Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | New spider-control logic: Optionally delay enabling hyperlinks or requiring mouse movement before enabling hyperlinks, controlled by the Setup/Access screen and the auto-hyperlink-delay and auto-hyperlink-mouseover settings. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
96f3e8392275dc2dad5092e0e8b423d1 |
| User & Date: | drh 2013-04-09 13:26:31.975 |
Context
|
2013-04-09
| ||
| 13:30 | Change the default auto-hyperlink-delay from 0 to 10 milliseconds. ... (check-in: ddd1659677 user: drh tags: trunk) | |
| 13:26 | New spider-control logic: Optionally delay enabling hyperlinks or requiring mouse movement before enabling hyperlinks, controlled by the Setup/Access screen and the auto-hyperlink-delay and auto-hyperlink-mouseover settings. ... (check-in: 96f3e83922 user: drh tags: trunk) | |
|
2013-04-08
| ||
| 16:37 | Add --localhost option to "fossil server" ... (check-in: e501d7d0a6 user: joel tags: trunk) | |
Changes
Changes to src/login.c.
| ︙ | ︙ | |||
909 910 911 912 913 914 915 916 917 |
if( fossil_strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
/* Set the capabilities */
login_replace_capabilities(zCap, 0);
login_set_anon_nobody_capabilities();
if( zCap[0] && !g.perm.Hyperlink
&& db_get_boolean("auto-hyperlink",1)
| > > > > > > > | > | 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 |
if( fossil_strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
/* Set the capabilities */
login_replace_capabilities(zCap, 0);
login_set_anon_nobody_capabilities();
/* The auto-hyperlink setting allows hyperlinks to be displayed for users
** who do not have the "h" permission as long as their UserAgent string
** makes it appear that they are human. Check to see if auto-hyperlink is
** enabled for this repository and make appropriate adjustments to the
** permission flags if it is.
*/
if( zCap[0] && !g.perm.Hyperlink
&& db_get_boolean("auto-hyperlink",1)
&& isHuman(P("HTTP_USER_AGENT"))
){
g.perm.Hyperlink = 1;
g.javascriptHyperlink = 1;
}
/* If the public-pages glob pattern is defined and REQUEST_URI matches
** one of the globs in public-pages, then also add in all default-perms
** permissions.
|
| ︙ | ︙ |
Changes to src/setup.c.
| ︙ | ︙ | |||
933 934 935 936 937 938 939 |
"Enable hyperlinks for \"nobody\" based on User-Agent and Javascript",
"auto-hyperlink", "autohyperlink", 1);
@ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users
@ including user "nobody", as long as (1) the User-Agent string in the
@ HTTP header indicates that the request is coming from an actual human
@ being and not a a robot or spider and (2) the user agent is able to
@ run Javascript in order to set the href= attribute of hyperlinks. Bots
| | | | > > > > > > > > > > > > > | 933 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 964 965 966 967 968 |
"Enable hyperlinks for \"nobody\" based on User-Agent and Javascript",
"auto-hyperlink", "autohyperlink", 1);
@ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users
@ including user "nobody", as long as (1) the User-Agent string in the
@ HTTP header indicates that the request is coming from an actual human
@ being and not a a robot or spider and (2) the user agent is able to
@ run Javascript in order to set the href= attribute of hyperlinks. Bots
@ and spiders can forge a User-Agent string that makes them seem to be a
@ normal browser and they can run javascript just like browsers. But most
@ bots do not go to that much trouble so this is normally an effective defense.</p>
@
@ <p>You do not normally want a bot to walk your entire repository because
@ if it does, your server will end up computing diffs and annotations for
@ every historical version of every file and creating ZIPs and tarballs of
@ every historical check-in, which can use a lot of CPU and bandwidth
@ even for relatively small projects.</p>
@
@ <p>Additional parameters that control this behavior:</p>
@ <blockquote>
onoff_attribute("Require mouse movement before enabling hyperlinks",
"auto-hyperlink-mouseover", "ahmo", 0);
@ <br>
entry_attribute("Delay before enabling hyperlinks (milliseconds)", 5,
"auto-hyperlink-delay", "ah-delay", "0");
@ </blockquote>
@ <p>Hyperlinks for user "nobody" are normally enabled as soon as the page
@ finishes loading. But the first check-box below can be set to require mouse
@ movement before enabling the links. One can also set a delay prior to enabling
@ links by enter a positive number of milliseconds in the entry box above.</p>
@ <hr />
onoff_attribute("Require a CAPTCHA if not logged in",
"require-captcha", "reqcapt", 1);
@ <p>Require a CAPTCHA for edit operations (appending, creating, or
@ editing wiki or tickets or adding attachments to wiki or tickets)
@ for users who are not logged in.</p>
|
| ︙ | ︙ |
Changes to src/style.c.
| ︙ | ︙ | |||
158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 |
}
/*
** Generate javascript that will set the href= attribute on all anchors.
*/
void style_resolve_href(void){
int i;
if( !g.perm.Hyperlink ) return;
if( nHref==0 && nFormAction==0 ) return;
@ <script type="text/JavaScript">
@ /* <![CDATA[ */
if( g.javascriptHyperlink ){
for(i=0; i<nHref; i++){
@ gebi("a%d(i+1)").href="%s(aHref[i])";
}
}
for(i=0; i<nFormAction; i++){
@ gebi("form%d(i+1)").action="%s(aFormAction[i])";
}
@ /* ]]> */
@ </script>
}
/*
** Add a new element to the submenu
*/
| > > > > > > > > > > > > > | 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 |
}
/*
** Generate javascript that will set the href= attribute on all anchors.
*/
void style_resolve_href(void){
int i;
int nDelay = db_get_int("auto-hyperlink-delay",0);
if( !g.perm.Hyperlink ) return;
if( nHref==0 && nFormAction==0 ) return;
@ <script type="text/JavaScript">
@ /* <![CDATA[ */
@ function setAllHrefs(){
if( g.javascriptHyperlink ){
for(i=0; i<nHref; i++){
@ gebi("a%d(i+1)").href="%s(aHref[i])";
}
}
for(i=0; i<nFormAction; i++){
@ gebi("form%d(i+1)").action="%s(aFormAction[i])";
}
@ }
if( db_get_boolean("auto-hyperlink-mouseover",0) ){
/* Require mouse movement prior to activating hyperlinks */
@ document.getElementsByTagName("body")[0].onmousemove=function(){
@ setTimeout("setAllHrefs();",%d(nDelay));
@ this.onmousemove = null;
@ }
}else{
/* Active hyperlinks right away */
@ setTimeout("setAllHrefs();",%d(nDelay));
}
@ /* ]]> */
@ </script>
}
/*
** Add a new element to the submenu
*/
|
| ︙ | ︙ | |||
904 905 906 907 908 909 910 |
@ ** to the header and configure the java script file with
@ ** 1. use as bindClass :checkinUserColor
@ ** 2. change the default hash adding behaviour to ON
@ ** or change the class defition of element identified by id="clrcust"
@ ** to a standard jscolor definition with java script in the footer. */
},
{ "div.endContent",
| | | 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 |
@ ** to the header and configure the java script file with
@ ** 1. use as bindClass :checkinUserColor
@ ** 2. change the default hash adding behaviour to ON
@ ** or change the class defition of element identified by id="clrcust"
@ ** to a standard jscolor definition with java script in the footer. */
},
{ "div.endContent",
"format for end of content area, to be used to clear page flow.",
@ clear: both;
},
{ "p.generalError",
"format for general errors",
@ color: red;
},
{ "p.tktsetupError",
|
| ︙ | ︙ |