Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
History of file src/cgi.c at check-in 8dbcf2acba6f00bd
|
2025-12-28
| ||
| 23:00 | Remove some more duplicates in comments. No functional changes. file: [e81ac4c3a0] check-in: [d83638e40e] user: danield branch: trunk, size: 96792 | |
|
2025-12-27
| ||
| 12:21 | Spelling fixes in docs/comments. file: [dcbfc91c37] check-in: [33d3bf3edb] user: km branch: trunk, size: 96800 | |
|
2025-12-23
| ||
| 16:06 | Assorted fixes of typos and grammar in code comments. No functional changes. file: [18964adbe8] check-in: [e2bdc10572] user: danield branch: trunk, size: 96797 | |
|
2025-12-19
| ||
| 10:11 | Alternative to the previous check-in that works without warning regardless of whether the native character type is signed or unsigned. file: [5647111f9d] check-in: [654fe05f4f] user: drh branch: trunk, size: 96799 | |
| 10:07 | Fix the security enhancment at [0c1419a466f2152b] so that it does not mistake multi-byte unicode characters as control characers. [forum:/forumpost/bfcf326231|Forum post bfcf326231]. file: [e9868df6e4] check-in: [82dc70d5ab] user: drh branch: trunk, size: 96751 | |
|
2025-12-17
| ||
| 16:06 | Squelch some harmless warnings from an overzealous clang on termux. file: [ba75bce369] check-in: [6b2cc46d25] user: danield branch: trunk, size: 96743 | |
|
2025-11-25
| ||
| 16:52 | Style changes only (remove tabs), no functional changes. file: [2428c9a944] check-in: [524a3fec65] user: andybradford branch: trunk, size: 96738 | |
|
2025-11-01
| ||
| 21:13 | Add the new "fossil system" command (expected to abbreviate to "fossil sys" with commands that are useful on unprovisioned Windows machines, such as "ls". The "fossil which" command is change to "fossil sys which". Still a work in progress. file: [595063f927] check-in: [27baef45ca] user: drh branch: system-cmd, size: 96717 | |
|
2025-10-17
| ||
| 14:49 | Only check the path again if the previous conditions are met. file: [06ec39178e] check-in: [ee445feef7] user: andybradford branch: trunk, size: 96940 | |
| 14:31 | When handling HTTP over SSH only strip the filename from the PATH for GET method as POST has a different mechanism for handling it. file: [fc7a9b5fe3] check-in: [7531b9452e] user: andybradford branch: trunk, size: 96934 | |
| 10:56 | Fixes to the previous check-in. file: [42b36191ca] check-in: [535e39bede] user: drh branch: get-command-directory, size: 96844 | |
| 04:53 | Correctly check for the end of the URI string and return an error if there is no more. file: [61fbf27e9e] check-in: [67a2350fcb] user: andybradford branch: get-command-directory, size: 96793 | |
| 03:41 | Have the new "fossil get" command work more like other SSH operations (e.g. sync, clone) by sending the complete URI. This enables "fossil get" to work with SSH servers which force the command to "fossil test-http /path" to restrict access to just Fossil repositories from a specific directory, without which Fossil returns 404. See problem discussion in [forum:/forumpost/7b3e0e0582525d3b|forum post 7b3e0e0582525d] for more details. file: [4dbfd15964] check-in: [6fc6874026] user: andybradford branch: get-command-directory, size: 96775 | |
|
2025-10-16
| ||
| 06:07 | Additional cleanup of the CGI handling when using SSH. Specifically the use of cgi_init() introduced some side-effects that caused Fossil to return errors when using ForceCommand to require "fossil http" interface. file: [3f602b6431] check-in: [088be210db] user: andybradford branch: trunk, size: 96583 | |
|
2025-10-15
| ||
| 21:33 | Fix CGI processing so that requests sent over SSH process query parameters. Add the --ssh-sim option to the test-http command (used to debug the previous). Harden the "fossil get" command so that it can checks filenames and does not write a file that is outside of the designated --dest. file: [ca79ae8a50] check-in: [9a76760178] user: drh branch: get-command, size: 97037 | |
|
2025-09-11
| ||
| 10:17 | Add a missing return in cgi_fread() for builds without FOSSIL_ENABLE_SSL. file: [6919bd51d2] check-in: [1cd8163045] user: stephan branch: trunk, size: 96911 | |
|
2025-09-04
| ||
| 12:00 | Fix compiler warning and improve performance in previous check-in. file: [0263f04537] check-in: [9d7c15d409] user: drh branch: trunk, size: 96879 | |
|
2025-09-02
| ||
| 22:10 | Allow the plus sign in MIME types again, needed for example in 'application/rss+xml'. file: [12390f1715] check-in: [639c040474] user: danield branch: trunk, size: 96896 | |
|
2025-09-01
| ||
| 15:37 | Reject all GET/COOKIE vars in which the values contain control characters. file: [20da6a35a0] check-in: [0c1419a466] user: stephan branch: trunk, size: 96879 | |
| 15:27 | An alternate approach to [ae8fc0e0b5e6] which instead rejects all GET and COOKIE values which, after decoding, contain any control characters. We have(?) no(?) use cases where control characters are legitimately needed for GET/COOKIE values. file: [8edaf8ff8b] check-in: [c61ae84cab] user: stephan branch: no-ctrl-chars, size: 96784 | |
| 14:15 | Primative validation of request-supplied mime-types. file: [8fbaa71bf0] check-in: [ae8fc0e0b5] user: drh branch: trunk, size: 96328 | |
|
2025-08-15
| ||
| 18:49 | Bug fix in the new cgi_is_qp() routine of the previous check-in. file: [023e3fcb4d] check-in: [ef57ecf260] user: drh branch: robot-squelch, size: 96233 | |
| 18:47 | Further improvements to the squelch captcha. file: [3a38d22d54] check-in: [055908da97] user: drh branch: robot-squelch, size: 96230 | |
|
2025-07-25
| ||
| 18:47 | Do not add the sync login cookie unless we know the remote supports it. It's harmless in that case but it doesn't need to be there. Rename the login cookie from the unweildy x-f-x-l (X-Fossil-Xfer-Login) to x-f-l-c (X-Fossil-Login-Card) because the former is unsightly. file: [f634c80020] check-in: [9789e1dce7] user: stephan branch: xfer-login-card, size: 95848 | |
|
2025-07-24
| ||
| 05:26 | Remove the now-obsolete parsing of the X-Fossil-Xfer-Login HTTP header. file: [0f338c753c] check-in: [8dbcf2acba] user: stephan branch: xfer-login-card, size: 95839 | |
| 05:10 | Use a Cookie, instead of a custom HTTP header and/or URL param, to send the sync login header, as suggested in [forum:9959d2d9d9be22d2 | forum post 9959d2d9d9be22d2]. This is simpler. file: [6adef4d7dc] check-in: [756ad2f23c] user: stephan branch: xfer-login-card, size: 96045 | |
| 03:16 | Previous checkin should not have compiled - clean rebuild uncovered a stale dep. Re-map the fLoginCardMode to a bitmask so that it's possible to tell when multiple paths toggle that on, and which paths they were. file: [14c563fa9e] check-in: [780d3b2fe3] user: stephan branch: xfer-login-card, size: 96194 | |
| 02:20 | Doc improvements and internal API renaming for clarity. No functional changes. file: [c43b1ed4e2] check-in: [286110dec0] user: stephan branch: xfer-login-card, size: 96186 | |
|
2025-07-23
| ||
| 23:31 | Remove some xfer login process debug output. file: [f672fa4e22] check-in: [815a84cbcc] user: stephan branch: xfer-login-card, size: 96257 | |
| 20:56 | Account for CGI-hosted fossil instances by sending the xfer login card as a URL argument. This is somewhat inelegant but works around their inability to read HTTP headers. This version is still more verbose than it needs to be, and requires more testing for compatibility with trunk fossil versions. file: [0470589576] check-in: [439af9348b] user: stephan branch: xfer-login-card, size: 96421 | |
| 17:39 | Add the x-fossil-xfer-login header check in one additional place. With the help of the included debug output, the login problem seems to be caused by CGI (only) instances not reading the inbound HTTP headers. My attempts to make it do have, so far, only triggered HTTP 500 responses. (Edit: i'd forgotten that CGIs don't get headers. The headers are necessarily consumed by the web server to find the CGI script and populate its environment.) file: [0ebd321edc] check-in: [6c900645ea] user: stephan branch: xfer-login-card, size: 95684 | |
|
2025-07-22
| ||
| 17:52 | Remove lots of debug output. Replace a couple of mprintf() with fossil_strdup() and a couple free() with fossil_free(). Milestone: libfossil has successfully logged in to this version of fossil. file: [dccb23e04f] check-in: [1078a123c1] user: stephan branch: xfer-login-card, size: 95554 | |
| 15:51 | Set g.syncInfo.bLoginCardHeader=1 if that inbound header is detected, rather than delaying it until the /xfer handling. Internal doc additions. file: [b91672d0ed] check-in: [4fc13c5c88] user: stephan branch: xfer-login-card, size: 95633 | |
| 15:12 | Get sync working from both login card forms and add a temporary --login-card-header CLI flag to force it to emit the HTTP header form of the card in output requests. If all is well, this checkin should be able to push to the canonical repo, despite their differences. file: [a65bc9447a] check-in: [042560df54] user: stephan branch: xfer-login-card, size: 95594 | |
|
2025-07-21
| ||
| 23:45 | Move the X-Fossil-Xfer-Login header check to the correct end of the connection. It is receiving these from libfossil tests but is failing to validate them, but that may well be a bug in that brand new downstream code. file: [31ef555301] check-in: [b49c9b3685] user: stephan branch: xfer-login-card, size: 95576 | |
|
2025-06-03
| ||
| 20:25 | Merge trunk file: [d0ebdd41b5] check-in: [db4e4b46c3] user: js branch: morphos, size: 95745 | |
|
2025-05-30
| ||
| 04:27 | Enclose ETag header values in double quotes. Suggested in [forum:/forumpost/70bacf5cf8|Forum Post 70bacf5cf8]. file: [56470ef734] check-in: [ad51cc61c6] user: florian branch: trunk, size: 95394 | |
|
2025-05-26
| ||
| 14:12 | Fix several minor typos in HTTP error messages and HTTP test commands. Remove the unavailable --debug option from the test-http command help screen. file: [a3f98318cf] check-in: [9cabc138da] user: florian branch: trunk, size: 95390 | |
|
2025-05-18
| ||
| 02:50 | Merge trunk file: [f19ddeee9d] check-in: [f993a870a1] user: js branch: morphos, size: 95740 | |
|
2025-05-02
| ||
| 11:31 | Fix a coding mistake on an error path in the HTTP server logic. Because the mistake is on an error path, it is actually harmless, but it needs to be fixed nevertheless. file: [257a65b6c3] check-in: [85067dc919] user: drh branch: trunk, size: 95389 | |
|
2025-04-22
| ||
| 01:10 | Initial incomplete port to MorphOS. Needs some manual overrides to compile and has some locking issues in SQLite. file: [6c239b3853] check-in: [66f279e143] user: js branch: morphos, size: 95740 | |
|
2025-04-18
| ||
| 12:23 | Rework the cgi_http_server() routine so that it uses two separate sockets, one each for IPv4 and IPv6. file: [29dcebc0e5] check-in: [945e0ae4eb] user: drh branch: trunk, size: 95389 | |
|
2025-04-17
| ||
| 15:08 | Rework server sockets to work around limitations in OpenBSD's socket implementation. See [forum:/forumpost/7f8d2afe4d8c0ad5|forum thread 7f8d2afe4d8c0ad5]. file: [03aeecd71f] check-in: [8dd05c52f5] user: drh branch: trunk, size: 93030 | |
|
2025-04-16
| ||
| 16:47 | Fix "fossil ui" so that it listens to both 127.0.0.1 and to [::1]. [forum:/forumpost/7f8d2afe4d|Forum post 7f8d2afe4d]. file: [5b07ea3d0b] check-in: [264250d670] user: drh branch: trunk, size: 92673 | |
| 14:31 | Fix [0eeaa6224cdbdbda] so that it compiles on Windows. [forum:/forumpost/3fc7aad2a3|Forum post 3fc7aad2a3]. file: [38b08eafdb] check-in: [ccb4168616] user: drh branch: trunk, size: 92650 | |
| 10:20 | Enhance the socket listener logic on unix so that it makes sure the IPV6_V6ONLY socket option is disabled, as we are told that this option is enabled by default on FreeBSD. file: [3bb5626238] check-in: [0eeaa6224c] user: drh branch: trunk, size: 92599 | |
|
2025-04-15
| ||
| 14:54 | For the "fossil ui remote:/" command, consistently use hardcoded IPv4 loopback addresses, to avoid inconsistent implementations of "localhost". Fix a bug in the error message output for the -P option. file: [40cefe95d0] check-in: [af78e282bb] user: drh branch: trunk, size: 92096 | |
| 14:13 | Fix the -P option on "fossil server" so that it once again accepts IPv4 notation while continuing to accept IPv6 notation. [forum:/forumpost/fe4abea393|Forum post fe4abea393]. file: [319788f66a] check-in: [77250c94b0] user: drh branch: trunk, size: 92094 | |
|
2025-04-11
| ||
| 13:01 | Fix "fossil server" so that it listens on both IPv4 and IPv6 on Unix. file: [1c04a36a98] check-in: [7ce8400d02] user: drh branch: trunk, size: 91322 | |
|
2025-04-04
| ||
| 10:58 | Change unconditional CGI redirects to be 301 Moved Permanently. file: [7e62d3c4c7] check-in: [33c1cfde9c] user: drh branch: trunk, size: 91123 | |
|
2025-04-01
| ||
