Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | New g.isHuman global variable is set if we believe an HTTP request is coming a real human being, rather than a spider or bot. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
e065d5b7f193b8804f24cbbd53aefb24 |
| User & Date: | drh 2013-08-12 12:37:14.874 |
Context
|
2013-08-12
| ||
| 12:50 | Javascript-enabled hyperlinks now initially point to a honeypot, rather than to nothing. ... (check-in: 2d14b6c4dc user: drh tags: trunk) | |
| 12:37 | New g.isHuman global variable is set if we believe an HTTP request is coming a real human being, rather than a spider or bot. ... (check-in: e065d5b7f1 user: drh tags: trunk) | |
|
2013-08-11
| ||
| 16:17 | Changed status of J card from (R?) to (R). ... (check-in: b86fb096c6 user: stephan tags: trunk) | |
Changes
Changes to src/login.c.
| ︙ | ︙ | |||
389 390 391 392 393 394 395 |
int i;
if( zAgent==0 ) return 0; /* If no UserAgent, then probably a bot */
for(i=0; zAgent[i]; i++){
if( prefix_match("bot", zAgent+i) ) return 0;
if( prefix_match("spider", zAgent+i) ) return 0;
if( prefix_match("crawl", zAgent+i) ) return 0;
/* If a URI appears in the User-Agent, it is probably a bot */
| | | | | | | | 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 |
int i;
if( zAgent==0 ) return 0; /* If no UserAgent, then probably a bot */
for(i=0; zAgent[i]; i++){
if( prefix_match("bot", zAgent+i) ) return 0;
if( prefix_match("spider", zAgent+i) ) return 0;
if( prefix_match("crawl", zAgent+i) ) return 0;
/* If a URI appears in the User-Agent, it is probably a bot */
if( strncmp("http", zAgent+i,4)==0 ) return 0;
}
if( strncmp(zAgent, "Mozilla/", 8)==0 ){
if( atoi(&zAgent[8])<4 ) return 0; /* Many bots advertise as Mozilla/3 */
if( strglob("*Firefox/[1-9]*", zAgent) ) return 1;
if( strglob("*Chrome/[1-9]*", zAgent) ) return 1;
if( strglob("*(compatible;?MSIE?[1789]*", zAgent) ) return 1;
if( strglob("*AppleWebKit/[1-9]*(KHTML*", zAgent) ) return 1;
return 0;
}
if( strncmp(zAgent, "Opera/", 6)==0 ) return 1;
if( strncmp(zAgent, "Safari/", 7)==0 ) return 1;
if( strncmp(zAgent, "Lynx/", 5)==0 ) return 1;
if( strncmp(zAgent, "NetSurf/", 8)==0 ) return 1;
return 0;
}
/*
** COMMAND: test-ishuman
**
** Read lines of text from standard input. Interpret each line of text
|
| ︙ | ︙ | |||
596 597 598 599 600 601 602 |
@ onClick="chngAction(this.form)" /></td>
@ </tr>
@ </table>
@ <script type="text/JavaScript">
@ gebi('u').focus()
@ function chngAction(form){
if( g.sslNotAvailable==0
| | | 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 |
@ onClick="chngAction(this.form)" /></td>
@ </tr>
@ </table>
@ <script type="text/JavaScript">
@ gebi('u').focus()
@ function chngAction(form){
if( g.sslNotAvailable==0
&& strncmp(g.zBaseURL,"https:",6)!=0
&& db_get_boolean("https-login",0)
){
char *zSSL = mprintf("https:%s", &g.zBaseURL[5]);
@ if( form.u.value!="anonymous" ){
@ form.action = "%h(zSSL)/login";
@ }
}
|
| ︙ | ︙ | |||
761 762 763 764 765 766 767 | ); return uid; } /* ** This routine examines the login cookie to see if it exists and ** is valid. If the login cookie checks out, it then sets global | | < > > > > | | 761 762 763 764 765 766 767 768 769 770 771 772 773 774 775 776 777 778 779 780 781 |
);
return uid;
}
/*
** This routine examines the login cookie to see if it exists and
** is valid. If the login cookie checks out, it then sets global
** variables appropriately.
**
** g.userUid Database USER.UID value. Might be -1 for "nobody"
** g.zLogin Database USER.LOGIN value. NULL for user "nobody"
** g.perm Permissions granted to this user
** g.isHuman True if the user is human, not a spider or robot
**
*/
void login_check_credentials(void){
int uid = 0; /* User id */
const char *zCookie; /* Text of the login cookie */
const char *zIpAddr; /* Raw IP address of the requestor */
char *zRemoteAddr; /* Abbreviated IP address of the requestor */
const char *zCap = 0; /* Capability string */
|
| ︙ | ︙ | |||
797 798 799 800 801 802 803 804 805 806 807 808 809 810 |
&& db_get_int("localauth",0)==0
&& P("HTTPS")==0
){
uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");
g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
zCap = "sx";
g.noPswd = 1;
sqlite3_snprintf(sizeof(g.zCsrfToken), g.zCsrfToken, "localhost");
}
/* Check the login cookie to see if it matches a known valid user.
