Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Change the name of the /test_env page to /test-env for consistency. The old name is retained as an alias for backwards compatibility. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
caf286d7480727d3341aceeb0c4a2f7b |
| User & Date: | drh 2025-03-29 15:10:56.477 |
Context
|
2025-03-29
| ||
| 16:00 | Initialize the $title and $login variable for TH1 used during header/footer generation to a similar string that has characters that are special to HTML escaped to similar-looking unicode characters. This is an defense against XSS attacks that might otherwise result due to errors in a custom skin where the $title variable is misused. ... (check-in: 5ea6e15bf1 user: drh tags: trunk) | |
| 15:10 | Change the name of the /test_env page to /test-env for consistency. The old name is retained as an alias for backwards compatibility. ... (check-in: caf286d748 user: drh tags: trunk) | |
| 10:55 | Add comments with usage hints to the tools/find-fossil-cgis.tcl script. ... (check-in: e8f3f411a5 user: drh tags: trunk) | |
Changes
Changes to src/setup.c.
| ︙ | ︙ | |||
460 461 462 463 464 465 466 |
@ </blockquote>
@ <p>For maximum robot defense, "Delay" should be at least 50 milliseconds
@ and "require a mouse event" should be turned on. These values only come
@ into play when the main auto-hyperlink settings is 2 ("UserAgent and
@ Javascript").</p>
@
@ <p>To see if Javascript-base hyperlink enabling mechanism is working,
| | | 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 |
@ </blockquote>
@ <p>For maximum robot defense, "Delay" should be at least 50 milliseconds
@ and "require a mouse event" should be turned on. These values only come
@ into play when the main auto-hyperlink settings is 2 ("UserAgent and
@ Javascript").</p>
@
@ <p>To see if Javascript-base hyperlink enabling mechanism is working,
@ visit the <a href="%R/test-env">/test-env</a> page (from a separate
@ web browser that is not logged in, even as "anonymous") and verify
@ that the "g.jsHref" value is "1".</p>
@ <p>(Properties: "auto-hyperlink", "auto-hyperlink-delay", and
@ "auto-hyperlink-mouseover"")</p>
}
/*
|
| ︙ | ︙ | |||
602 603 604 605 606 607 608 | @ without the "--localauth" option. @ <li> The server is started from CGI without the "localauth" keyword @ in the CGI script. @ </ol> @ (Property: "localauth") @ @ <hr> | | | 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 |
@ without the "--localauth" option.
@ <li> The server is started from CGI without the "localauth" keyword
@ in the CGI script.
@ </ol>
@ (Property: "localauth")
@
@ <hr>
onoff_attribute("Enable /test-env",
"test_env_enable", "test_env_enable", 0, 0);
@ <p>When enabled, the %h(g.zBaseURL)/test_env URL is available to all
@ users. When disabled (the default) only users Admin and Setup can visit
@ the /test_env page.
@ (Property: "test_env_enable")
@ </p>
@
|
| ︙ | ︙ |
Changes to src/sitemap.c.
| ︙ | ︙ | |||
283 284 285 286 287 288 289 |
}
if( !isPopup ){
style_header("Test Page Map");
style_adunit_config(ADUNIT_RIGHT_OK);
}
@ <ul id="sitemap" class="columns" style="column-width:20em">
if( g.perm.Admin || db_get_boolean("test_env_enable",0) ){
| | | 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 |
}
if( !isPopup ){
style_header("Test Page Map");
style_adunit_config(ADUNIT_RIGHT_OK);
}
@ <ul id="sitemap" class="columns" style="column-width:20em">
if( g.perm.Admin || db_get_boolean("test_env_enable",0) ){
@ <li>%z(href("%R/test-env"))CGI Environment Test</a></li>
}
if( g.perm.Read ){
@ <li>%z(href("%R/test-rename-list"))List of file renames</a></li>
}
@ <li>%z(href("%R/test-builtin-files"))List of built-in files</a></li>
@ <li>%z(href("%R/mimetype_list"))List of MIME types</a></li>
@ <li>%z(href("%R/hash-color-test"))Hash color test</a>
|
| ︙ | ︙ |
Changes to src/stat.c.