| 12:16 | Add test-brotli command to get some basic compression measurements. Closing this branch, as brotli is simply too slow for what we want to do. file: [111036c89f] check-in: [f5b559af94] user: stephan branch: brotli-compress, size: 91655 | |
|
2025-03-31
| ||
| 21:04 | Replace cgi.c:is_gzippable() with is_compressible() and add support for brotli compression to its decision-making process. There's still a lot to do before we can actually emit brotli compression. file: [4bc388e292] check-in: [22e7b78dce] user: stephan branch: brotli-compress, size: 91651 | |
|
2025-03-30
| ||
| 23:11 | Slightly stronger detection of XSS attacks. Mostly this is rewording of comments to better explain how the anti-attack logic works. file: [739833c93d] check-in: [8612122f50] user: drh branch: trunk, size: 91010 | |
|
2025-03-28
| ||
| 17:15 | If compiled with -DFOSSIL_PENTEST and if "<BUG>" appears anywhere in HTML output, or if "BUG" appears anywhere in SQL, then a panic is generated. file: [40a1bae92b] check-in: [9ceb5ff869] user: drh branch: pentest, size: 91373 | |
|
2025-03-17
| ||
| 18:40 | Make sure the HTTP really was a POST before logging a "POST from different origin" warning. file: [7cc9486dfa] check-in: [2069259e58] user: drh branch: trunk, size: 90930 | |
| 13:16 | Write failed attempts to POST from a different origin into the error log. Add a new category to the error log filter for such messages. file: [2933fbfa0e] check-in: [2269ac697f] user: drh branch: trunk, size: 90883 | |
| 12:46 | Fix the cgi_same_origin() routine so that it is able to deal with HTTP-encoded REFERER strings in the request header. Probable fix for the problem reported at [forum:/forumpost/dc5baee6085eb590|forum post dc5baee6085]. file: [06dbdddf35] check-in: [3046c5e960] user: drh branch: trunk, size: 90620 | |
|
2025-01-13
| ||
| 10:19 | Fix a typo reported by [forum:/forumpost/4302325028|forum post 4302325028]. file: [b3b12af06b] check-in: [2ce7110567] user: drh branch: trunk, size: 90422 | |
|
2024-10-12
| ||
| 12:03 | Emit only \n, not \r\n, even in places where protocols technically require a full \r\n. Provide a compile-time option -DSEND_CR=1 that includes the CRs when necessary. file: [5f63e65aa2] check-in: [0dcce257b0] user: drh branch: omit-cr, size: 90445 | |
|
2024-08-27
| ||
| 11:06 | Move the file-specific definitions of the isatty() and fileno() macros into util.c's fossil_isatty() and fossil_fileno() in prep for an upcoming change which needs isatty(). file: [b791622afb] check-in: [898a70ce82] user: stephan branch: trunk, size: 90421 | |
|
2024-08-21
| ||
| 10:29 | Avoid deleting Unix socket files via atexit() from forked HTTP responses, as reported in [forum:11c9b27397|forum post 11c9b27397]. file: [a284c934cc] check-in: [e0236194d8] user: stephan branch: trunk, size: 90414 | |
|
2024-08-06
| ||
| 20:30 | Get --socket-owner working. file: [0aa599d2de] check-in: [efc7475e18] user: drh branch: unix-sockets, size: 90342 | |
| 15:00 | Change --unix-socket to --socket-name. Add --socket-mode and --socket-owner. Mostly working, accept that --socket-owner seemingly has no effect, even though the fchown() return 0. There is currently a debugging printf() in that line of code. This is an experimental check-in. file: [319142df69] check-in: [9f71e5cc02] user: drh branch: unix-sockets, size: 90076 | |
|
2024-08-05
| ||
| 20:23 | Add the --unix-socket option to the "fossil server" command. file: [0487999407] check-in: [7fc2902126] user: drh branch: trunk, size: 89170 | |
|
2024-07-27
| ||
| 17:28 | Simplified interaction on the honeypot. Humans can prove themselves with just two simple clicks when the auto-captcha setting is enabled. file: [27ec2f89fb] check-in: [0e675ad32c] user: drh branch: trunk, size: 87693 | |
| 10:20 | A redirect to the honeypot due to robot complex-request detection also sets the "fossil-goto" cookie with the original URL. If a real users proceeds to login, then a redirect to the complex-request occurs as soon as the login completes. file: [9a24dcb8dc] check-in: [aa4159f781] user: drh branch: trunk, size: 87695 | |
|
2024-07-26
| ||
| 17:49 | Add the complex-requests-from-robots limiter. file: [05b91bdbfa] check-in: [1a0b304307] user: drh branch: trunk, size: 87097 | |
|
2024-04-16
| ||
| 22:55 | Attempt to provide more useful error messages when an intermediate server (such as Apache) does something wrong and messes up an HTTP request. file: [a5a22e5368] check-in: [131ba0fa1b] user: drh branch: content-length-errors, size: 86777 | |
| 13:50 | Improvements to the /test_env page that can be used to help diagnose problems such as missing CONTENT_LENGTH CGI parameters. file: [d4ec40bf2f] check-in: [9c40ddbcd1] user: drh branch: trunk, size: 86052 | |
|
2024-04-12
| ||
| 14:44 | Add a null check in cgi_print_all() in the hope of helping to localize an elusive crash. file: [03236d1c73] check-in: [c62e25ab05] user: stephan branch: trunk, size: 86014 | |
|
2024-04-09
| ||
| 17:38 | Defend against undefined values in query parameters in the cgi_check_for_malice() routine. file: [3f940b52bf] check-in: [08df33aa4c] user: drh branch: trunk, size: 86001 | |
|
2024-02-23
| ||
| 15:24 | Add the "default-skin" setting which defines which built-in skin to use if no skin is otherwise specified. On the /skins page, show how the current skin is selected, if that is relevant. Add the /fdscookie page that shows just the "fossil_display_settings" cookie rather than all cookies. file: [2fe42bf4b0] check-in: [24e015de71] user: drh branch: trunk, size: 85952 | |
|
2024-02-02
| ||
| 22:18 | Remove trailing whitespace from non-external C files. file: [42b06a0a3b] check-in: [7db0a2d910] user: danield branch: fix-overlength-lines, size: 85916 | |
|
2023-09-18
| ||
| 17:13 | Omit the SameSite=strict specifier for the login cookie, since that prevents users from clicking a hyperlink on an email notification and then going directly to the relevant page and getting logged in. file: [27a190c0dd] check-in: [fc5b49e990] user: drh branch: csrf-defense-enhancement, size: 85935 | |
| 15:36 | Set the "SameSite=strict" value on cookies (used for authentication) as a further defense-in-depth against CSRF attacks. file: [e5d9bc3721] check-in: [bc643c32f8] user: drh branch: csrf-defense-enhancement, size: 85979 | |
| 13:18 | Try to simplify and rationalize the defenses against cross-site request forgery attacks. A hodgepodge of techniques have been used in the past. This changes attempts to make everything work more alike and to centralize CSRF defenses for easier auditing. file: [c2fbc76c58] check-in: [88a402fe2a] user: drh branch: csrf-defense-enhancement, size: 85975 | |
|
2023-08-31
| ||
| 12:20 | Show the complete CGI environment in the error log on a 418 hack attempt error. file: [51071cd397] check-in: [0204f4aab5] user: drh branch: trunk, size: 85382 | |
|
2023-07-17
| ||
| 12:18 | In /raw and /secureraw, ensure that the "m" and "at" vars are fetched before the malice check. Typo fix in cgi.c. file: [696c278961] check-in: [83015b0d9a] user: stephan branch: verify-options-cgi, size: 85052 | |
| 11:44 | Improve the error log message for 418 responses so that it includes the name of the offending query parameter. Require whitespace around keywords when trying to detect SQL. file: [9c29532f35] check-in: [ef1702fde3] user: drh branch: verify-options-cgi, size: 85059 | |
|
2023-07-16
| ||
| 20:55 | Fix typo on the 418 status code name. file: [260dfb6194] check-in: [f39c878fe1] user: drh branch: verify-options-cgi, size: 84978 | |
| 20:47 | Add calls to cgi_check_for_malice() on many more web pages. Log all 418 responses to the error log. file: [1a55dc575e] check-in: [40266bf9b2] user: drh branch: verify-options-cgi, size: 84983 | |
| 10:35 | Rename verify_all_options_cgi() to cgi_check_for_malice(). Add more comments explaining what the function is intended for. Add calls to cgi_check_for_malice() to a few new webpages. file: [5172c4d216] check-in: [5a8063a8cb] user: drh branch: verify-options-cgi, size: 84811 | |
|
2023-07-15
| ||
| 13:57 | Add verify_all_options_cgi(), which works similarly to verify_all_options() but only fails if it finds CGI GET/POST arguments which (A) have not been fetched via P(), PD(), or similar, and (B) fail cgi_value_spider_check(). Currently only applied on the /ci page. file: [ca2e8181e9] check-in: [a065940a74] user: stephan branch: verify-options-cgi, size: 83966 | |
|
2023-06-23
| ||
| 22:15 | Check-in [bdde964e06128a02] got the test for text/html exactly backwards. file: [3bf2a125e7] check-in: [c6115dbf83] user: drh branch: trunk, size: 83214 | |
|
2023-06-22
| ||
| 17:09 | Do not allow caching of generated HTML content, as such content will usually contain a nonce which ought not be repeated. file: [14fb643019] check-in: [bdde964e06] user: drh branch: trunk, size: 83214 | |
|
2023-06-12
| ||
| 09:20 | Correct previous check-in to fail fatally if the CSRF check fails. file: [84e0f118b7] check-in: [37dfb4c8d6] user: stephan branch: trunk, size: 83074 | |
|
2023-05-13
| ||
| 20:47 | Translate the Accept-Language HTTP header into the HTTP_ACCEPT_LANGUAGE CGI var. This part is missing from [7e77e29d1646]. file: [500f7b4dfb] check-in: [926a27c63b] user: stephan branch: trunk, size: 82491 | |
|
2023-05-10
| ||
| 18:40 | Removed all of the XML-style " />" tag closing markers on empty tags such as "hr", "br", and "input" to placate modern HTML5 validators. That's the doctype we declare, not XHTML, so we should conform. (Besides which, the XHTML dream is dead.) file: [86cd3a25a3] check-in: [f5482a0a79] user: wyoung branch: trunk, size: 82378 | |
|
2023-02-17
| ||
| 14:37 | A large collection of compiler warning fixes re. signed/unsigned comparison from Daniel D. file: [d7efb61ec4] check-in: [c71f711ec9] user: stephan branch: compiler-warnings, size: 82380 | |
|
2023-02-08
| ||
| 16:59 | Further improvements to the attack-spider detection mechanism. file: [bb9754f8b8] check-in: [eb7fad0cd3] user: drh branch: trunk, size: 82373 | |
| 16:41 | As a performance optimization, only do the SQL-injection detection for user "nobody". Improved comment on cgi_value_spider_check() to better explain what this subsystem is all about. file: [5baa19a379] check-in: [00ae2391e4] user: drh branch: trunk, size: 82373 | |
| 16:32 | Test command for the SQL-injection detection routine. Possible performance improvements as well. file: [2627b3909d] check-in: [d3cb62f767] user: drh branch: trunk, size: 81779 | |
|
2023-02-07
| ||
| 16:50 | Rename AntiSpider to NoBot, for brevity's sake. file: [bb71f5b44e] check-in: [fa27979805] user: stephan branch: trunk, size: 81667 | |
| 16:48 | Rename P_NoSQL and PD_NoSQL to P(D)_AntiSpider to make their intent clearer and the names more generic. file: [2cc88cd63f] check-in: [91d13592a7] user: stephan branch: trunk, size: 81677 | |
| 16:28 | Merge spider-sql-detection branch into trunk, per /chat discussion. file: [5679c77a9c] check-in: [534c10f6b8] user: stephan branch: trunk, size: 81667 | |
| 16:24 | Apply the spider SQL check to the diff URL argument of the /vdiff page. Improve some related docs. file: [3ed6b58497] check-in: [936c122ff9] user: stephan branch: spider-sql-detection, size: 81668 | |
| 16:18 | Inititial draft of an attempt to intercept certain SQL injection attacks recently seen made against fossil repos. Its effect can be seen by visiting: /vdiff?from=trunk&to=trunk&w=drop file: [63fee3780b] check-in: [61a608a2df] user: stephan branch: spider-sql-detection, size: 81650 | |
|
2023-01-16
| ||
| 15:37 | Roll back the part of [71a2d68a7a113e7c] which automatically updates the user display prefs cookie, per /chat discussion. Updating the cookie once again requires an explicit udc URL arg or setting the skin, which implies udc. This fixes the problem that a timeline link from the /reports page persistently sets the default timeline entry count to the value used by that report. file: [e5c46a8db1] check-in: [5feac63473] user: stephan branch: trunk, size: 80247 | |
|
2022-12-29
| ||
| 17:00 | Make the repository database read-only if an HTTP request is not from the same origin. This is not required for security. It is just an extra layer of defense. file: [1c0e6a8ec1] check-in: [7c71f00ac8] user: drh branch: trunk, size: 80029 | |
|
2022-06-08
| ||
| 07:54 | Added mimetype image/vnd.microsoft.icon to the is-compressible list, per forum feedback. Consolidated strncmp() vs fossil_strncmp() into fossil_strncmp() in cgi.c for consistency's sake. file: [f59d373ccd] check-in: [3652b4d6bb] user: stephan branch: pikchrshow-wasm, size: 79854 | |
