Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Additional restrictions on the names of files served by "fossil server DIRECTORY": (1) only alphanumerics, "_", "-", "/", and "." characters are allowed in the pathname. (2) A "-" may not occur after a "/". (3) Every "." must be surrounded on both sides alphanumerics. This check-in also updates the changelog for the 1.25 release. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
c71e096800109b95711c3586f8ebf380 |
| User & Date: | drh 2012-12-01 04:37:35.448 |
Context
|
2012-12-01
| ||
| 04:49 | Update the documentation on the "fossil http" and "fossil server" commands to talk about restrictions on filenames and to describe how static content files can be returned. ... (check-in: 99ab9fb47c user: drh tags: trunk) | |
| 04:37 | Additional restrictions on the names of files served by "fossil server DIRECTORY": (1) only alphanumerics, "_", "-", "/", and "." characters are allowed in the pathname. (2) A "-" may not occur after a "/". (3) Every "." must be surrounded on both sides alphanumerics. This check-in also updates the changelog for the 1.25 release. ... (check-in: c71e096800 user: drh tags: trunk) | |
| 04:10 | Additional webserver security: Do not allow the "fossil server" command to return any static content with an unrecognized suffix. ... (check-in: 4a5e972e2c user: drh tags: trunk) | |
Changes
Changes to src/main.c.
| ︙ | ︙ | |||
1280 1281 1282 1283 1284 1285 1286 |
i = zPathInfo[0]!=0;
while( 1 ){
while( zPathInfo[i] && zPathInfo[i]!='/' ){ i++; }
zRepo = zToFree = mprintf("%s%.*s.fossil",g.zRepositoryName,i,zPathInfo);
/* To avoid mischief, make sure the repository basename contains no
| | | > > > | | < > | > > > > > | < | > | 1280 1281 1282 1283 1284 1285 1286 1287 1288 1289 1290 1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 |
i = zPathInfo[0]!=0;
while( 1 ){
while( zPathInfo[i] && zPathInfo[i]!='/' ){ i++; }
zRepo = zToFree = mprintf("%s%.*s.fossil",g.zRepositoryName,i,zPathInfo);
/* To avoid mischief, make sure the repository basename contains no
** characters other than alphanumerics, "/", "_", "-", and ".", and
** that "-" never occurs immediately after a "/" and that "." is always
** surrounded by two alphanumerics. Any character that does not
** satisfy these constraints is converted into "_".
*/
szFile = 0;
for(j=strlen(g.zRepositoryName)+1, k=0; zRepo[j] && k<i-1; j++, k++){
char c = zRepo[j];
if( fossil_isalnum(c) ) continue;
if( c=='/' ) continue;
if( c=='_' ) continue;
if( c=='-' && zRepo[j-1]!='/' ) continue;
if( c=='.' && fossil_isalnum(zRepo[j-1]) && fossil_isalnum(zRepo[j+1])){
continue;
}
szFile = 1;
break;
}
if( szFile==0 ){
if( zRepo[0]=='/' && zRepo[1]=='/' ){ zRepo++; j--; }
szFile = file_size(zRepo);
}
if( szFile<0 ){
const char *zMimetype;
assert( fossil_strcmp(&zRepo[j], ".fossil")==0 );
zRepo[j] = 0;
if( zPathInfo[i]=='/' && file_isdir(zRepo)==1 ){
fossil_free(zToFree);
i++;
|
| ︙ | ︙ |
Changes to www/changes.wiki.
| ︙ | ︙ | |||
26 27 28 29 30 31 32 |
on embedded documentation.
* The check-in comment editor on windows now defaults to NotePad.exe.
* Correctly deal with BOMs in check-in comments. Also attempt to convert
check-in comments to UTF8 from other encodings.
* Allow the deletion of multiple stash entries using multiple arguments
to the "fossil stash rm" command.
* Enhance the "fossil server DIRECTORY" command to serve static content
| | > > > | 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 |
on embedded documentation.
* The check-in comment editor on windows now defaults to NotePad.exe.
* Correctly deal with BOMs in check-in comments. Also attempt to convert
check-in comments to UTF8 from other encodings.
* Allow the deletion of multiple stash entries using multiple arguments
to the "fossil stash rm" command.
* Enhance the "fossil server DIRECTORY" command to serve static content
files contained in DIRECTORY. For security, only files with a
recognized suffix (such as *.html, *.jpg, *.txt, etc) will be delivered
as static content, and *.fossil files are not on the list of recognized
suffixes. There are additional restrictions on the names of the files.
* Allow the "fossil ui" command to specify a directory as long as the
the --notfound option is used.
* Add a configuration option that causes timeline messages to be rendered
as text/x-fossil-plain (which is the same as text/plain except that
hyperlinks inside of <nowiki>[...]</nowiki> are decorated.)
* Only decorate <nowiki>[...]</nowiki> in check-in comments and tickets
if the contented text really is a valid hyperlink target.
|
| ︙ | ︙ | |||
66 67 68 69 70 71 72 |
a delta loop when a file changes from its original state, through two
or more intermediate states, and back to the original state, all within
a single sync.
* Show much less output during a sync operation, unless the --verbose
option is used.
* Set the action= attribute of <form> elements using javascript,
as an addition defense against spam-bots.
| | | | 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 |
a delta loop when a file changes from its original state, through two
or more intermediate states, and back to the original state, all within
a single sync.
* Show much less output during a sync operation, unless the --verbose
option is used.
* Set the action= attribute of <form> elements using javascript,
as an addition defense against spam-bots.
* Disallow invalid UTF8 characters (such as characters in the surrogate
pair range) in filenames.
* Judge the UserAgent strings issued by the NetSurf webbrowser to be
coming from a human, not from a bot.
* Add the zlib sources to the Fossil source tree (under compat/zlib) and
use those sources when compiling on (windows) systems that do not have
a zlib library installed by default.
* Prompt the user with the option to convert non-UTF8 files into UTF8
when committing.
|
| ︙ | ︙ |