Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Add the https-login setting which forces a switch to HTTPS for any non-anonymous login. |
|---|---|
| Downloads: | Tarball | ZIP archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: |
be0e8041307397bc30ebc5aa4f6391cd |
| User & Date: | drh 2011-03-22 17:00:32.807 |
Context
|
2011-03-22
| ||
| 18:47 | Always redirect to a fully qualified URL. Give the setup user an opportunity to redirecct from test_env for testing purposes. check-in: 63958fc5a7 user: drh tags: trunk | |
| 17:00 | Add the https-login setting which forces a switch to HTTPS for any non-anonymous login. check-in: be0e804130 user: drh tags: trunk | |
|
2011-03-19
| ||
| 18:14 | Enhancements to "fossil add" and "fossil rm" so that they work recursively on directories and ignore trailing / characters. Patches from Carles Pagès. check-in: 04ddad7ab8 user: drh tags: trunk | |
Changes
Changes to src/db.c.
| ︙ | ︙ | |||
1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 |
{ "crnl-glob", 0, 16, "" },
{ "default-perms", 0, 16, "u" },
{ "diff-command", 0, 16, "" },
{ "dont-push", 0, 0, "off" },
{ "editor", 0, 16, "" },
{ "gdiff-command", 0, 16, "gdiff" },
{ "gmerge-command",0, 40, "" },
{ "ignore-glob", 0, 40, "" },
{ "http-port", 0, 16, "8080" },
{ "localauth", 0, 0, "off" },
{ "main-branch", 0, 40, "trunk" },
{ "manifest", 0, 0, "off" },
{ "max-upload", 0, 25, "250000" },
{ "mtime-changes", 0, 0, "on" },
| > | 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 |
{ "crnl-glob", 0, 16, "" },
{ "default-perms", 0, 16, "u" },
{ "diff-command", 0, 16, "" },
{ "dont-push", 0, 0, "off" },
{ "editor", 0, 16, "" },
{ "gdiff-command", 0, 16, "gdiff" },
{ "gmerge-command",0, 40, "" },
{ "https-login", 0, 0, "off" },
{ "ignore-glob", 0, 40, "" },
{ "http-port", 0, 16, "8080" },
{ "localauth", 0, 0, "off" },
{ "main-branch", 0, 40, "trunk" },
{ "manifest", 0, 0, "off" },
{ "max-upload", 0, 25, "250000" },
{ "mtime-changes", 0, 0, "on" },
|
| ︙ | ︙ | |||
1712 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 | ** on four files. ** Ex: kdiff3 "%baseline" "%original" "%merge" -o "%output" ** Ex: xxdiff "%original" "%baseline" "%merge" -M "%output" ** Ex: meld "%baseline" "%original" "%merge" "%output" ** ** http-port The TCP/IP port number to use by the "server" ** and "ui" commands. Default: 8080 ** ** ignore-glob The VALUE is a comma-separated list of GLOB patterns ** specifying files that the "extra" command will ignore. ** Example: *.o,*.obj,*.exe ** ** localauth If enabled, require that HTTP connections from ** 127.0.0.1 be authenticated by password. If | > > > | 1713 1714 1715 1716 1717 1718 1719 1720 1721 1722 1723 1724 1725 1726 1727 1728 1729 | ** on four files. ** Ex: kdiff3 "%baseline" "%original" "%merge" -o "%output" ** Ex: xxdiff "%original" "%baseline" "%merge" -M "%output" ** Ex: meld "%baseline" "%original" "%merge" "%output" ** ** http-port The TCP/IP port number to use by the "server" ** and "ui" commands. Default: 8080 ** ** https-login Send login creditials using HTTPS instead of HTTP ** even if the login page request came via HTTP. ** ** ignore-glob The VALUE is a comma-separated list of GLOB patterns ** specifying files that the "extra" command will ignore. ** Example: *.o,*.obj,*.exe ** ** localauth If enabled, require that HTTP connections from ** 127.0.0.1 be authenticated by password. If |
| ︙ | ︙ |
Changes to src/login.c.
| ︙ | ︙ | |||
284 285 286 287 288 289 290 |
if( g.zLogin==0 ){
zAnonPw = db_text(0, "SELECT pw FROM user"
" WHERE login='anonymous'"
" AND cap!=''");
}
@ <tr>
@ <td></td>
| | > | > > > > > > > > > > > > > | 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 |
if( g.zLogin==0 ){
zAnonPw = db_text(0, "SELECT pw FROM user"
" WHERE login='anonymous'"
" AND cap!=''");
}
@ <tr>
@ <td></td>
@ <td><input type="submit" name="in" value="Login"
@ onClick="chngAction(this.form)" /></td>
@ </tr>
@ </table>
@ <script type="text/JavaScript">
@ document.getElementById('u').focus()
@ function chngAction(form){
if( g.sslNotAvailable==0
&& memcmp(g.zBaseURL,"https:",6)!=0
&& db_get_boolean("https-login",0)
){
char *zSSL = mprintf("https:%s", &g.zBaseURL[5]);
@ if( form.u.value!="anonymous" ){
@ form.action = "%h(zSSL)/login";
@ }
}
@ }
@ </script>
if( g.zLogin==0 ){
@ <p>Enter
}else{
@ <p>You are currently logged in as <b>%h(g.zLogin)</b></p>
@ <p>To change your login to a different user, enter
}
@ your user-id and password at the left and press the
|
| ︙ | ︙ |
Changes to src/main.c.