| 07:36 | Based on discussions in [forum:f60dece061c364d1|forum thread f60dece061c364d1], (A) re-add the charset=utf-8 for text/* mimetypes, (B) extend the set of gzip-compressible mimetypes (e.g. JSON, wasm, tcl, tar), and (C) refactor (B)'s impl so that adding new types does not add a performance hit (it's faster now for most mimetypes). file: [eb27c44afb] check-in: [86db2d94c6] user: stephan branch: pikchrshow-wasm, size: 79691 | |
|
2022-06-06
| ||
| 15:51 | Remove the '; charset=utf-8' suffix from response Content-Type headers. That modifier is technically incorrect for many mimetypes, but wasm loaders are extra picky about it and refuse to load wasm files with the charset set. An attempt at porting over althttpd's solution for this same problem leads down a much deeper and far more invasive rabbit hole because how fossil handles/sets the response content type is more involved than in althttpd. file: [8a5e51e26f] check-in: [15e7b49ef3] user: stephan branch: content-type-no-charset, size: 78039 | |
|
2022-05-18
| ||
| 13:39 | Fix a typo in an error message. file: [22d2fac0ab] check-in: [3984c83848] user: drh branch: trunk, size: 78054 | |
|
2022-02-13
| ||
| 19:14 | Improved robustness in CGI variable parsing. file: [b10651443f] check-in: [b897350007] user: drh branch: cgi-compliance, size: 78055 | |
| 00:26 | Back out [5bb921dd0893a548]. It turns out that REQUEST_URI should have the query string appended. Make other changes to cgi.c to bring it into "compliance". "Compliance" is in quotes because rfc3875 does not define REQUEST_URI. That variable is really just by conveniention. But Apache and Nginx both append the query string, so we should too. file: [b29b6aad24] check-in: [fd1c9b090a] user: drh branch: cgi-compliance, size: 78174 | |
|
2022-02-11
| ||
| 21:25 | The REQUEST_URI CGI parameter should not include the QUERY_STRING. file: [5d3f474b2e] check-in: [5bb921dd08] user: drh branch: trunk, size: 77794 | |
|
2022-02-10
| ||
| 00:05 | Remove unused local variable from cgi_parse_POST_JSON() to fix a compiler warning. file: [23024a9ef2] check-in: [96bf76a4b1] user: george branch: trunk, size: 77794 | |
|
2022-01-28
| ||
| 14:51 | Swapped semantics of the new argument to ssl_read_server(), [forum:2f818850abb72719 | per forum discussion]. Adjacent doc touchups. file: [16898370c9] check-in: [9110662fd1] user: stephan branch: ssl-read-loops2, size: 77862 | |
| 05:51 | Another attempt to fix the SSL_read() loops on Windows. Not necessarily more elegant, but at least working around a well-defined problem, making the code easier to maintain. file: [c658a9f7e4] check-in: [4d8a71be8c] user: florian branch: ssl-read-loops2, size: 77863 | |
|
2022-01-26
| ||
| 14:00 | Check-in [acffc8f7858254eb] was causing "CGI content-length mismatch" errors on the main Fossil website (xinet.d->althttpd->Fossil). This check-in attempts to resolve the problem. (Edit:) *Not!* The error is still occurring, though at least now we have a better error message. The problem might have been in althttpd and fixed at https://sqlite.org/althttpd/info/fded041a3e9ce9b0. file: [17372f3d7f] check-in: [c5c7dd5ffb] user: drh branch: trunk, size: 77860 | |
|
2022-01-25
| ||
| 19:36 | Corrected parsing of /json-mode POST data in TLS mode. Extended /json/wiki/preview to support a mimetype option. file: [485c628194] check-in: [7f5877e843] user: stephan branch: trunk, size: 77885 | |
| 18:14 | ssl_read_server() now returns 0 on read error and lets the higher-level code deal with the short read. This might resolve the issue under discussion in [forum:/forumpost/2f818850abb72719 | forum post 2f818850abb72719]. file: [2c29bdd86c] check-in: [acffc8f785] user: stephan branch: trunk, size: 79339 | |
|
2022-01-09
| ||
| 10:15 | Refactored the QUERY_STRING initialization so that a redirect to the index-page when visiting the top of a repo can catch the skin URL parameter. file: [50fca2549b] check-in: [1b6ec17d59] user: stephan branch: trunk, size: 79262 | |
|
2021-12-26
| ||
| 21:50 | Fix the build on Windows and on builds that omit OpenSSL. Improved error messages. file: [388cc69669] check-in: [637516c447] user: drh branch: ssl-server, size: 78839 | |
| 20:53 | Add the (undocumented) --debug-nofork option to "fossil ui" and "fossil server", for use in debugging. file: [b794800148] check-in: [ed4a96d8ec] user: drh branch: ssl-server, size: 78792 | |
| 20:35 | Code is in place to do SSL servers. It compiles. But it does not work. This is an incremental check-in. file: [e69a81b991] check-in: [89af3b0a47] user: drh branch: ssl-server, size: 78631 | |
| 13:53 | Add hooks in the HTTP request decoder and reply generator that allow us to redirect traffic through an SSL codec. file: [c6f5c24832] check-in: [5674f776e9] user: drh branch: ssl-server, size: 78361 | |
| 13:11 | Some of the comments in cgi.c had become stale after years of evolution. Try to bring them up-to-date. file: [b829303121] check-in: [37ccaafddb] user: drh branch: trunk, size: 76594 | |
| 11:41 | Build the HTTP reply header in a Blob before sending it on the wire all at once. file: [aea6aec50e] check-in: [2ac4ab2b2f] user: drh branch: trunk, size: 73629 | |
|
2021-12-20
| ||
| 08:33 | Adds a content-length check after reading CGI stdin to ensure that we don't continue with a short read. Patch from Warren in /chat. file: [a45bba7c97] check-in: [7c49ab3881] user: stephan branch: content-length-patch, size: 73516 | |
|
2021-10-27
| ||
| 13:01 | Fix off-by-one error in cgi_iso8601_datestamp(). Add the test-date command for testing. file: [53239fff36] check-in: [6389c999ce] user: drh branch: trunk, size: 73439 | |
|
2021-07-12
| ||
| 13:26 | Timeline enhancements: (1) Add the "nc" query parameter which means to omit all graph colorations other than highlights from "m" or "m2". (2) Add the "m2=" query parameter for secondary highlight. (3) Undocumented sel1= and sel2= query parameters remain undocumented but are now aliases for the documented "m=" and "m2=" query parameters. file: [2329afc83a] check-in: [a3392298c3] user: drh branch: trunk, size: 73214 | |
|
2021-07-11
| ||
| 19:16 | Checked into the wrong branch... file: [22a68291e5] check-in: [005bba0650] user: drh branch: wrong-branch, size: 72751 | |
|
2021-03-25
| ||
| 01:32 | Reduce fossil_panic() calls to those indicating bugs and internal errors. Also clarify effects and purposes of fossil_fatal() vs. fossil_panic(). file: [275c601c28] check-in: [91a4652f22] user: larrybr branch: panic-reduction, size: 72739 | |
|
2021-03-02
| ||
| 15:01 | When skin=X query parameter is processed, if a param named 'once' is also set then apply the skin change but do not save it to the cookie, as per /chat discussion. The intent is mainly to facilitate the development of docs using both light- and dark-mode skins at the same time, which is somewhat painful when the cookie constantly gets overwritten. file: [c346671d25] check-in: [7db18bfe96] user: stephan branch: trunk, size: 72739 | |
| 07:11 | Skin selection is now stored in the user display prefs cookie and can be modified from any page by passing the skin=xyz URL parameter. Gets trumped by /draftX URI or --skin CLI flag or skin: CGI config setting. Removed /skn_XYZ URI handling. /skins page now uses the new mechanism for skin selection. UDC is now rendered on every page if it was modified during that request, regardless of the 'udc' URL parameter. See discussion at /forumpost/4d3a10c72a. file: [8f5c6cb699] check-in: [71a2d68a7a] user: stephan branch: skin-preference-cookie, size: 72725 | |
|
2021-02-08
| ||
| 17:29 | Enhance the /cookies webpage to show all cookies and give the user an opportunity to delete them. file: [a4cb358859] check-in: [7b00defa9d] user: drh branch: trunk, size: 72446 | |
|
2021-01-31
| ||
| 00:31 | Enhancements to CGI query parameter processing in an attempt to deal with the issue described at [forum:/forumpost/049e8650ed|forum post 049e8650ed]. At the same time, convert some mprintf() calls into fossil_strdup() for efficiency. file: [e928be6ba8] check-in: [140cb312ca] user: drh branch: trunk, size: 71989 | |
|
2021-01-03
| ||
| 16:40 | Use the "plunk" sound for audiable alert in chat. Back out the "ping" processing logic. file: [356f200317] check-in: [f2fcdbc505] user: drh branch: trunk, size: 71446 | |
|
2020-12-12
| ||
| 19:37 | Omit the TCP port from the SERVER_NAME environment variable for the "fossil ui" and "fossil server" commands. file: [97669d1050] check-in: [c728509f73] user: drh branch: trunk, size: 71439 | |
| 14:53 | In the previous check-in, REQUEST_SCHEMA should be REQUEST_SCHEME - with an "E" at the end, not an "A". file: [a44e6419a9] check-in: [282bdf0165] user: drh branch: trunk, size: 71371 | |
| 14:05 | Attempt to provide support for the REQUEST_SCHEMA and SERVER_NAME environment variables in CGI support. This is an alternative implementation of [0d72caae1592769e|check-in 0d72caae1592769e]. Discussion on [forum:/forumpost/cba707d7bd|forum thread cba707d7bd] and [forum:/forumpost/cb17013d06|cb17013d06]. file: [23fa5a1056] check-in: [f101e94da1] user: drh branch: trunk, size: 71371 | |
|
2020-08-27
| ||
| 12:34 | Do not assume that missing SCRIPT_NAME and PATH_INFO environment variables for CGI have a value which is an empty string. file: [9efe8767e9] check-in: [9601b6cfc7] user: drh branch: trunk, size: 71202 | |
|
2020-08-22
| ||
| 16:10 | More robust handling of missing CGI parameters. See discussion at forum thread e2e75f8aec. file: [f9029d6f7a] check-in: [d6f69343ca] user: drh branch: trunk, size: 71204 | |
|
2020-08-03
| ||
| 22:54 | Rearranged the order and conditional status of paths leading to ETag HTTP header generation to cause them to be generated in more cases. This improves caching in my testing, but it needs to be vetted before it can be merged down to trunk. The main risk is that it causes over-aggressive caching, resulting in stale data delivery. file: [bbc6bf7799] check-in: [bc0b20356a] user: wyoung branch: etag-always, size: 70299 | |
|
2020-07-29
| ||
| 16:15 | Removed the SameSite=strict cookie setting in order to rule out whether it is the cause for the login cookie not being submitted when reaching the site via a GMail-induced redirect. (Follow-up: that was indeed the problem. SameSite=strict cookies are not sent when they belong to a page which is the target of a redirect from another site.) file: [3b7729a6ba] check-in: [1ac2e7326b] user: stephan branch: trunk, size: 70291 | |
|
2020-07-26
| ||
| 20:10 | Removed the newly-added SameSite=strict cookie setting to test whether it is the cause of session-cookie login grief on my hoster. file: [18666e75b9] check-in: [80025e706d] user: stephan branch: login-session-cookie, size: 70281 | |
| 19:57 | Added "Remember me?" checkbox to login (default=on). Corrected cgi_set_cookie() to immediately expire the cookie for a negative lifetime (it was previously re-setting the cookie as a session cookie for that case). file: [6c77cc4c76] check-in: [32975aabe7] user: stephan branch: login-session-cookie, size: 70325 | |
|
2020-07-21
| ||
| 02:47 | Corrected [b2ac2183] to work with CGI directory-serving mode. Renamed the two JSON bootstrap routines to be more descriptive and made it a harmless no-op to call json_bootstrap_early() (formerly json_main_bootstrap()) multiple times in order to simplify some code. Several minor code style fixes in related code. file: [7fced43dc4] check-in: [e7f13b82b6] user: stephan branch: trunk, size: 70197 | |
|
2020-07-09
| ||
| 02:15 | Refactored [dd490d17be] into a separate routine and applied it to the POST parsing handler to fix problem reported at https://fossil-scm.org/forum/forumpost/f3e11f5629. file: [b59fc925f4] check-in: [23e138e808] user: stephan branch: trunk, size: 70192 | |
|
2020-06-12
| ||
| 20:57 | Another attempt to adjust JSON session lifecycle. file: [47369bb4b0] check-in: [a34c7b37f2] user: mistachkin branch: jsonTestsPass, size: 70235 | |
|
2020-06-11
| ||
| 23:55 | More fixes. file: [be49423400] check-in: [37089a5ed1] user: mistachkin branch: jsonTestsPass, size: 70801 | |
| 23:40 | Attempt to make JSON subsystem initialization work better. file: [737380f160] check-in: [920a64286d] user: mistachkin branch: jsonTestsPass, size: 70180 | |
|
2020-05-26
| ||
| 06:43 | Merged in trunk. file: [b6aed69f93] check-in: [559807ba86] user: stephan branch: fileedit-ajaxify, size: 70157 | |
|
2020-05-22
| ||
| 12:26 | For Download links, only include the tail-name of the file in the Content-Disposition header. file: [ed10e08059] check-in: [0feb412869] user: drh branch: trunk, size: 69949 | |
|
2020-05-21
| ||
| 23:59 | Change a case of isalnum() to fossil_isalnum(). file: [865c0f0871] check-in: [02e7c86b3f] user: drh branch: trunk, size: 69939 | |
| 23:56 | Add a Content-Disposition: header to the HTTP reply for the "Download" button. file: [ce3ed13eec] check-in: [34cb4766f1] user: drh branch: trunk, size: 69932 | |
|
2020-05-18
| ||