*/
if( uid==0 && (zCookie = P(login_cookie_name()))!=0 ){
/* Parse the cookie value up into HASH/ARG/USER */
| > | 800 801 802 803 804 805 806 807 808 809 810 811 812 813 814 |
&& db_get_int("localauth",0)==0
&& P("HTTPS")==0
){
uid = db_int(0, "SELECT uid FROM user WHERE cap LIKE '%%s%%'");
g.zLogin = db_text("?", "SELECT login FROM user WHERE uid=%d", uid);
zCap = "sx";
g.noPswd = 1;
g.isHuman = 1;
sqlite3_snprintf(sizeof(g.zCsrfToken), g.zCsrfToken, "localhost");
}
/* Check the login cookie to see if it matches a known valid user.
*/
if( uid==0 && (zCookie = P(login_cookie_name()))!=0 ){
/* Parse the cookie value up into HASH/ARG/USER */
|
| ︙ | ︙ | |||
905 906 907 908 909 910 911 912 913 914 915 916 917 918 919 920 921 922 |
/* Set the global variables recording the userid and login. The
** "nobody" user is a special case in that g.zLogin==0.
*/
g.userUid = uid;
if( fossil_strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
/* Set the capabilities */
login_replace_capabilities(zCap, 0);
login_set_anon_nobody_capabilities();
/* The auto-hyperlink setting allows hyperlinks to be displayed for users
** who do not have the "h" permission as long as their UserAgent string
** makes it appear that they are human. Check to see if auto-hyperlink is
** enabled for this repository and make appropriate adjustments to the
** permission flags if it is.
*/
| > > | > < | 909 910 911 912 913 914 915 916 917 918 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 934 935 936 937 938 |
/* Set the global variables recording the userid and login. The
** "nobody" user is a special case in that g.zLogin==0.
*/
g.userUid = uid;
if( fossil_strcmp(g.zLogin,"nobody")==0 ){
g.zLogin = 0;
}
g.isHuman = g.zLogin==0 ? isHuman(P("HTTP_USER_AGENT")) : 1;
/* Set the capabilities */
login_replace_capabilities(zCap, 0);
login_set_anon_nobody_capabilities();
/* The auto-hyperlink setting allows hyperlinks to be displayed for users
** who do not have the "h" permission as long as their UserAgent string
** makes it appear that they are human. Check to see if auto-hyperlink is
** enabled for this repository and make appropriate adjustments to the
** permission flags if it is.
*/
if( zCap[0]
&& !g.perm.Hyperlink
&& g.isHuman
&& db_get_boolean("auto-hyperlink",1)
){
g.perm.Hyperlink = 1;
g.javascriptHyperlink = 1;
}
/* If the public-pages glob pattern is defined and REQUEST_URI matches
** one of the globs in public-pages, then also add in all default-perms
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
182 183 184 185 186 187 188 189 190 191 192 193 194 195 |
const char *zLogin; /* Login name. "" if not logged in. */
const char *zSSLIdentity; /* Value of --ssl-identity option, filename of
** SSL client identity */
int useLocalauth; /* No login required if from 127.0.0.1 */
int noPswd; /* Logged in without password (on 127.0.0.1) */
int userUid; /* Integer user id */
/* Information used to populate the RCVFROM table */
int rcvid; /* The rcvid. 0 if not yet defined. */
char *zIpAddr; /* The remote IP address */
char *zNonce; /* The nonce used for login */
/* permissions used by the server */
| > | 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 |
const char *zLogin; /* Login name. "" if not logged in. */
const char *zSSLIdentity; /* Value of --ssl-identity option, filename of
** SSL client identity */
int useLocalauth; /* No login required if from 127.0.0.1 */
int noPswd; /* Logged in without password (on 127.0.0.1) */
int userUid; /* Integer user id */
int isHuman; /* True if access by a human, not a spider or bot */
/* Information used to populate the RCVFROM table */
int rcvid; /* The rcvid. 0 if not yet defined. */
char *zIpAddr; /* The remote IP address */
char *zNonce; /* The nonce used for login */
/* permissions used by the server */
|
| ︙ | ︙ |
Changes to src/style.c.
| ︙ | ︙ | |||
1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 |
@ g.zTop = %h(g.zTop)<br />
for(i=0, c='a'; c<='z'; c++){
if( login_has_capability(&c, 1) ) zCap[i++] = c;
}
zCap[i] = 0;
@ g.userUid = %d(g.userUid)<br />
@ g.zLogin = %h(g.zLogin)<br />
@ capabilities = %s(zCap)<br />
@ <hr>
P("HTTP_USER_AGENT");
cgi_print_all(showAll);
if( showAll && blob_size(&g.httpHeader)>0 ){
@ <hr>
@ <pre>
| > | 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184 1185 1186 1187 1188 |
@ g.zTop = %h(g.zTop)<br />
for(i=0, c='a'; c<='z'; c++){
if( login_has_capability(&c, 1) ) zCap[i++] = c;
}
zCap[i] = 0;
@ g.userUid = %d(g.userUid)<br />
@ g.zLogin = %h(g.zLogin)<br />
@ g.isHuman = %d(g.isHuman)<br />
@ capabilities = %s(zCap)<br />
@ <hr>
P("HTTP_USER_AGENT");
cgi_print_all(showAll);
if( showAll && blob_size(&g.httpHeader)>0 ){
@ <hr>
@ <pre>
|
| ︙ | ︙ |