Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
17 check-ins using file src/branch.c version d4a80ef0b9
|
2023-09-19
| ||
| 11:41 | Improvements to documentation for the "patch" command. ... (check-in: 14ebbe9d99 user: drh tags: trunk) | |
| 11:31 | Improvements to help-text HTML formatting. ... (check-in: ccc780f552 user: drh tags: trunk) | |
| 11:19 | Updates to the change log. ... (check-in: 5afa42e4ec user: drh tags: trunk) | |
| 10:42 | Fix a harmless compiler warning in SQLite. This is a direct edit to the imported sqlite3.c file, which will be overwritten the next time we update SQLite. But that's ok since the warning is fixed in the SQLite tree too. ... (check-in: ead5a95b47 user: drh tags: trunk) | |
|
2023-09-18
| ||
| 22:27 | Whitespace fix in previous ... (check-in: f8bec8f74c user: wyoung tags: trunk) | |
| 22:26 | Removal of the Tcl example in §5.5 of the containers doc left hanging references in the Python example in a few places. ... (check-in: 40e537e94d user: wyoung tags: trunk) | |
| 22:10 | Added §5.6 to the containers doc, "Email Alerts," explaining how to get email alerts out by use of the included tools/email-sender.tcl script and the "write mail to DB" feature since the default option (sendmail -ti) won't work by default and it wouldn't be appropriate to make it work besides. This then obviated the earlier half-baked advice on injecting a Tcl environment into the container; the essential point is adequately made by the Python example, so there is no point trying to rescue this plan. ... (check-in: 616a37f4f7 user: wyoung tags: trunk) | |
| 20:43 | Merge the CSRF-defense enhancements into trunk. ... (check-in: 920ace1739 user: drh tags: trunk) | |
| 17:13 | Omit the SameSite=strict specifier for the login cookie, since that prevents users from clicking a hyperlink on an email notification and then going directly to the relevant page and getting logged in. ... (Closed-Leaf check-in: fc5b49e990 user: drh tags: csrf-defense-enhancement) | |
| 15:36 | Set the "SameSite=strict" value on cookies (used for authentication) as a further defense-in-depth against CSRF attacks. ... (check-in: bc643c32f8 user: drh tags: csrf-defense-enhancement) | |
| 15:24 | Fix forum-post approval buttons so that they send the CSRF token. ... (check-in: bf9974cf8d user: drh tags: csrf-defense-enhancement) | |
| 15:10 | More intensive use of the Synchronizer Token Pattern for CSRF defense. ... (check-in: 0a66be2b75 user: drh tags: csrf-defense-enhancement) | |
| 14:32 | Strengthen CSRF requirements for the skin editor. ... (check-in: 6912636dc3 user: drh tags: csrf-defense-enhancement) | |
| 14:29 | Cleanup forms on the skin editor page. ... (check-in: 5feae3fd75 user: drh tags: csrf-defense-enhancement) | |
| 14:13 | Stronger CSRF token based on a SHA1 hash of the login cookie. ... (check-in: ff3746c4c2 user: drh tags: csrf-defense-enhancement) | |
| 13:18 | Try to simplify and rationalize the defenses against cross-site request forgery attacks. A hodgepodge of techniques have been used in the past. This changes attempts to make everything work more alike and to centralize CSRF defenses for easier auditing. ... (check-in: 88a402fe2a user: drh tags: csrf-defense-enhancement) | |
|
2023-09-14
| ||
| 08:25 | Add the ability for 'branch list' to filter the branches that have/have not been merged into the current branch. ... (check-in: 8ff63db2e6 user: danield tags: trunk) | |