| 02:59 | style.css now checks for a builtin file named after the first path component of the referer (sic), rather than PD("name"), however, we still have to emit style.css/PAGENAME in $stylesheet_url in order to pick up the the page-specific CSS, otherwise /style.css?id=... is the same for all pages and a page with its own style may pick up a cached copy without its own styles, or with the styles from another page. file: [686e646d47] check-in: [5abc0f6e79] user: stephan branch: style-css-revamp, size: 70465 | |
|
2020-05-10
| ||
| 14:50 | Merge in trunk for fossil_exe_id() and use it, instead of md5, as the builtin/*.js cache-buster value. file: [a5b8ee4459] check-in: [7e43119a91] user: stephan branch: fileedit-ajaxify, size: 69593 | |
| 12:16 | Enable ETag caching of the /uvlist and /juvlist pages. file: [5a9c0f9dfc] check-in: [a6003f1df0] user: drh branch: trunk, size: 69385 | |
| 11:39 | Avoid returning empty ETag: headers in the HTTP reply. file: [085c7a8cea] check-in: [261052c4e1] user: drh branch: trunk, size: 69389 | |
|
2020-05-09
| ||
| 21:10 | Another 304 change: Omit only the Content-Type header. Retain the cache-control header lines. file: [207dc08a51] check-in: [fff9b6799c] user: drh branch: trunk, size: 69386 | |
| 21:04 | Correctly terminate the 304 replies in the previous check-in. file: [5a76e2cd40] check-in: [9f99257451] user: drh branch: trunk, size: 69484 | |
| 20:59 | For a 304 HTTP response, omit extraneous fields such as Content-Type and ETag. file: [5e7a290659] check-in: [6624350b0e] user: drh branch: trunk, size: 69443 | |
|
2020-05-03
| ||
| 12:21 | New CX(...) macro for rendering HTTP reply text, as an alternative to the "@ ..." markup provided by translate.c. file: [6e72569c2d] check-in: [0d160f9fa8] user: drh branch: checkin-without-checkout, size: 69583 | |
|
2020-04-09
| ||
| 17:29 | Branch closed. See this forum post for an explanation. Was: Fix a harmless compiler warning. file: [b96aeb2c92] check-in: [eb750c284a] user: drh branch: idle-timeout, size: 69772 | |
| 16:14 | Initial code for implementing the idle-timeout feature for "fossil ui". Seems to work in preliminary tests on unix. Windows implementation is incomplete and untested. file: [d03553a37f] check-in: [39a899e4cf] user: drh branch: idle-timeout, size: 69772 | |
|
2020-03-26
| ||
| 03:01 | Fix typos. file: [08b70906ef] check-in: [58f00d333a] user: ashepilko branch: trunk, size: 69375 | |
|
2020-03-18
| ||
| 14:14 | Change the HTTP reply status for range requests from "206 OK" to "206 Partial Content". file: [83da1771a6] check-in: [8a1e1c9096] user: florian branch: audio-captcha, size: 69360 | |
|
2020-03-15
| ||
| 18:35 | Add support for the Range: attribute in HTTP requests for the "fossil server" and "fossil http" commands. file: [19eabf394d] check-in: [b6892ccdd6] user: drh branch: trunk, size: 69320 | |
| 15:22 | Experimental support for "Range:" headers in HTTP requests. file: [9b40f12ed6] check-in: [37c615ad29] user: drh branch: http-range, size: 69151 | |
|
2020-02-26
| ||
| 14:28 | Put the Content-Security-Policy in the HTTP reply header in addition to the HTML header. That way, the CSP is enforced even for raw HTML pages or if the skin provides an HTML header that omits the CSP. Add a new "default-csp" setting included with the skin that allows an administrator to change the CSP to allow for CDNs and such. file: [f8d1490e63] check-in: [14c81d9d2b] user: drh branch: trunk, size: 68381 | |
|
2020-01-29
| ||
| 12:34 | Several minor internal cleanups in the /json bits, most notably how g.json.isJsonMode gets initialized (based strictly on the path/command, not guessing based on POST input). file: [47b0d32be8] check-in: [39bef92745] user: stephan branch: trunk, size: 68238 | |
|
2019-12-11
| ||
| 12:43 | Rename the CGI control file variable "debug:" to "cgi-debug:" and enhance it so that it shows the complete CGI environment at the start of each request. Also add documentation. file: [a8cfab71f5] check-in: [4a7760e368] user: drh branch: trunk, size: 68351 | |
|
2019-11-28
| ||
| 10:31 | Changes to support CGI on IIS web servers. file: [e36b8b77f5] check-in: [c06e0b2d0a] user: drh branch: trunk, size: 65970 | |
|
2019-09-05
| ||
| 02:31 | Minor tweaks prior to merging. file: [a9b43d5ba5] check-in: [4231d4b634] user: drh branch: noJsonCgiFlag, size: 65138 | |
|
2019-08-31
| ||
| 13:53 | The IIS web server does not define REQUEST_URI, instead is uses PATH_INFO for virtually the same purpose. Define REQUEST_URI the same as PATH_INFO and redefine PATH_INFO with SCRIPT_NAME removed from the beginning. file: [9be7265424] check-in: [54fdd1a5d7] user: tsbg branch: iis-cgi, size: 63985 | |
| 13:21 | IIS and possibly other web servers define environment variables with an empty value. Handle them the same as non-existing environment variables. file: [cbec94046c] check-in: [9a2ec393db] user: tsbg branch: iis-cgi, size: 63266 | |
|
2019-08-27
| ||
| 20:57 | For candidate CGI parameter names that start with an uppercase letter, convert them to lowercase and then add. file: [6a01135c28] check-in: [b47b6b6906] user: mistachkin branch: noJsonCgiFlag, size: 65008 | |
| 12:51 | Change 'NO_JSON' to lowercase. Remove other branch changes that are now superfluous. file: [a06d1719e6] check-in: [8baac2646c] user: mistachkin branch: noJsonCgiFlag, size: 63401 | |
| 10:40 | Query and post parameters may never begin with an upper-case letter. To allow that is a huge security hole. file: [f9b1e974de] check-in: [72c721eacf] user: drh branch: noJsonCgiFlag, size: 63401 | |
| 06:50 | Attempt to fix 'CONTENT_TYPE' detection when a suffix, e.g. '; charset=utf-8', is present. file: [186071f127] check-in: [891bbc6ffe] user: mistachkin branch: noJsonCgiFlag, size: 63875 | |
| 05:57 | Improve comment. file: [c61b74b098] check-in: [316dd394b8] user: mistachkin branch: noJsonCgiFlag, size: 63693 | |
| 05:34 | If the '--cgiupperparamsok' command line option or 'uppercase_params' CGI control line are present, allow parameter names to start with an uppercase letter. file: [f91a191551] check-in: [ab0d81f893] user: mistachkin branch: noJsonCgiFlag, size: 63636 | |
| 04:15 | Make it possible to disable JSON auto-detection in the CGI subsystem. file: [762d91f8a6] check-in: [a775435357] user: mistachkin branch: noJsonCgiFlag, size: 63220 | |
|
2019-08-19
| ||
| 17:18 | Have the security-audit page analyze and display the content security policy. file: [2ec5bce4bc] check-in: [9cf90a4f9d] user: drh branch: trunk, size: 63153 | |
|
2019-07-31
| ||
| 12:21 | Fixed fossil_strcmp() usage in cgi_init() when in JSON mode. Through some extremely serendipitous fluke, its broken usage just happened to work until a bit was removed from that function in [ec56c69f] which, purely coincidentally, caused the bug (mine, from 2011!) to start triggering when x-www-form-urlencoded forms were submitted (login/logout). Before that, the buggy block never got a chance to trigger for those forms. file: [03dfb4a08d] check-in: [115a70b2df] user: stephan branch: trunk, size: 63034 | |
|
2019-07-25
| ||
| 20:53 | Ensure that the cgi_decode_post_parameters() routine does not delete the raw content used by the /xfer page. file: [c752574d21] check-in: [af3a8dbe09] user: drh branch: extension-cgi, size: 63025 | |
| 18:34 | Defer decoding POST parameters until after the webpage name is located. Do not do the decode if the webpage has the new "raw-content" property. Set that property on /ext so that is can relay the encoded content to sub-cgi. file: [4cbe39d4cd] check-in: [e4849f58e4] user: drh branch: extension-cgi, size: 63023 | |
| 17:07 | Add the ability to extend a Fossil server using CGI. This is a refactor of the prior sub-cgi branch. file: [4dd1693d44] check-in: [ed2def5ffb] user: drh branch: extension-cgi, size: 62875 | |
|
2019-07-16
| ||
| 20:02 | Code cleanup: Add a lot of "const" qualifiers for static (string) arrays, where appropriate. This allows the C compiler to optimize more file: [9f344a90ca] check-in: [70a94d0972] user: jan.nijtmans branch: trunk, size: 62762 | |
|
2019-01-21
| ||
| 18:05 | Fixes to the automatic HTTPS redirector. file: [488f1fd1a3] check-in: [14ff7af42e] user: drh branch: https-all-pages-option, size: 62752 | |
|
2018-09-27
| ||
| 02:17 | Guess that agents with "iPad" in their name do not want the narrow screen versions of the page. file: [b1b3215c66] check-in: [b76eebea87] user: drh branch: trunk, size: 62759 | |
|
2018-09-26
| ||
| 14:04 | Enable the chronological forum display for all users able to read the forum. Make chronological the default display mode for mobile devices, as determined by the user-agent string. file: [2a2ce5bc9f] check-in: [c720327afe] user: drh branch: trunk, size: 62704 | |
|
2018-08-07
| ||
| 17:48 | Fix the separate-process backoffice so that it works smoothly on linux. Still work to be done on Windows. file: [12eb17258e] check-in: [af7d67c6a2] user: drh branch: fork-backoffice, size: 62379 | |
| 15:50 | Use the fork() system call (when available) to start backoffice, in an attempt to avoid unseemly delays in upstream. file: [c4f57145cd] check-in: [a4b59c3207] user: drh branch: fork-backoffice, size: 62631 | |
| 13:52 | Disable the backoffice for SSH clients. file: [d9259722ff] check-in: [4b4e133a8c] user: drh branch: forum-v2, size: 62619 | |
|
2018-08-01
| ||
| 06:43 | Change the backoffice-nodelay setting back to default off. Work around a bug in althttpd by making sure CGI runs with no file descriptors open other than 0, 1, and 2. (Edit:) These changes proved insufficient to clear the problem. file: [0200bafb1a] check-in: [1073593e90] user: drh branch: failed-fix, size: 62509 | |
|
2018-07-31
| ||
| 20:34 | Use the fork() system call (when available) to start backoffice, in an attempt to avoid unseemly delays in upstream. file: [e563669673] check-in: [e882081f8d] user: drh branch: fork-backoffice, size: 62614 | |
|
2018-07-30
| ||
| 13:34 | Merge backoffice enhancements from trunk. file: [0197364d17] check-in: [bb50f0dce8] user: drh branch: forum-v2, size: 62602 | |
| 13:25 | Backoffice processing improvements: Set a timer on the backoffice to prevent it from running too long. Report errors on failed attempts to open /dev/null. Use "NUL" instead of "/dev/null" on Windows. file: [1bed061640] check-in: [07356e44c1] user: drh branch: trunk, size: 62460 | |
|
2018-07-25
| ||
| 15:02 | If the user has the 'D' capability and the "showqp" query parameter exists, then all query parameters are shown at the top of the webpage. Also, fix some issues with forum. file: [17a26b96b4] check-in: [b48068ded3] user: drh branch: forum-v2, size: 62439 | |
| 13:20 | Add the 'D' Debug user capability. This is designed to show additional information and controls on webpages for debugging purposes. Also take steps to avoid trying to generate a webpage error message after the webpage has already gone out. file: [7a476ad7e1] check-in: [fd3198322a] user: drh branch: trunk, size: 62297 | |
| 13:09 | Initial implementation of the forum reply screen. file: [bf1c79ace5] check-in: [c35fe945d2] user: drh branch: forum-v2, size: 62439 | |
|
2018-07-24
| ||
| 19:44 | Work toward pages to enter forum posts. This is an incremental check-in to save state and definitely does not work. file: [48bf973bb3] check-in: [7b5099ea44] user: drh branch: forum-v2, size: 62420 | |
|
2018-07-19
| ||
| 15:58 | At the end of CGI processing, close the output pipe before starting backoffice processing, in order to let higher levels know that the CGI is finished. file: [7bf245008a] check-in: [a32a92d227] user: drh branch: trunk, size: 62278 | |
| 15:52 | Backoffice only runs for successful webpage that have the database open. Add "refresh" and "Show All" buttons on the /errorlog page. file: [f5806aa90c] check-in: [aa17077eaf] user: drh branch: trunk, size: 62206 | |
| 15:43 | Run the backoffice processing after every webpage. Fix a memory error in one of the backoffice error messages. file: [3e62cef312] check-in: [0fdca8c78f] user: drh branch: trunk, size: 62162 | |
|
2018-07-18
| ||
| 19:22 | Use the new SQLITE_FCNTL_DATA_VERSION interface in SQLite to limit running the backoffice processing to case when the repository file changes. file: [9cfd66ec19] check-in: [752ea432d1] user: drh branch: trunk, size: 62296 | |
| 16:43 | Add the backoffice module for doing post-processing actions such as sending alerts and/or syncing repositories. file: [7366cc2294] check-in: [86b43a4648] user: drh branch: backoffice, size: 62218 | |
|
2018-07-17
| ||
| 18:32 | Improved tracing capabilities for email notifications. Add the SelectAll button to the webmail display. file: [c70952dc0f] check-in: [f880aa82aa] user: drh branch: trunk, size: 62243 | |
