Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
8 check-ins tagged with "verify-options-cgi"
|
2023-07-17
| ||
| 12:31 | Fix should have gone on the verify-options-cgi branch, not on trunk. Closed-Leaf check-in: d276fd9b77 user: drh tags: verify-options-cgi | |
| 12:18 | In /raw and /secureraw, ensure that the "m" and "at" vars are fetched before the malice check. Typo fix in cgi.c. check-in: 83015b0d9a user: stephan tags: verify-options-cgi | |
| 12:13 | Improvements to the algorithm for detecting likely SQL injection text. check-in: 5d6efeee47 user: drh tags: verify-options-cgi | |
| 11:44 | Improve the error log message for 418 responses so that it includes the name of the offending query parameter. Require whitespace around keywords when trying to detect SQL. check-in: ef1702fde3 user: drh tags: verify-options-cgi | |
|
2023-07-16
| ||
| 20:55 | Fix typo on the 418 status code name. check-in: f39c878fe1 user: drh tags: verify-options-cgi | |
| 20:47 | Add calls to cgi_check_for_malice() on many more web pages. Log all 418 responses to the error log. check-in: 40266bf9b2 user: drh tags: verify-options-cgi | |
| 10:35 | Rename verify_all_options_cgi() to cgi_check_for_malice(). Add more comments explaining what the function is intended for. Add calls to cgi_check_for_malice() to a few new webpages. check-in: 5a8063a8cb user: drh tags: verify-options-cgi | |
|
2023-07-15
| ||
| 13:57 | Add verify_all_options_cgi(), which works similarly to verify_all_options() but only fails if it finds CGI GET/POST arguments which (A) have not been fetched via P(), PD(), or similar, and (B) fail cgi_value_spider_check(). Currently only applied on the /ci page. check-in: a065940a74 user: stephan tags: verify-options-cgi | |