09 | Make sure the EmailEvent object is completely zeroed whenever it is allocated. ... (check-in: 33877fa50b user: drh tags: trunk) | |
|
2023-08-12
| ||
| 19:24 | Update the built-in Pikchr to fix the "same" operator flow-control bug reported on the Pikchr forum. ... (check-in: c21423eb69 user: drh tags: trunk) | |
| 12:24 | Update the built-in SQLite to the latest 3.43.0 beta for testing. ... (check-in: 16ee39539a user: drh tags: trunk) | |
|
2023-08-08
| ||
| 11:26 | Disable rc_reload in the example rc(8) script in the OpenBSD docs. Reloading is unsupported by Fossil such that 'rcctl reload fossil' kills the process. Suggested by James Cook: [forum:73520532dd]. ... (check-in: f0e1d0c958 user: mark tags: trunk) | |
|
2023-08-05
| ||
| 21:18 | Two new notification options: "n" means to be notified for new forum threads only and "r" means to be notified for forum posts that are a reply to a post made by the user. ... (check-in: d4361f6a94 user: drh tags: trunk) | |
| 17:40 | Disallow user-choosen UserIDs that begin with "anonymous" or other reserved names. ... (check-in: a7e9dd53ef user: drh tags: trunk) | |
| 16:55 | Fix a typo in a comment. ... (check-in: 19e6905cd2 user: drh tags: trunk) | |
| 16:09 | Minor wording changes on the /unsubscribe page. ... (check-in: 37f929e3ae user: drh tags: trunk) | |
|
2023-08-04
| ||
| 13:27 | Update the built-in SQLite to fix a bug in json_remove(). This probably does not affect Fossil, but better safe than sorry. ... (check-in: d3c850cf52 user: drh tags: trunk) | |
|
2023-08-03
| ||
| 14:34 | Remove an overly aggressive call to cgi_check_for_malice() on the /login page. ... (check-in: 57d3dbb11b user: drh tags: trunk) | |
| 12:23 | Update to the change log. ... (check-in: 928bac9934 user: drh tags: trunk) | |
| 11:50 | Update the built-in SQLite to the latest code from the SQLite trunk, as a beta test of SQLite. ... (check-in: 23cb537399 user: drh tags: trunk) | |
|
2023-07-31
| ||
| 15:20 | Update the stale metrics at the bottom of www/aboutdownload.wiki. ... (check-in: c9614f1b08 user: stephan tags: trunk) | |
|
2023-07-28
| ||
| 16:18 | Avoid a potential 32-bit integer overflow when doing a diff on large files with large differences. ... (check-in: 5882e9e878 user: drh tags: trunk) | |
|
2023-07-25
| ||
| 12:35 | Updates to the change log. Various spelling and grammar fixes. ... (check-in: e6569d3f63 user: danield tags: trunk) | |
|
2023-07-24
| ||
| 11:58 | Deal with two C++-style comments. No functional changes. ... (check-in: 99ab5cd8d6 user: danield tags: trunk) | |
|
2023-07-23
| ||
| 20:28 | Show file sizes the the treeview. Other file browser enhancements. ... (check-in: 73fe442a25 user: drh tags: trunk) | |
| 20:27 | Improved CSS for the size field of tree-view. ... (Closed-Leaf check-in: 06ab6d9c8b user: drh tags: filesize-listings) | |
| 19:57 | Use the files_of_checkin virtual table to generate the file listings on the /dir page, instead of a bunch of C code that was written before files_of_checkin was invented. ... (check-in: 15d9d5b097 user: drh tags: filesize-listings) | |
|
2023-07-22
| ||
| 14:29 | Add the option to sort files by size in the tree-view. ... (check-in: dedae5a123 user: drh tags: filesize-listings) | |
|
2023-07-21
| ||
| 23:02 | Display file sizes in /dir and /tree, as per request in [forum:2a0cd67e77|forum post 2a0cd67e77]. ... (check-in: fb0b7fe140 user: danield tags: filesize-listings) | |
|
2023-07-18
| ||
| 13:36 | Improved defense against denial-of-service caused by hackers pounding Fossil with repeated requests that contain SQL injection attempts. If SQL injection is attempted, return a "Begone, Knave!" page with status code 418. ... (check-in: 57f1e87254 user: drh tags: trunk) | |
|
2023-07-17
| ||
| 12:31 | Fix should have gone on the verify-options-cgi branch, not on trunk. ... (Closed-Leaf check-in: d276fd9b77 user: drh tags: verify-options-cgi) | |
| 12:18 | In /raw and /secureraw, ensure that the "m" and "at" vars are fetched before the malice check. Typo fix in cgi.c. ... (check-in: 83015b0d9a user: stephan tags: verify-options-cgi) | |
| 12:13 | Improvements to the algorithm for detecting likely SQL injection text. ... (check-in: 5d6efeee47 user: drh tags: verify-options-cgi) | |
| 11:44 | Improve the error log message for 418 responses so that it includes the name of the offending query parameter. Require whitespace around keywords when trying to detect SQL. ... (check-in: ef1702fde3 user: drh tags: verify-options-cgi) | |
|
2023-07-16
| ||
| 20:55 | Fix typo on the 418 status code name. ... (check-in: f39c878fe1 user: drh tags: verify-options-cgi) | |
| 20:47 | Add calls to cgi_check_for_malice() on many more web pages. Log all 418 responses to the error log. ... (check-in: 40266bf9b2 user: drh tags: verify-options-cgi) | |
| 10:35 | Rename verify_all_options_cgi() to cgi_check_for_malice(). Add more comments explaining what the function is intended for. Add calls to cgi_check_for_malice() to a few new webpages. ... (check-in: 5a8063a8cb user: drh tags: verify-options-cgi) | |