| 15:10 | Fix a mimetype typo that prevents email notification from running. file: [a9bdf9efc4] check-in: [e2fd46ddcc] user: drh branch: webmail, size: 62242 | |
|
2018-07-15
| ||
| 18:31 | Improvements to error logging. Only log fossil_panic() calls, not fossil_fatal() calls. file: [73bf9c173a] check-in: [06d4751a44] user: drh branch: trunk, size: 62242 | |
|
2018-07-14
| ||
| 14:13 | Add the --nocompress option to the "ui", "server", and "http" commands. This option prevents HTTP reply compression, which is useful during debugging. The option is on by default for "test-http". Also, make sure the mimetype for error messages is set to text/html. file: [bfccfd9cf8] check-in: [cfc7aca2c1] user: drh branch: trunk, size: 62196 | |
|
2018-07-13
| ||
| 21:36 | Improved process debugging for "fossil ui" and "fossil server". Sanely close the open database connection upon receiving SIGPIPE. file: [c868d51d70] check-in: [83b171bcd1] user: drh branch: trunk, size: 62417 | |
| 20:36 | An early attempt at the /setup_smtp page. Partly working. file: [634954cad7] check-in: [1e799919b8] user: drh branch: trunk, size: 62206 | |
| 18:40 | Attempts to obtain the IPv6 address of the peer do not seem to work. Fallback to getting the IPv4 address until we figure this out. file: [76c78d97b9] check-in: [cf94d5a0ff] user: drh branch: trunk, size: 61837 | |
| 18:20 | Improved code to discover the IP address of the peer. Record the IP address of the peer in a Received: header line of all input emails. file: [fa6b4ae6e0] check-in: [9979edbdef] user: drh branch: trunk, size: 61625 | |
|
2018-07-05
| ||
| 16:51 | Patched cgi_set_cookie() to be a no-op when not running in HTTP(s) mode (e.g. in JSON CLI mode), since g.zTop is not set in that case. Resolves a segfault reported on the ML. file: [4ca4256880] check-in: [f488a5aa97] user: stephan branch: trunk, size: 61349 | |
|
2018-06-30
| ||
| 13:42 | Adjust the cgi_rfc822_datetime() routine to use the newer rfc2822 date/time format that uses "+0000" for the timezone instead of "GMT". file: [0e05d86c8d] check-in: [d2a94aa96c] user: drh branch: trunk, size: 61181 | |
|
2018-06-25
| ||
| 16:19 | Fix harmless compiler warnings. Also remove the "ago" text from the "Last Change" column in the subscriber list webpage. file: [02fe157594] check-in: [69d332ff96] user: drh branch: trunk, size: 61172 | |
|
2018-06-24
| ||
| 18:22 | Only invoke the email alert sender after a successful HTTP request. Mark Not Found requests as 404, unsuccessful. file: [321e270de0] check-in: [4eb3e0f20e] user: drh branch: trunk, size: 61172 | |
|
2018-06-23
| ||
| 18:44 | Automatically send alert emails after each webpage request. file: [dbc39d5082] check-in: [d4e9df1729] user: drh branch: trunk, size: 61139 | |
|
2018-06-21
| ||
| 19:10 | The /subscribe page now creates entries in the subscriber table and sends verification emails. file: [9e1fe61f57] check-in: [31be2e17a4] user: drh branch: email-alerts, size: 61032 | |
| 12:34 | Non-working code for the /subscribe and /alerts web pages. This is an incremental check-in. file: [ded87857fd] check-in: [e91143e813] user: drh branch: email-alerts, size: 60481 | |
|
2018-06-16
| ||
| 13:36 | Progress toward getting the forum to actually work. This is an incremental check-in. file: [7e03e10abe] check-in: [4814c41a9a] user: drh branch: forum-brainstorm-1, size: 60154 | |
|
2018-03-29
| ||
| 15:24 | Extra comment describing the previous change. file: [da970218b4] check-in: [6c02983d0a] user: drh branch: trunk, size: 60014 | |
| 15:20 | Slight revision to [be5d83f93ac66f65] to allow "_" in parameter names. file: [ec95f154e9] check-in: [e09df6ea47] user: drh branch: trunk, size: 59743 | |
| 15:16 | New security feature: Reject any query parameter, POST parameter, or cookie whose name contains a non-alphanumeric character. No know vulnerabilities exist because of this. I'm just be paranoid. This enhancement is inspired by Drupalgeddon2. file: [a7cadc51a2] check-in: [be5d83f93a] user: drh branch: trunk, size: 59731 | |
|
2018-02-25
| ||
| 19:47 | Add support for Last-Modified: and If-Modified-Since:. Currently only works for /uv but can be easily expanded to other resources. Also change Set-Cookie to use max-age= rather than expires=. file: [a55b0d3f9f] check-in: [f89eb80eec] user: drh branch: trunk, size: 59702 | |
|
2018-02-24
| ||
| 20:14 | Redesign the ETags mechanism to be simpler and safer. file: [102ddbecf7] check-in: [ae660cd62f] user: drh branch: etags-cache-control, size: 59894 | |
| 18:39 | Further changes trying to get ETags to work well. But as I type this, I feel like this design is not working out well and I am about ready to start over from scratch. This check-in is just to preserve work in case I want to come back to it later. file: [d526af6964] check-in: [02740c2c47] user: drh branch: etags, size: 59865 | |
| 00:39 | First cut at supporting ETags: and If-None-Match: for cache control. file: [fc0c7d8308] check-in: [94c0b8ecd1] user: drh branch: etags-cache-control, size: 60293 | |
|
2018-02-10
| ||
| 16:24 | Add the cgi_csrf_safe() routine as a supplimental defense against cross-site request forgery attacks. file: [a287ced7c7] check-in: [047802a3c3] user: drh branch: trunk, size: 61933 | |
|
2018-01-03
| ||
| 20:07 | For "fossil ui" and "fossil server" use the IPV6 loopback on Windows. file: [3f901a4f5c] check-in: [c038de8d27] user: drh branch: windows-loopback-ipv6, size: 61248 | |
| 18:56 | Accept both "127.0.0.1" and "::ffff:127.0.0.1" as valid loopback IP addresses. file: [3363272a3c] check-in: [96dcb7e709] user: drh branch: trunk, size: 61203 | |
|
2017-12-23
| ||
| 02:43 | The "fossil server" command keeps track of the total number of requests and displays that value on the /test_env page. file: [8716626af2] check-in: [41c7caad8a] user: drh branch: trunk, size: 60906 | |
| 00:50 | Fix the "fossil server" command to allow up to FOSSIL_MAX_CONNECTIONS (default 1000) pending HTTP requests. This is an increase from 2. Add the --max-latency command-line option for "fossil server". Do a better job of harvesting dead child processes. Report the number of sibling HTTP request handler processes on the /test_env page. file: [fc7fc8defd] check-in: [05ec15cad5] user: drh branch: trunk, size: 60751 | |
|
2017-12-05
| ||
| 21:36 | Remember the last Unified/Side-by-side diff in the display preferences cookie. file: [9694a7dce3] check-in: [0a1f4ed6aa] user: drh branch: trunk, size: 60558 | |
|
2017-07-04
| ||
| 13:11 | Do not send the message body on an HTTP reply to a HEAD request. file: [f7d88d2310] check-in: [5826ba37ac] user: drh branch: trunk, size: 60514 | |
|
2017-07-01
| ||
| 22:38 | Add the cgi_referer() utility function. Use it to cause the setup_uedit page to always go back to the page it came from. file: [0c979cad20] check-in: [59a51b8267] user: drh branch: trunk, size: 60461 | |
|
2017-03-13
| ||
| 01:12 | Add the capability for Fossil to directly interpret the Authentication: HTTP header for Basic Authentication, if enabled on the /setup_access page. Disabled by default. file: [b459fc1897] check-in: [4fa4c0218f] user: drh branch: basic-authentication-2, size: 60087 | |
|
2016-12-19
| ||
| 07:04 | Enhance TH1 'redirect' command to support for HTTP redirects with a status code of 307. file: [0fe6520c4e] check-in: [bee6dbde54] user: mistachkin branch: trunk, size: 59978 | |
|
2016-11-05
| ||
| 05:15 | Add functions to modify and delete query parameters file: [73b8c689a7] check-in: [1c511cd9e6] user: andygoth branch: andygoth-timeline-ms, size: 59704 | |
|
2016-11-04
| ||
| 22:37 | Consistently use the count(X) macro in place of sizeof(X)/sizeof(*X) throughout the Fossil core, excluding things that don't use makeheaders. Also use count(X) instead of ArraySize(X) which has the same definition. file: [d19016a93c] check-in: [e5b62edb28] user: andygoth branch: trunk, size: 58921 | |
|
2016-11-03
| ||
| 18:31 | Compilation fix for MinGW: consistently use _WIN32_WINNT when including winsock2.h, etc. file: [a8a1d95915] check-in: [26a88f1bbf] user: mistachkin branch: trunk, size: 58939 | |
|
2016-02-09
| ||
| 14:12 | json: added a few assertions and changed a few chars to ints to avoid potential signedness problems on ARM. file: [10310d276e] check-in: [5c0dc2d352] user: stephan branch: trunk, size: 58873 | |
|
2015-08-12
| ||
| 00:51 | Fix the day-of-week activity report to be more accurate. Also fix a crash bug that occurs when trying to run "fossil ui" on a fresh repo. file: [38b5b08eda] check-in: [e747dd8563] user: drh branch: trunk, size: 58807 | |
|
2015-06-25
| ||
| 01:45 | Minor spelling corrections to comment. file: [03c8c65969] check-in: [c048aac095] user: andybradford branch: trunk, size: 58798 | |
|
2015-04-09
| ||
| 23:22 | Remove extraneous printf() statements from the IPv6 logic in the unix CGI server code. file: [04e060e480] check-in: [2d9d276b7f] user: drh branch: ipv6-server, size: 59218 | |
| 23:16 | Fix indentation and remove all strcpy() and strcat() calls (as OpenBSD hates those). file: [961ee0abf6] check-in: [b1cb81ebe7] user: drh branch: ipv6-server, size: 59325 | |
| 21:36 | Enable the use of IPv6 for "fossil ui" and "fossil server" on unix. file: [c2584428dc] check-in: [dae37f0e35] user: drh branch: ipv6-server, size: 59347 | |
|
2015-02-23
| ||
| 23:27 | Make sure the 'cTag' structure field is initialized to zero. file: [6657772f24] check-in: [1a2aa2b37e] user: mistachkin branch: trunk, size: 58794 | |
|
2015-02-20
| ||
| 15:57 | Get the repolist mechanism working on windows. Make sure repolist is disabled (except for the "ui" command) without the --repolist option. file: [0179775048] check-in: [d976b474e9] user: drh branch: trunk, size: 58764 | |
|
2015-02-06
| ||
| 09:55 | eol-spacing fixes. file: [08b3b1ce3e] check-in: [b8e3dc16f4] user: jan.nijtmans branch: trunk, size: 58693 | |
| 03:28 | Do not let the "Lines:" box go below one on the /timeline. If it does, automatically revert to 10 lines. Also, arrange for the default number of lines to be 50 in most cases, but only 11 if the c= (circa) query parameter is used. Use n=all to see the entire history of the graph. file: [59899ff689] check-in: [99e081efe5] user: drh branch: form-submenu, size: 58694 | |
| 03:00 | Add the cgi_query_parameters_to_url() routine and use it to cause all query parameters on timeline to be exported. (Need to make this same changes for all other uses of url_render()). Make "context" timelines 11 entries by default. Other cleanups. file: [ae0f371c5f] check-in: [b6e1f61aaa] user: drh branch: form-submenu, size: 58694 | |
|
2015-02-04
| ||
| 19:14 | Add the ability to include FORM elements on the submenu. file: [64644fb5c6] check-in: [b17970e13b] user: drh branch: form-submenu, size: 58353 | |
|
2015-01-25
| ||
| 21:21 | Improved tracing capability for debugging purposes. file: [76a4af25a1] check-in: [af3d3b6936] user: drh branch: trunk, size: 57271 | |
|
2015-01-21
| ||
| 21:19 | Do not attempt to use the Right-Column Ad-Unit if the content contains a <table> element. file: [9c73ecf9a0] check-in: [7d79460479] user: drh branch: ad-unit-enhancement, size: 57288 | |
|
2014-12-18
| ||
| 23:34 | Change from using Expires: to Cache-Control: to control caching. file: [35e30682cd] check-in: [c8414504e1] user: drh branch: trunk, size: 57187 | |
|
2014-11-11
| ||
| 12:15 | Merge from trunk file: [1c36b43e17] check-in: [26b7b16a7c] user: ashish branch: ashish-ipv6, size: 60762 | |
|
2014-10-20
| ||
| 15:01 | Add a custom static analysis program that verifies the arguments to printf-style varargs routines used in Fossil. Adjust the source code to be more robust for printf format errors and to fix a few minor problems found by the static checker. file: [259725db75] check-in: [0a7e326fa4] user: drh branch: compile-time-print-checking, size: 57321 | |
|
2014-10-14
| ||
| 13:10 | strglob() -> sqlite3_strglob() file: [2430cfa85c] check-in: [2271ea42fe] user: jan.nijtmans branch: trunk, size: 57261 | |
|
2014-09-23
| ||
| 15:21 | Use strncmp() instead of memcmp() when comparing strings since memcmp() is not guaranteed to read bytes in order and hence might read past the zero-terminator of a string. file: [d0e91de12f] check-in: [52cb240425] user: drh branch: trunk, size: 57239 | |
|
2014-09-16
| ||
| 02:44 | Fix 'fossil sync' with local file URIs (and SCGI URIs on Windows) while retaining the 'fossil ui' enhancements that permit using an open checkout (e.g. to resolve the symbolic names prev, next, and current). file: [0fda09f5a5] check-in: [1f8a4ecdb7] user: mistachkin branch: trunk, size: 57238 | |
|
2014-09-07
| ||
| 19:50 | More proposed fixes to the issues pointed out by Edward Berner. file: [6939e61cac] check-in: [4429a4c3cc] user: mistachkin branch: warningFixes, size: 57088 | |
|
2014-08-12
| ||