| ︙ | ︙ | |||
164 165 166 167 168 169 170 |
style_submenu_element("Activity Reports", "reports");
style_submenu_element("Hash Collisions", "hash-collisions");
style_submenu_element("Artifacts", "bloblist");
if( sqlite3_compileoption_used("ENABLE_DBSTAT_VTAB") ){
style_submenu_element("Table Sizes", "repo-tabsize");
}
if( g.perm.Admin || g.perm.Setup || db_get_boolean("test_env_enable",0) ){
| | | 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 |
style_submenu_element("Activity Reports", "reports");
style_submenu_element("Hash Collisions", "hash-collisions");
style_submenu_element("Artifacts", "bloblist");
if( sqlite3_compileoption_used("ENABLE_DBSTAT_VTAB") ){
style_submenu_element("Table Sizes", "repo-tabsize");
}
if( g.perm.Admin || g.perm.Setup || db_get_boolean("test_env_enable",0) ){
style_submenu_element("Environment", "test-env");
}
@ <table class="label-value">
fsize = file_size(g.zRepositoryName, ExtFILE);
@ <tr><th>Repository Size:</th><td>%,lld(fsize) bytes</td>
@ </td></tr>
if( !brief ){
@ <tr><th>Number Of Artifacts:</th><td>
|
| ︙ | ︙ |
Changes to src/style.c.
| ︙ | ︙ | |||
1373 1374 1375 1376 1377 1378 1379 | @ Title: <input type="text" size="50" name="title" value="%h(zTitle)"> @ <input type="submit" value="Submit"> @ </form> style_finish_page(); } /* | > | | 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 1387 1388 |
@ Title: <input type="text" size="50" name="title" value="%h(zTitle)">
@ <input type="submit" value="Submit">
@ </form>
style_finish_page();
}
/*
** WEBPAGE: test-env
** WEBPAGE: test_env alias
**
** Display CGI-variables and other aspects of the run-time
** environment, for debugging and trouble-shooting purposes.
*/
void page_test_env(void){
webpage_error("");
}
|
| ︙ | ︙ | |||
1436 1437 1438 1439 1440 1441 1442 | ** query parameters can jump to this routine to render an error ** message screen. ** ** For administators, or if the test_env_enable setting is true, then ** details of the request environment are displayed. Otherwise, just ** the error message is shown. ** | | | 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 |
** query parameters can jump to this routine to render an error
** message screen.
**
** For administators, or if the test_env_enable setting is true, then
** details of the request environment are displayed. Otherwise, just
** the error message is shown.
**
** If zFormat is an empty string, then this is the /test-env page.
*/
void webpage_error(const char *zFormat, ...){
int showAll = 0;
char *zErr = 0;
int isAuth = 0;
char zCap[100];
|
| ︙ | ︙ | |||
1536 1537 1538 1539 1540 1541 1542 |
blob_zero(&t);
}
}
@ <hr>
P("HTTP_USER_AGENT");
P("SERVER_SOFTWARE");
cgi_print_all(showAll, 0, 0);
| | | 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 |
blob_zero(&t);
}
}
@ <hr>
P("HTTP_USER_AGENT");
P("SERVER_SOFTWARE");
cgi_print_all(showAll, 0, 0);
@ <p><form method="POST" action="%R/test-env">
@ <input type="hidden" name="showall" value="%d(showAll)">
@ <input type="submit" name="post-test-button" value="POST Test">
@ </form>
if( showAll && blob_size(&g.httpHeader)>0 ){
@ <hr>
@ <pre>
@ %h(blob_str(&g.httpHeader))
|
| ︙ | ︙ |