Fossil

Check-in [4ba37b1c14]
Login

Check-in [4ba37b1c14]

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Fix the /chat-send page so that it works even with the recent same-origin security enhancements.
Downloads: Tarball | ZIP archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA3-256: 4ba37b1c1437376741a45c47594ce7510a42555bc9c5bcbbc8677a97065fe5af
User & Date: drh 2023-01-06 12:59:11.504
Context
2023-01-06
13:04
Fix a bug in the 'commit' command that made it ignore the 'forbid-delta-manifests' setting. ... (check-in: ead01b6f27 user: danield tags: trunk)
12:59
Fix the /chat-send page so that it works even with the recent same-origin security enhancements. ... (check-in: 4ba37b1c14 user: drh tags: trunk)
08:34
update related work page: Add Inskinerator as per [forum:634b880146abf68f|forum post] from wyoung@, the Makeheaders tool, and the new Sapling version control system. ... (check-in: be6d71dd64 user: mark tags: trunk)
Changes
Unified Diff Ignore Whitespace Patch
Changes to src/chat.c. 
391
392
393
394
395
396
397

398
399
400
401
402
403
404

    return;
  }
  chat_create_tables();
  zUserName = (g.zLogin && g.zLogin[0]) ? g.zLogin : "nobody";
  nByte = atoi(PD("file:bytes","0"));
  zMsg = PD("msg","");
  db_begin_write();

  chat_purge();
  if( nByte==0 ){
    if( zMsg[0] ){
      db_multi_exec(
        "INSERT INTO chat(mtime,lmtime,xfrom,xmsg)"
        "VALUES(julianday('now'),%Q,%Q,%Q)",
        P("lmtime"), zUserName, zMsg








>








391
392
393
394
395
396
397
398
399
400
401
402
403
404
405

    return;
  }
  chat_create_tables();
  zUserName = (g.zLogin && g.zLogin[0]) ? g.zLogin : "nobody";
  nByte = atoi(PD("file:bytes","0"));
  zMsg = PD("msg","");
  db_begin_write();
  db_unprotect(PROTECT_READONLY);
  chat_purge();
  if( nByte==0 ){
    if( zMsg[0] ){
      db_multi_exec(
        "INSERT INTO chat(mtime,lmtime,xfrom,xmsg)"
        "VALUES(julianday('now'),%Q,%Q,%Q)",
        P("lmtime"), zUserName, zMsg

414
415
416
417
418
419
420

421
422
423
424
425
426
427

        PD("file:mimetype","application/octet-stream"));
    blob_init(&b, P("file"), nByte);
    db_bind_blob(&q, ":file", &b);
    db_step(&q);
    db_finalize(&q);
    blob_reset(&b);
  }

  db_commit_transaction();
}

/*
** This routine receives raw (user-entered) message text and
** transforms it into HTML that is safe to insert using innerHTML. As
** of 2021-09-19, it does so by using wiki_convert() or








>








415
416
417
418
419
420
421
422
423
424
425
426
427
428
429

        PD("file:mimetype","application/octet-stream"));
    blob_init(&b, P("file"), nByte);
    db_bind_blob(&q, ":file", &b);
    db_step(&q);
    db_finalize(&q);
    blob_reset(&b);
  }
  db_protect_pop();
  db_commit_transaction();
}

/*
** This routine receives raw (user-entered) message text and
** transforms it into HTML that is safe to insert using innerHTML. As
** of 2021-09-19, it does so by using wiki_convert() or