| 15:48 | X-UA-Compatible (MSIE) HTTP header patch from Warren Young file: [9681dc4490] check-in: [1a9e494483] user: jan.nijtmans branch: branch-1.29, size: 57085 | |
| 14:48 | X-UA-Compatible (MSIE) HTTP header patch from Warren Young. file: [3b327dea84] check-in: [b7bebbe44f] user: stephan branch: trunk, size: 57083 | |
|
2014-08-05
| ||
| 10:52 | Some code formatting. No change in functionality. file: [1f97bc1052] check-in: [b9b3ce3b39] user: jan.nijtmans branch: trunk, size: 57027 | |
|
2014-07-20
| ||
| 13:20 | Merge from trunk file: [5b589c2494] check-in: [c4fca467f7] user: ashish branch: ashish-ipv6, size: 60470 | |
|
2014-04-22
| ||
| 13:57 | Experimental change to add a "nodesc" query parameter to pages like /artifact that suppresses the sometimes length description of what the artifact is used for. file: [711c37ca29] check-in: [b794218f01] user: drh branch: nodesc-option, size: 57186 | |
|
2014-03-23
| ||
| 09:46 | Cherry-pick [684eb478e7] Fix the SCGI processing so that it works with Nginx file: [74e6be3e2c] check-in: [26eb153988] user: jan.nijtmans branch: branch-1.28, size: 57102 | |
|
2014-03-22
| ||
| 11:33 | Fix the SCGI processing so that it works with Nginx. file: [752925d499] check-in: [684eb478e7] user: drh branch: trunk, size: 57029 | |
|
2014-02-27
| ||
| 08:19 | Cherry-pick [d5d7e640d0]: When on a Fossil web-page without being logged-in, pressing "Login" and doing a successful login will bring you back to the same web-page again. file: [5bfaccd467] check-in: [63462826b3] user: jan.nijtmans branch: branch-1.28, size: 57103 | |
|
2014-02-07
| ||
| 15:52 | fossil server: Output "Listening...port [p]" message when iPort==mnPort. file: [c31113fe7e] check-in: [70218670ff] user: joel branch: trunk, size: 57030 | |
|
2014-01-29
| ||
| 13:35 | When on a Fossil web-page without being logged-in, pressing "Login" and doing a successful login will bring you back to the same web-page again. file: [8abb1b1a40] check-in: [d5d7e640d0] user: jan.nijtmans branch: trunk, size: 57062 | |
|
2014-01-28
| ||
| 08:20 | More removals of unnecessary end-of-line spaces. No change in code. file: [67377b0eec] check-in: [45f35169f2] user: jan.nijtmans branch: trunk, size: 57075 | |
|
2014-01-05
| ||
| 11:03 | styling file: [6e6b5a0c22] check-in: [0c1a116791] user: jan.nijtmans branch: sqlite-min-to-3.7.17, size: 57138 | |
|
2014-01-04
| ||
| 23:00 | Fix use of sqlite3_strglob: 0 means there is a match file: [79262c972b] check-in: [70a374d9a3] user: jan.nijtmans branch: sqlite-min-to-3.7.17, size: 57134 | |
| 20:51 | Increase minimum SQLite requirement to 3.7.17, and make efficient use of the function sqlite3_strglob. This eliminates unnecessand sqlite file: [9781d5c3fb] check-in: [c8c5646879] user: jan.nijtmans branch: sqlite-min-to-3.7.17, size: 57132 | |
|
2013-12-25
| ||
| 07:16 | Merge from trunk file: [2a780445c2] check-in: [a30d1f58d1] user: ashish branch: ashish-ipv6, size: 60880 | |
|
2013-12-22
| ||
| 10:21 | According to RFC 1952, MTIME=0 means no time stamp is available file: [063a9bf9ea] check-in: [518896951a] user: jan.nijtmans branch: trunk, size: 57116 | |
| 01:33 | Send gzipped HTTP responses to clients that support it. file: [a1c539b663] check-in: [3f4b5d32f1] user: joel branch: trunk, size: 57259 | |
|
2013-10-17
| ||
| 18:36 | Enhance the CGI processor to assume that PATH_INFO is an empty string if it is omitted. file: [6a9589d91c] check-in: [63a84cb66e] user: drh branch: trunk, size: 56271 | |
| 17:38 | Tolerate CGI systems that do not send REQUEST_URI. file: [d3698584a4] check-in: [a68280c4fc] user: drh branch: trunk, size: 55980 | |
|
2013-10-14
| ||
| 08:28 | Fix compiler warnings. file: [a798c03169] check-in: [c932fa47ef] user: mistachkin branch: trunk, size: 55351 | |
|
2013-10-10
| ||
| 02:52 | Merge from 'trunk' file: [e3336f24e6] check-in: [9c3021b097] user: ashish branch: ashish-ipv6, size: 59107 | |
|
2013-10-09
| ||
| 00:09 | Merge the enhanced SSH transport changes into trunk. The ssh command now runs a single instance of "fossil" directly on the remote side, obviating the need for a remote shell. file: [2909167c05] check-in: [dbb5e2d32a] user: drh branch: trunk, size: 55343 | |
|
2013-10-04
| ||
| 09:10 | Fix compiler warning on Cygwin file: [49ca3208c0] check-in: [c05cc27300] user: jan.nijtmans branch: trunk, size: 47992 | |
| 02:50 | Consolidate all the Cygwin-specific preprocessor directives into one file and include it where necessary. file: [bee73d05f9] check-in: [816e893d3b] user: mistachkin branch: trunk, size: 47984 | |
|
2013-10-03
| ||
| 14:59 | Revert [b7625d8d8c], instead make sure the correct header file is included for Cygwin. file: [fe11d86a81] check-in: [19b2b2403c] user: jan.nijtmans branch: trunk, size: 48120 | |
|
2013-09-14
| ||
| 18:17 | Remove unused CGI environment variable for SSH connections. file: [9b8c4cf913] check-in: [d03e27d842] user: amb branch: ssh-transport-changes, size: 55519 | |
|
2013-09-13
| ||
| 02:41 | Bring in fixes and new release code. file: [0ae61048f4] check-in: [a359ef8f20] user: amb branch: ssh-transport-changes, size: 55569 | |
|
2013-09-12
| ||
| 09:22 | Implicit function declaration on Cygwin file: [a2d9cab902] check-in: [b7625d8d8c] user: jan.nijtmans branch: trunk, size: 48173 | |
|
2013-09-07
| ||
| 21:57 | Bring in latest fixes and features. file: [681a9e7390] check-in: [e880c032e9] user: andybradford branch: ssh-transport-changes, size: 55496 | |
| 21:21 | Separate SSH transport changes from shared account features to simplify integration. file: [e5ab3e549f] check-in: [915c79cb4f] user: andybradford branch: ssh-transport-changes, size: 54992 | |
|
2013-09-05
| ||
| 12:42 | On Cygwin, don't set browser to "echo" if it cannot be found, but revert to ShellExecuteW which can do a much better job. file: [4d3afc493b] check-in: [0efd9e6a94] user: jan.nijtmans branch: trunk, size: 48100 | |
|
2013-08-30
| ||
| 14:07 | Merge in latest features and fixes from trunk. file: [6d9011b20c] check-in: [ef8b9da03f] user: andybradford branch: ssh-test-http, size: 55006 | |
| 06:22 | Update SQLite to the version that avoids opening databases on file descriptor 2 and that works inside a chroot jail. Fix a potential uninitialized variable in the CGI processing. file: [513881db50] check-in: [98b16c72c7] user: drh branch: trunk, size: 47596 | |
|
2013-08-25
| ||
| 02:11 | Spiders and robots are presented with a captcha if they request the annotation page. file: [e4d2ef19ae] check-in: [f8a2aa0ce7] user: drh branch: trunk, size: 47598 | |
|
2013-08-19
| ||
| 14:48 | We can detect when to enable compatibility mode, so do this instead of requiring an explicit argument. file: [146a914099] check-in: [90c4859315] user: andybradford branch: ssh-test-http, size: 54470 | |
|
2013-08-18
| ||
| 01:26 | Use a little more precaution that the Fossil command has been seen first. file: [84de86db6c] check-in: [12dbaebec2] user: andybradford branch: ssh-test-http, size: 54475 | |
|
2013-08-17
| ||
| 23:05 | Change SSH transport to use a single SSH connection if client/server willing. Add client header so server can detect when to use new mode. Also improve backwards compatibility for older SSH clients by responding to probes. file: [16ef62cc44] check-in: [f0bb3c9b5a] user: andybradford branch: ssh-test-http, size: 54467 | |
|
2013-08-16
| ||
| 03:25 | Merge in all new development from trunk. file: [c238893dc8] check-in: [535cba9158] user: andybradford branch: ssh-test-http, size: 47503 | |
|
2013-08-15
| ||
| 03:43 | Fix the CGI so that it works again with Apache. file: [b1959e1a66] check-in: [d01b3c953f] user: drh branch: trunk, size: 47060 | |
|
2013-08-13
| ||
| 18:15 | Add support for SCGI via the --scgi command-line option to the "server" and "ui" and "http" commands. file: [d5c75ddae5] check-in: [a2e7472d0f] user: drh branch: trunk, size: 47225 | |
|
2013-08-05
| ||
| 17:39 | Merge recent addtional features (integrate, reports, timeline, et al.) from trunk. file: [f757f1dc5a] check-in: [a5df66f3aa] user: andybradford branch: ssh-shared-account, size: 45378 | |
|
2013-08-04
| ||
| 06:06 | Change cgi_accept_forwarded_for() to return the accepted IP address from the X-Forwarded-For header, which could contain multiple addresses (e.g. if the client is also behind a proxy). The last one is the only one we can currently trust. file: [026db49c0c] check-in: [59f790bc52] user: joel branch: trunk, size: 44935 | |
|
2013-08-03
| ||
| 23:33 | Previous two check-ins do not work correctly for CGI. Trying once again. file: [e2f39f211d] check-in: [d8f716e1d1] user: drh branch: trunk, size: 44787 | |
| 23:27 | Fix an initialization error in the HTTP request header gathering logic. file: [0f509dec4a] check-in: [8c4158e40c] user: drh branch: trunk, size: 44816 | |
| 23:19 | Enhance the test_env webpage so that it shows the original HTTP header text in showall=1 mode. file: [2648c50a12] check-in: [03f07b5a66] user: drh branch: trunk, size: 44815 | |
| 22:42 | Accept the X-Forwarded-For HTTP header argument if input is coming from a socket with a remote address of "127.0.0.1". file: [b79d037a9a] check-in: [29b558a1c1] user: drh branch: trunk, size: 44703 | |
|
2013-07-10
| ||
| 21:33 | another patch version for ssh improvement from Andy Bradford. file: [005796c0dd] check-in: [a8c37c2c48] user: mgagnon branch: andy_bradford_ssh_imporvement_patch_2, size: 44572 | |
|
2013-06-10
| ||
| 13:32 | Merge all the latest trunk changes into the ipv6 branch. file: [18a04498de] check-in: [d5f6e08c09] user: drh branch: ipv6, size: 44653 | |
|
2013-05-02
| ||
| 07:58 |
See alternative implementation on trunk. Was:
Improve cgi parameter parsing in add_param_list(). Boolean options, like "v" and "sbs" can now take forms like "v=true" or simply "v" (in stead of "v=1") or "v=off" (in stead of "v=0"). /timeline already accepted the shortened form, now /event, /vdiff and other web pages do as well. file: [d826e0a168] check-in: [71d48d346c] user: jan.nijtmans branch: short-cgi-params, size: 44066 | |
|
2013-04-21
| ||
| 08:08 | Merge with trunk - Remove reverse-proxying support which is already provided by --baseurl option. file: [c1b4bb91aa] check-in: [940b0b33c9] user: ashish branch: ashish-ipv6, size: 47893 | |
|
2013-02-20
| ||
| 16:11 | Changes that allow the --port option on "fossil ui" and "fossil server" to include an IP address to which to bind. file: [3e4c2da6f5] check-in: [abf56881b6] user: drh branch: bind-to-ip, size: 44129 | |
|
2012-12-14
| ||
| 11:50 | include <winsock2.h> before <ws2tcpip.h> whenever needed. Thanks to Konstantin Khomoutov for reporting this. file: [3911087555] check-in: [0658068a23] user: jan.nijtmans branch: trunk, size: 43739 | |
|
2012-11-25
| ||
| 02:57 | Use binary mode for CGI related trace files. file: [40e2d5cf0d] check-in: [95f02a572e] user: mistachkin branch: cgiTraceBinary, size: 43716 | |
|
2012-11-24
| ||
| 23:07 | When --httptrace is used with "fossil ui" or "fossil server", create log files containing the text of each HTTP request. file: [247bf56384] check-in: [6f3d328fbf] user: drh branch: ticket-enhancements, size: 43708 | |
|
2012-11-04
| ||
| 12:59 | Fix typos. file: [64ef4d8ed1] check-in: [45065c5c28] user: dmitry branch: spelling, size: 42991 | |
|
2012-10-16
| ||
| 01:11 |
unused variable includeDotFiles
struct utimbuf -> struct _utimbuf (compiler warning with mingw-w64) a few "const" additions (lower memory footprint, allows C-compiler to optimize better) file: [9adb71987b] check-in: [6032dd51f2] user: jan.nijtmans branch: trunk, size: 42991 | |
|
2012-09-26
| ||
| 11:59 | Add the --baseurl open to the "fossil server" and "fossil http" commands, for use with reverse proxies such as nginx. file: [eba0a22111] check-in: [ecb85f61a9] user: drh branch: trunk, size: 42979 | |
|
2012-09-23
| ||
| 05:00 | Fixes for compilation with MSVC. file: [87f55d5e41] check-in: [bb85c12e10] user: mistachkin branch: trunk, size: 42873 | |
|
2012-09-21
| ||
| 09:27 | Eliminate usage of TCHAR and the associated Win32 API macros. file: [93af3e70c1] check-in: [4abd4c5d38] user: mistachkin branch: noTCHAR, size: 42912 | |
|
2012-09-05
| ||
| 12:55 | const-qualification file: [4166cf8c70] check-in: [645f34834d] user: jan.nijtmans branch: eclipse-project, size: 43075 | |
|
2012-09-02
| ||
| 19:39 |
Minor additional fixes related to [c8c0b78c84]:
- Use _wsystem() in stead of system() on Windows
- Use g.argv[0] in stead of fossil_nameofexe() where only printing is involved
- Use fossil_nameofexe() where fossil_system() is involved
- Move the determination of the full windows path to fossil_nameofexec,
so g.argv[0] can always be the unmodified argv[0]
- g.argv[0] and fossil_nameofexec() are in utf-8, so we cannot use fprintf
directly. Exception: when printing malloc errors.