| ︙ | ︙ | |||
71 72 73 74 75 76 77 78 79 80 81 82 83 84 | char *zPath; /* Name of webpage being served */ char *zExtra; /* Extra path information past the webpage name */ char *zBaseURL; /* Full text of the URL being served */ char *zTop; /* Parent directory of zPath */ const char *zContentType; /* The content type of the input HTTP request */ int iErrPriority; /* Priority of current error message */ char *zErrMsg; /* Text of an error message */ Blob cgiIn; /* Input to an xfer www method */ int cgiOutput; /* Write error and status messages to CGI */ int xferPanic; /* Write error messages in XFER protocol */ int fullHttpReply; /* True for full HTTP reply. False for CGI reply */ Th_Interp *interp; /* The TH1 interpreter */ FILE *httpIn; /* Accept HTTP input from here */ FILE *httpOut; /* Send HTTP output here */ | > | 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 | char *zPath; /* Name of webpage being served */ char *zExtra; /* Extra path information past the webpage name */ char *zBaseURL; /* Full text of the URL being served */ char *zTop; /* Parent directory of zPath */ const char *zContentType; /* The content type of the input HTTP request */ int iErrPriority; /* Priority of current error message */ char *zErrMsg; /* Text of an error message */ int sslNotAvailable; /* SSL is not available. Do not redirect to https: */ Blob cgiIn; /* Input to an xfer www method */ int cgiOutput; /* Write error and status messages to CGI */ int xferPanic; /* Write error messages in XFER protocol */ int fullHttpReply; /* True for full HTTP reply. False for CGI reply */ Th_Interp *interp; /* The TH1 interpreter */ FILE *httpIn; /* Accept HTTP input from here */ FILE *httpOut; /* Send HTTP output here */ |
| ︙ | ︙ | |||
1144 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 |
** than HTTP.
**
** Other options:
**
** --localauth Password signin is not required if this is true and
** the input comes from 127.0.0.1 and the "localauth"
** setting is not disabled.
*/
void cmd_http(void){
const char *zIpAddr;
const char *zNotFound;
const char *zHost;
zNotFound = find_option("notfound", 0, 1);
g.useLocalauth = find_option("localauth", 0, 0)!=0;
if( find_option("https",0,0)!=0 ) cgi_replace_parameter("HTTPS","on");
zHost = find_option("host", 0, 1);
if( zHost ) cgi_replace_parameter("HTTP_HOST",zHost);
g.cgiOutput = 1;
if( g.argc!=2 && g.argc!=3 && g.argc!=6 ){
fossil_fatal("no repository specified");
}
| > > > > | 1145 1146 1147 1148 1149 1150 1151 1152 1153 1154 1155 1156 1157 1158 1159 1160 1161 1162 1163 1164 1165 1166 1167 1168 1169 |
** than HTTP.
**
** Other options:
**
** --localauth Password signin is not required if this is true and
** the input comes from 127.0.0.1 and the "localauth"
** setting is not disabled.
**
** --nossl SSL connections are not available so do not
** redirect from http: to https:.
*/
void cmd_http(void){
const char *zIpAddr;
const char *zNotFound;
const char *zHost;
zNotFound = find_option("notfound", 0, 1);
g.useLocalauth = find_option("localauth", 0, 0)!=0;
g.sslNotAvailable = find_option("nossl", 0, 0)!=0;
if( find_option("https",0,0)!=0 ) cgi_replace_parameter("HTTPS","on");
zHost = find_option("host", 0, 1);
if( zHost ) cgi_replace_parameter("HTTP_HOST",zHost);
g.cgiOutput = 1;
if( g.argc!=2 && g.argc!=3 && g.argc!=6 ){
fossil_fatal("no repository specified");
}
|
| ︙ | ︙ | |||
1303 1304 1305 1306 1307 1308 1309 1310 1311 1312 1313 1314 1315 1316 |
#endif
zBrowserCmd = mprintf("%s http://localhost:%%d/ &", zBrowser);
}
db_close(1);
if( cgi_http_server(iPort, mxPort, zBrowserCmd, flags) ){
fossil_fatal("unable to listen on TCP socket %d", iPort);
}
g.httpIn = stdin;
g.httpOut = stdout;
if( g.fHttpTrace || g.fSqlTrace ){
fprintf(stderr, "====== SERVER pid %d =======\n", getpid());
}
g.cgiOutput = 1;
find_server_repository(isUiCmd);
| > | 1308 1309 1310 1311 1312 1313 1314 1315 1316 1317 1318 1319 1320 1321 1322 |
#endif
zBrowserCmd = mprintf("%s http://localhost:%%d/ &", zBrowser);
}
db_close(1);
if( cgi_http_server(iPort, mxPort, zBrowserCmd, flags) ){
fossil_fatal("unable to listen on TCP socket %d", iPort);
}
g.sslNotAvailable = 1;
g.httpIn = stdin;
g.httpOut = stdout;
if( g.fHttpTrace || g.fSqlTrace ){
fprintf(stderr, "====== SERVER pid %d =======\n", getpid());
}
g.cgiOutput = 1;
find_server_repository(isUiCmd);
|
| ︙ | ︙ |
Changes to src/winhttp.c.
| ︙ | ︙ | |||
105 106 107 108 109 110 111 |
}else{
break;
}
wanted -= got;
}
fclose(out);
out = 0;
| | | 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 |
}else{
break;
}
wanted -= got;
}
fclose(out);
out = 0;
sqlite3_snprintf(sizeof(zCmd), zCmd, "\"%s\" http \"%s\" %s %s %s --nossl%s",
fossil_nameofexe(), g.zRepositoryName, zRequestFName, zReplyFName,
inet_ntoa(p->addr.sin_addr), p->zOptions
);
fossil_system(zCmd);
in = fopen(zReplyFName, "rb");
if( in ){
while( (got = fread(zHdr, 1, sizeof(zHdr), in))>0 ){
|
| ︙ | ︙ |