file: [675a4de947]
check-in: [be06861f3c]
user: jan.nijtmans
branch: ticket-c8c0b78c84,
size: 43070
| |
|
2012-08-29
| ||
| 13:57 | Allow UTF-8 characters in sources. translate.exe will translate it to ASCII file: [edbf757a13] check-in: [9f6abc5968] user: jan.nijtmans branch: msvc-broken, size: 43062 | |
|
2012-08-21
| ||
| 11:18 | In file included from /usr/x86_64-w64-mingw32/sys-root/mingw/include/ws2tcpip.h:11:0, from src/cgi.c:29: /usr/x86_64-w64-mingw32/sys-root/mingw/include/winsock2.h:15:2: warning: #warning Please include winsock2.h before windows.h src/file.c:47:0: warning: "stat" redefined /usr/x86_64-w64-mingw32/sys-root/mingw/include/sys/stat.h:258:0: note: this is the location of the previous definition In file included from /usr/x86_64-w64-mingw32/sys-root/mingw/include/ws2tcpip.h:11:0, from src/http_socket.c:35: /usr/x86_64-w64-mingw32/sys-root/mingw/include/winsock2.h:15:2: warning: #warning Please include winsock2.h before windows.h src/shell.c:67:0: warning: "popen" redefined /usr/x86_64-w64-mingw32/sys-root/mingw/include/stdio.h:503:0: note: this is the location of the previous definition src/shell.c:68:0: warning: "pclose" redefined /usr/x86_64-w64-mingw32/sys-root/mingw/include/stdio.h:504:0: note: this is the location of the previous definition file: [9d60492eb4] check-in: [b5d69afed7] user: jan.nijtmans branch: jn-mingw-w64-compiler-warnings, size: 43063 | |
|
2012-08-11
| ||
| 13:58 | Add <base href="$baseurl/"> to the html header in the default configuration and in all built-in skins. Add a warning if <base> is not configured. Generate hyperlinks from wiki relative to the <base> file: [c7ccb7dde6] check-in: [31732d77ff] user: drh branch: wysiwyg, size: 43074 | |
|
2012-07-07
| ||
| 14:07 | Update the inetd handler so that it works with IPv6. file: [648bf4b2f4] check-in: [89fb414274] user: drh branch: ipv6, size: 43376 | |
|
2012-06-27
| ||
| 12:30 | Begin a branch that is modified to use sqlite4 instead of sqlite3 as the storage engine. This check-in compiles (on unix) but does not work. file: [e37f580458] check-in: [6823912746] user: drh branch: sqlite4, size: 42852 | |
|
2012-04-29
| ||
| 11:05 | Use in cgi strncmp to circumvent Firefox adding ; charset: UTF-8; changed cols to 60 especially under windows it is to big and the result is not side-by-side file: [d1ffdabf29] check-in: [a7a331fa16] user: renez branch: side-by-side-edit, size: 42849 | |
|
2012-03-29
| ||
| 14:54 | Add vim modline everywhere file: [568749f3c7] check-in: [a496d8e88d] user: mgagnon branch: mgagnon_fix, size: 42894 | |
|
2012-03-18
| ||
| 11:43 | Improved error message when parsing JSON input request fail. file: [a8ab196d80] check-in: [4dae79503f] user: stephan branch: trunk, size: 42852 | |
|
2012-03-10
| ||
| 13:17 | Merge latest changes from trunk. file: [857d10e4af] check-in: [7124f09f07] user: ashish branch: ashish-ipv6, size: 44906 | |
|
2012-02-16
| ||
| 01:03 | Always convert the result of getenv() into UTF8. file: [2067f4f5a7] check-in: [57152086b8] user: drh branch: trunk, size: 42164 | |
|
2012-01-15
| ||
| 18:06 | Merge latest changes from trunk file: [50f19c61e3] check-in: [b3130baa06] user: ashish branch: ashish-ipv6, size: 44899 | |
|
2012-01-12
| ||
| 00:44 | Limit the number of query parameters that the CGI processor will handle before giving up, to make DOS attacks harder. file: [ef217e63c1] check-in: [2827d449a9] user: drh branch: trunk, size: 42157 | |
|
2011-11-16
| ||
| 10:48 | Clean getaddrinfo() code in src/http_socket.c incorporating suggestions from Gé Weijers Add getaddrinfo() code to src/cgi.c file: [added99d03] check-in: [c24e1c2785] user: ashish branch: ashish-ipv6, size: 44762 | |
|
2011-11-13
| ||
| 09:11 | Merge with trunk file: [5af7d9b340] check-in: [c30eaa8862] user: ashish branch: ashish-ipv6, size: 43428 | |
|
2011-11-05
| ||
| 02:06 | Change to makeheaders to work around a name collision with MSVC 2008. You will likely need to run "make clean" after updating to this check-in. file: [af0df2660a] check-in: [3c69a6fd59] user: drh branch: trunk, size: 42014 | |
|
2011-11-04
| ||
| 20:37 | Added configure option --enable-json to enable json features. They are disabled by default. file: [fbc54649e3] check-in: [525816e6d7] user: json-demo branch: json, size: 42062 | |
|
2011-10-27
| ||
| 16:12 | merged in trunk [06e0cb70054d3c3], resolved conflict in login.c. file: [5b154341ae] check-in: [81d71d7b9e] user: stephan branch: json, size: 41760 | |
|
2011-10-26
| ||
| 14:58 | Add configuration options under /Admin/Access to enable the automatic hyperlink enabling for nobody based on User-Agent. file: [39d40f6c75] check-in: [98cc520652] user: drh branch: trunk, size: 38220 | |
|
2011-10-17
| ||
| 16:08 | merged in trunk [fda7c2c63d] for side-by-side diffs. file: [ba9f3f5b40] check-in: [571f3aca5b] user: stephan branch: json, size: 41765 | |
|
2011-10-16
| ||
| 17:32 | Fix new and harmless compiler warnings that appeared with the upgrade to GCC 4.6.1. file: [fd196be246] check-in: [d8bbe4add6] user: drh branch: trunk, size: 38225 | |
| 12:56 | Merge latest changes from trunk file: [4a08f98e9d] check-in: [1349e5ed20] user: ashish branch: ashish-ipv6, size: 39639 | |
| 12:53 | Add initial IPv6 support code file: [23fa22eea9] check-in: [92c59f1202] user: ashish branch: ashish-ipv6, size: 39724 | |
| 10:04 | merged/resolved trunk [ee723ed98ddb0a]. file: [8476816cb2] check-in: [a40ac8fdc4] user: stephan branch: json, size: 41771 | |
|
2011-10-15
| ||
| 12:30 | Fix clang static analyzer warnings about deref null pointers and undefined values. There are still lots of dead code warnings, but those are harmless. file: [8d47b4ec4f] check-in: [630691456b] user: drh branch: trunk, size: 38231 | |
| 12:16 | Mark functions that never return (ex: fossil_panic()) as such so that static analyzers can do a better job of pruning paths. file: [c3205384cf] check-in: [86d2b4efc8] user: drh branch: trunk, size: 38204 | |
|
2011-10-13
| ||
| 23:47 | Provide an option to enable the /test_env URL for all users. Optionally display cookie values in the /test_env URL. file: [ddc04ceef8] check-in: [4d32db8ef8] user: drh branch: trunk, size: 38168 | |
|
2011-10-09
| ||
| 12:58 | factored out an extraneous parameter to json_gc_add(). file: [5e5beae516] check-in: [7a83a5cbd0] user: stephan branch: json, size: 41856 | |
|
2011-10-04
| ||
| 23:40 | merged and conflict-resolved trunk [c0274f996266aef]. file: [6287cd05c9] check-in: [4fbf77d4f3] user: stephan branch: json, size: 41859 | |
|
2011-10-03
| ||
| 16:34 |
Disabling Cache-control: no-store, as it made firefox forget about form field
contents on back/forward in history.
Resolution achieved by a minimal consensus at this thread on the mailing list. file: [77ff25246d] check-in: [3fac77d7b0] user: viriketo branch: trunk, size: 38316 | |
|
2011-10-02
| ||
| 12:31 | initial code for reading POST data from a file/stdin in CLI mode. file: [44cd0363c7] check-in: [8145cdbf3b] user: stephan branch: json, size: 41869 | |
|
2011-09-20
| ||
| 16:45 | more minor internal cleanups. s/g.isCGI/g.isHTTP/ to avoid confusion later on. file: [3936aa7b6a] check-in: [9adc95c476] user: stephan branch: json, size: 41691 | |
|
2011-09-18
| ||
| 05:45 | More cleanups to the cson_cgi removal refactoring. Added common "indent" parameter to control indentation of JSON (uses cson_output_opt.indentation semantics). file: [bddbe9ea13] check-in: [b3653265d1] user: stephan branch: json, size: 41689 | |
| 04:31 | Factored out cson_cgi bits - now using fossil's CGI bits. Removed cson_cgi from cson_amalgamation (cuts its size considerably). Seems to still work, and this removes some discrepancies in how CGI/server modes are handled. file: [f82059d738] check-in: [4cf9681440] user: stephan branch: json, size: 41175 | |
|
2011-09-17
| ||
| 16:01 | More cleaning up of error lower-level handling to output JSON instead of HTML in a few more cases. file: [345752f000] check-in: [9b842564f7] user: stephan branch: json, size: 38743 | |
|
2011-09-16
| ||
| 17:26 | Consolidated server/cgi/cli path/arg handling (will break when add --options to CLI mode). file: [5e56aa9998] check-in: [c5fbcced80] user: stephan branch: json, size: 38495 | |
|
2011-09-15
| ||
| 12:03 | initial mass-change merge of main repo with my fork. file: [a133e1ba39] check-in: [5b44a419cd] user: stephan branch: json, size: 38496 | |
|
2011-08-23
| ||
| 15:45 | Fix several harmless compiler warnings. file: [9c277b99f3] check-in: [553159aa0d] user: drh branch: trunk, size: 38326 | |
|
2011-08-10
| ||
| 15:54 | Change X-Frame-Options to SAMEORIGIN to give reasonable click-jacking protection without blocking some client side scripting currently in use by some fossil users. file: [4d963f5187] check-in: [b968f023a8] user: ben branch: trunk, size: 38112 | |
|
2011-07-12
| ||
| 20:27 | Be sure to flush g.httpOut at the end of cgi_reply(). file: [6c9195e4cf] check-in: [2cd0c7657f] user: drh branch: trunk, size: 38106 | |
|
2011-07-10
| ||
| 12:05 | Don't show the cookie values on the test_env page, unless the fossil executable was built with FOSSIL_DEBUG. file: [eb8f512350] check-in: [35ecc92b69] user: ben branch: trunk, size: 38085 | |
|
2011-05-28
| ||
| 17:56 | Merge the latest changes from the ben-security branch into trunk. file: [193a80ed15] check-in: [6d35cde78d] user: drh branch: trunk, size: 37724 | |
| 16:23 | Add the X-Frame-Options: DENY header to HTTP responses, and a comment lamenting that two other helpful security headers can't really be used without breaking things. file: [fa236fa6de] check-in: [95f04bbfbf] user: ben branch: ben-security, size: 37577 | |
|
2011-05-27
| ||
| 12:03 | Do not use strcmp() for comparison since the sort order can vary by locale. Use fossil_strcmp() instead. Ticket [3f0216560679fd41]. file: [ac263b9981] check-in: [32ad9a1584] user: drh branch: trunk, size: 36930 | |
|
2011-05-22
| ||
| 15:08 | Follow web app best practise by marking cookies as HttpOnly and, if it's over an https connection, as 'secure' so they will only be transmitted over https. Options supported by major browsers, and harmless where not supported. file: [8f75bbe4e4] check-in: [e4b57a3230] user: ben branch: ben-security, size: 36783 | |
|
2011-04-27
| ||
| 18:21 | Attempt to get Fossil working on windows systems that do not use UTF8 in the shell. file: [e48f640267] check-in: [e805fa8db9] user: drh branch: windows-i18n, size: 36627 | |
|
2011-04-18
| ||
| 12:29 | Add the PT() and PDT() macros for extracting query parameters with leading and trailing whitespace removed. Use those macros to in the check-in edit page. Do not create branches or tags with empty names. Ticket [e613f452fada00]. file: [244e157a94] check-in: [655e78209b] user: drh branch: trunk, size: 36619 | |
|
2011-03-23
| ||
| 19:08 | Enhancements to the redirector so that it accepts the redirect value as the $PATH_INFO and so that it can redirect to a relative URL. file: [db727b1ff1] check-in: [122a31ddfc] user: drh branch: trunk, size: 36197 | |
|
2011-03-22
| ||
| 18:47 | Always redirect to a fully qualified URL. Give the setup user an opportunity to redirecct from test_env for testing purposes. file: [9573c63269] check-in: [63958fc5a7] user: drh branch: trunk, size: 36069 | |
|
2011-01-26
| ||
| 20:38 | Add the fossil_strdup() utility function and use it instead of strdup(). file: [2aea3df0eb] check-in: [42f6e8bed7] user: drh branch: trunk, size: 36065 | |
|
2011-01-01
| ||
| 03:06 | Updates to header-comment documentation for the mkindex utility program. Fix a compiler warning on windows builds. file: [cea43b3cb6] check-in: [79b7902cdd] user: drh branch: trunk, size: 36044 | |
|
2010-12-16
| ||
| 14:46 | Use relative URLs for hyperlinks whereever possible, so that Fossil can work better behind a reverse proxy. file: [42c009d5cb] check-in: [daeb10f65f] user: drh branch: trunk, size: 36012 | |
|
2010-12-09
| ||
| 13:56 | Use the built-in SQLite caseless string comparison functions instead of the C-library strcasecmp(). Accept mime-type application/x-fossil-uncompressed and avoid decompression when seen. file: [4a905a9b55] check-in: [0b6c414c6f] user: drh branch: trunk, size: 36016 | |
|
2010-10-15
| ||
| 17:13 | Replace all malloc() calls with fossil_malloc(). The fossil_malloc() routine panics rather than return a NULL pointer. file: [fe2268ca6b] check-in: [8f41b2fa75] user: drh branch: trunk, size: 35882 | |
|
2010-10-14
| ||
| 19:23 | Additional compiler warning fixes. file: [7d58a45b17] check-in: [c345445cad] user: drh branch: trunk, size: 35939 | |
| 19:14 | Remove all use of ctypes.h in order to avoid compiler warnings and other problems associated with changing locales. file: [5e90e0c65c] check-in: [2fac809165] user: drh branch: trunk, size: 35997 | |
|
2010-09-26
| ||
| 16:33 | added build environment for PellesC file: [2556822f50] check-in: [c343cd9873] user: wolfgang branch: wolfgangFormat2CSS_2, size: 35882 | |
|
2010-08-28
| ||
| 06:59 |
This is the first check-in on the windowscompilers branch and it adds the Digital Mars C compiler The user should have dmc installed in c:\DM with zlib in c:\DM\extra\lib and c:\DM\extra\include. typing c:\DM\bin\make -f win\Makefile.dmc builds fossil.exe in dmcobj The following files were edited or added:file: [8f9481e214] check-in: [f66f414fd3] user: renez branch: windowscompilers, size: 35834 | |
|
2010-08-26
| ||
| 12:10 | Remove dead code from cgi.c. Attempt better error handling. file: [2f90227c18] check-in: [79294bb81b] user: drh branch: experimental, size: 35852 | |
| 02:32 | A rework of the SSH sync method that does not use TCP port forwarding. It works in some cases but not other. The failure is probably do to I/O buffering issues. Need further work. file: [a2c988ec7b] check-in: [192ceef3ca] user: drh branch: experimental, size: 39794 | |
|
2010-08-25
| ||
| 19:55 | Change the "ui" and "sshd" commands so that they bind to INADDR_LOOPBACK rather than INADDR_ANY. Disable the "quit" monitoring on "ui" and "server". Add better error messages explaining that ssh:// is not yet supported on windows. file: [7a3f268210] check-in: [2f8e4c4b38] user: drh branch: experimental, size: 40776 | |
| 17:00 | The ssh:// sync method appears to work now, for linux-to-linux... file: [bdd8b161e2] check-in: [66cdaee68e] user: drh branch: experimental, size: 40294 | |
| 16:03 | Continuing work on the ssh:// sync protocol. file: [3278063607] check-in: [958f596637] user: drh branch: experimental, size: 40279 | |
| 14:03 | Initial code to implement synchronization via ssh. file: [6a8ffaefbb] check-in: [b19f25fe87] user: drh branch: experimental, size: 39977 | |
|
2010-08-15
| ||
| 19:34 | Recognize the HTTPS line in the HTTP header. Ticket [d83227cdda3d786d3743b2] file: [e39a4ebbec] check-in: [3dc62d54d0] user: drh branch: trunk, size: 39425 | |
|
2010-07-08
| ||
| 17:53 | Take care to close the connection to the database file before existing. This gives the database a chance to clean up (and, for example, delete WAL and shared-memory files). file: [ab5720fa8e] check-in: [932825bc6a] user: drh branch: trunk, size: 39344 | |
|
2010-05-16
| ||
| 19:08 | Change from GPL to the Simplified BSD License. file: [0d187ce45f] check-in: [c06edd231f] user: drh branch: clear-title, size: 39288 | |
|
2010-02-08
| ||
| 18:16 | Merge recent changes into the dual-license branch. file: [98dcd67a61] check-in: [14c19fbc1c] user: drh branch: clear-title, size: 39564 | |
|
2010-02-01
| ||
| 15:07 | Make the new multi-repository fossil server feature work with the "clone" command. file: [21f61994d3] check-in: [a918bdf56b] user: drh branch: trunk, size: 39735 | |
|
2010-01-24
| ||
| 22:34 | Pull in the latest changes from trunk. file: [854ef2e502] check-in: [1942d581bb] user: drh branch: clear-title, size: 39978 | |
|
2010-01-23
| ||
| 21:48 | Cause browsers to cache the logo and style sheet. file: [92cf6ba3cc] check-in: [08c0a9ff0c] user: drh branch: trunk, size: 40149 | |
|
2010-01-19
| ||
| 18:11 | Start a new branch that strives to contain only code for which we hold clear title. file: [6b1a464fb2] check-in: [ab0a0d7640] user: drh branch: clear-title, size: 39967 | |
|
2010-01-09
| ||
| 22:03 | Store passwords in USER.PW as either cleartext (as is done in legacy) or as the SHA1 hash of the password. When changing a password or adding a new user, always use the SHA1 hash password. file: [2bc2c40803] check-in: [cfe33dcf92] user: drh branch: experimental, size: 40138 | |
|
2009-09-09
| ||
| 16:14 | Update to the latest version of SQLite. Make use of the new sqlite3_strnicmp() interface. file: [0a66f5aa4a] check-in: [fac950a173] user: drh branch: trunk, size: 40038 | |
|
2009-08-29
| ||
| 17:01 | Patches to get Fossil working on OS/2. Ticket [89bec0d9aa9f30] file: [00c26fc349] check-in: [df97fae2bd] user: drh branch: trunk, size: 40133 | |
|
2009-08-13
| ||
| 14:27 | Disconnect the global configuration database in ~/.fossil from the respository database in most cases. This allows multiple "sync" or "commit" operations to be running on different repositories at the same time. file: [8b6978d8ea] check-in: [00ac7945a9] user: drh branch: trunk, size: 40085 | |
|
2009-06-20
| ||
| 13:06 | Fix a bug that prevented the IP address of website users from being recorded in the administator logs. file: [1b01c427a4] check-in: [266b6127f6] user: drh branch: trunk, size: 40078 | |
|
2009-03-31
| ||
| 17:33 | Add cache-control: no-cache to the server reply header. Ticket [b465b3bc2ceef4446b2ae770242ed0968e4dbc68] file: [8c16621a50] check-in: [c3a30a6b80] user: drh branch: trunk, size: 40013 | |
|
2009-03-29
| ||
| 22:24 | Use "no-store" in place of "private" as the cache-control mode. Ticket [b465b3bc2ceef4446b2ae770242ed0968e4dbc68]. file: [0db8ef4202] check-in: [5ffc720194] user: drh branch: trunk, size: 40003 | |
|
2009-02-01
| ||
| 12:23 | Always report the content-type charset as utf-8. Ticket [cc6557cfc5763fa80bb04eecea7f713b0751efc4] file: [4896124194] check-in: [daacc139a5] user: drh branch: trunk, size: 40002 | |
|
2009-01-24
| ||
| 10:44 | Fix some compiler warnings. file: [ebad09218e] check-in: [cd965de682] user: drh branch: trunk, size: 40141 | |
|
2008-11-20
| ||
| 00:35 | Here is a better fix for ticket [c62fac40af] suggested by Kees Nuyt. file: [9bee6fb4ef] check-in: [22cb1e1be2] user: drh branch: trunk, size: 40141 | |
|
2008-11-19
| ||
| 23:33 | Make sure the socket of the "ui" and "server" commands is bound to the specified port when the -P or --port option is used. Ticket [7ef970e4a2] file: [ab524199ae] check-in: [53db94cd41] user: drh branch: trunk, size: 40786 | |
|
2008-11-18
| ||
| 02:21 | Omit the Content-Length header line from the CGI response under windows because subsequent \n to \r\n translations by Apache will change the content length. But keep the Content-Length header line for the built-in servers and under unix. Ticket [c62fac40af0]. file: [e524bac009] check-in: [f6a071cef1] user: drh branch: trunk, size: 40773 | |
|
2008-11-10
| ||
| 01:13 | The "ui" and "server" commands no longer quit if they cannot open TCP port 8080. They keep trying with consecutive ports until they find one that works - up to 100 ports. file: [40d3404d8c] check-in: [d8ceb4ad47] user: drh branch: trunk, size: 40128 | |
|
2008-10-06
| ||
| 11:33 | Fix a few C99-isms in the code so that the code will build on older C compilers. file: [ec3c5c4267] check-in: [3d62a9fb39] user: drh branch: trunk, size: 39590 | |
|
2008-09-11
| ||
| 17:12 |
Fix a memory double-free'd problem.
In function cgi_set_cookie the zDate was allocated via usage of cgi_rfc822_datestamp. But as it was appended to the blob extraHeader via the format specifier %z the memory was free'd by blob_appendf. As cgi_rfc822_datestamp might return both a dynamic allocated empty string as well as a dynamic allocated string containing the time stamp, blob_appendf should not try to free the zDate. So now the format specifier is changed to %s to let us decide, if we want to free the memory or not. file: [48957219a2] check-in: [aeeba751c4] user: cle branch: trunk, size: 39581 | |
|
2008-08-17
| ||
| 20:53 | Merge old tagview branch into this branch file: [cf67a58e94] check-in: [070e63db33] user: eric branch: trunk, size: 39581 | |
|
2008-06-08
| ||
| 15:45 | Better error messages when trying to run "fossil ui" with an invalid or unaccessible repository. file: [5d10f16d56] check-in: [dcc48662f8] user: drh branch: trunk, size: 39315 | |
|
2008-05-29
| ||
| 14:38 | Add a missing semicolon to the previous checkin. file: [51ee933035] check-in: [5b61ad3a4c] user: drh branch: trunk, size: 39386 | |
| 14:37 | When redirecting to /xfer, make sure the PATH_INFO actually exists. Update the cgi_replace_parameter() routine to make sure the parameter being replaced already exists. file: [9a68d3734f] check-in: [e5b7292620] user: drh branch: trunk, size: 39385 | |
| 14:00 | Always redirect incoming HTTP requests to the /xfer method when the content-type is application/x-fossil. file: [7e3878f313] check-in: [16ec6e558b] user: drh branch: trunk, size: 39329 | |
|
2008-05-17
| ||
| 18:19 | Add the "ui" command to automatically launch a web browser after starting the HTTP server. The web browser choice can be configured using the "setting" command. file: [98e61aaa4c] check-in: [dfb68976be] user: drh branch: trunk, size: 38915 | |
| 17:43 | Get the "server" command running under windows. file: [db2f7cb7a9] check-in: [e2e016c31f] user: drh branch: trunk, size: 38855 | |
|
2008-05-14
| ||
| 12:21 | Return a proper error message if the first line of an HTTP requested handed to the "http" command is blank. file: [52f3e41396] check-in: [0a14f18111] user: drh branch: trunk, size: 38754 | |
|
2008-02-16
| ||
| 18:49 | Fixed memleaks of date-related header strings. file: [0e9e18ccfe] check-in: [88948d582a] user: stephan branch: trunk, size: 38943 | |
|
2008-02-03
| ||
| 16:35 | got rid of '... might be used initialized' warnings file: [651d100b98] check-in: [649dd8a6af] user: stephan branch: trunk, size: 38737 | |
|
2007-12-04
| ||
| 13:05 | Generate CGI replies as separate header and body so that the header can be extended during the construction of the body. file: [a795dc49f1] check-in: [6af8fdc230] user: drh branch: trunk, size: 38733 | |
|
2007-11-24
| ||
| 19:33 | Progress toward getting ticketing working. We can enter a new ticket and display it. Cannot yet edit a ticket. file: [1c05503871] check-in: [fb358ca492] user: drh branch: trunk, size: 37281 | |
|
2007-11-22
| ||
| 22:55 | Add the %w and %W formatting options for internal printf usage. Use these formatting characters to render wiki. Fix additional problems of unterminated wiki on webpage rendering by using %w. (There are probably more problems yet to be discovered and fixed.) file: [144475b0ed] check-in: [2859293737] user: drh branch: trunk, size: 37034 | |
|
2007-11-21
| ||
| 12:21 | Attach login cookies to the root path of the server, so that multiple servers can coexist on the same site. file: [470b9d6c4c] check-in: [68a202e101] user: drh branch: trunk, size: 37294 | |
| 03:01 | Render the header of every page using subscript. Add a setup page that for editing that subscript. file: [fb85a3385b] check-in: [555911dff5] user: drh branch: trunk, size: 37291 | |
|
2007-10-23
| ||
| 18:04 | Untested, experimental patch for correct redirect to the /index page when only the CGI script name is specified. file: [36809061c4] check-in: [f66089ec43] user: drh branch: trunk, size: 37046 | |
|
2007-10-12
| ||
| 22:56 | The g.zExtra parameter is now always available as P("name"). This means the /wiki/xyz and /wiki?name=xyz are equivalent URLs. file: [fa39badf00] check-in: [677aa71bca] user: drh branch: trunk, size: 37033 | |
|
2007-10-04
| ||
| 17:37 | Changes to cgi.c in check-in [e63a9fd9d0] broke the windows build because of undefined socklen_t. Added the appropriate include file file: [3772dc1166] check-in: [e7cf189265] user: mjanssen branch: trunk, size: 36900 | |
|
2007-09-25
| ||
| 21:21 | Fixed many uninitialized variable warnings and some potential bug found via -Wall -Werror on gcc. file: [5b9875dd08] check-in: [e63a9fd9d0] user: jnc branch: trunk, size: 36866 | |
|
2007-09-22
| ||
| 18:34 | Socket operations now functional in Win32 port. Added quotes around the filename portion of the command to edit thus working of windows in paths where the temp directory contains spaces. Added -all flag to clean command. If not specified each file is prompted for before removing. file: [57f4d7daa3] check-in: [8372cc0b81] user: jnc branch: trunk, size: 36841 | |
|
2007-09-21
| ||
| 21:53 | Win32 port: compiles, all tests pass but many functions fail due to path separators. Incomplete. Path fixes to come next file: [1e442c1fca] check-in: [83c876b447] user: jnc branch: trunk, size: 36841 | |
|
2007-08-03
| ||
| 23:04 | Changes to the way new repositories are created. Also make the CGI output blob available to all modules through a function call. file: [f25a72aeb6] check-in: [a48936e834] user: drh branch: trunk, size: 36467 | |
|
2007-08-01
| ||
| 13:32 | From the vinfo webpage, provide a hyperlink to download a ZIP archive the version. file: [90e1185c4a] check-in: [6dab6149b1] user: drh branch: trunk, size: 36363 | |
| 09:04 | Populate the ipaddr column of the rcvfrom table when a file is received from a remote source (push/pull/sync). file: [0b7697e1bf] check-in: [36edf3fd5c] user: dan branch: trunk, size: 36183 | |
|
2007-07-21
| ||
| 14:10 | Added: Initial check-in of m1 sources. file: [1776db11b6] check-in: [dbda8d6ce9] user: drh branch: trunk, size: 35902 | |