Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
187 check-ins using file src/printf.c version 9130f41b21
|
2025-10-03
| ||
| 17:27 | Improve the recommented value for robot-exception. check-in: 3bbd18a284 user: drh tags: trunk | |
| 16:05 | Allow URLs of the form /tarball/TAG/VERSION/NAME.tar.gz for the tarball page where TAG must be a non-branch tag associated with VERSION. This is so that the robot-exception pattern can match things like /tarball/release while will allowing access to historical releases via the VERSION section of the URL. check-in: 57c8bec816 user: drh tags: trunk | |
| 14:36 | Remove a pointless source code test from "make test" check-in: 871f6b36e9 user: drh tags: trunk | |
| 14:09 | Disable the "settings" test module, which doesn't work for unknown reasons, and because it does not seem to accomplish very much for all the TCL complication that it adds. check-in: 4619d2efab user: drh tags: trunk | |
|
2025-10-02
| ||
| 19:36 | Align the delta_parse() debug function with the SQLite sources. check-in: a8dbbac969 user: drh tags: trunk | |
| 14:14 | Update the built-in SQLite to the latest trunk check-in for beta testing. check-in: 3ca3a6a667 user: drh tags: trunk | |
| 01:48 | Correct some of the calculations and reduce code by reusing existing decoder. Leaf check-in: 08df9ea0de user: andybradford tags: md5-color-hash | |
|
2025-10-01
| ||
| 05:33 | Attempt to preserve more of the randomness generated by MD5. check-in: f9d361804e user: andybradford tags: md5-color-hash | |
|
2025-09-30
| ||
| 18:13 | Update the version number 2.28 to begin the next dev cycle. check-in: c8fcc9714e user: drh tags: trunk | |
| 11:03 | Version 2.27 check-in: 99675884a9 user: drh tags: trunk, release, version-2.27 | |
| 10:59 | Change to the wrong branch. Closed-Leaf check-in: 5255854698 user: drh tags: mistake | |
| 05:17 | Use MD5 to generate the color hash as it's a random function. check-in: d4caf785e3 user: andybradford tags: md5-color-hash | |
|
2025-09-27
| ||
| 16:26 | Switch to time based color hash generation for other pages (brlist, finfo, info, and ci_edit). Now abandoned. Closed-Leaf check-in: 4a90f3352d user: andybradford tags: datetime-color-hash | |
| 15:05 | Avoid an unnecessary mprintf(). check-in: bd4cec1240 user: danield tags: trunk | |
| 11:57 | Further reduce divergence between the SQLite and Fossil implementations of regexp.c. Fix compiler warnings for MSVC. check-in: a18dab4184 user: drh tags: trunk | |
| 11:10 | Update the built-in SQLite to the latest trunk version so that it will compile without warnings on Windows. check-in: 702a56d116 user: drh tags: trunk | |
| 00:47 | Use the datetime of the start of the branch as the input for the color hash. See suggestion made by Stephan Beal in [forum:/forumpost/a9a92d73c4a172f9|forum post a9a92d73c4a172f9]. check-in: 1851b26d2b user: andybradford tags: datetime-color-hash | |
|
2025-09-26
| ||
| 20:07 | Add a new setting "regexp-limit" that determines the maximum size of a REGEXP virtual machine. Default value 1000. check-in: 82888a0d35 user: drh tags: trunk | |
| 14:23 | Updates to the changelog. check-in: 28483bfc5a user: danield tags: trunk | |
| 14:12 | Update the change log. check-in: 3a0dfc8920 user: drh tags: trunk | |
| 13:36 | Bring the built-in SQLite and the regexp implementation into alignment with upstream. check-in: 9642cde384 user: drh tags: trunk | |
| 12:58 | Sync with trunk. check-in: c321b7e490 user: florian tags: standard-cli-colors | |
| 12:57 | Sync with trunk. check-in: 779fe3e1b2 user: florian tags: diff-word-wrap | |
| 12:53 | Sync with trunk. check-in: f3ff04466d user: florian tags: diff-keyboard-navigation | |
| 12:50 | Sync with trunk. check-in: 9cea672b5d user: florian tags: timeline-keyboard-navigation | |
| 12:48 | Prevent the cell background colors from extending beyond the outer rounded borders of the diff table in WebKit-based browsers. check-in: b666bbc54d user: florian tags: trunk | |
| 11:58 | Add the -h option to the "ls" command to display file hashes for a specific check-in when in verbose mode. check-in: 4c0ff6ed62 user: danield tags: trunk | |
|
2025-09-25
| ||
| 08:30 | Simplify the previous commit. check-in: b12e52aaf7 user: florian tags: trunk | |
| 08:00 | Prevent successfully completed robot checks from reappearing and force incomplete checks to start over when navigating back and forward. check-in: 4cc0881dec user: florian tags: trunk | |
|
2025-09-24
| ||
| 19:29 | Update the built-in SQLite to the latest trunk check-in for testing. check-in: 3041904dae user: drh tags: trunk | |
|
2025-09-21
| ||
| 04:16 | Fix an out-of-bounds array access in the function to decode a UTF-8 sequence (similar to a problem reported on the SQLite Forum: https://sqlite.org/forum/forumpost/184b372388). check-in: 59879abe16 user: florian tags: trunk | |
|
2025-09-16
| ||
| 10:47 | Enable cache of the CSS style sheet. Leaf check-in: 0c1de587f9 user: drh tags: cache-style-sheet | |
|
2025-09-11
| ||
| 21:44 | Fix the "Download" submenu item on the /artifact page such that the at= query parameter is the actual basename of the file being downloaded, when available. check-in: b1e811c3e7 user: drh tags: trunk | |
| 15:43 | Fix links with truncated symbolic names in /vdiff, as reported in forum post 690436f85e. check-in: 2871b39a62 user: danield tags: trunk | |
| 10:17 | Add a missing return in cgi_fread() for builds without FOSSIL_ENABLE_SSL. check-in: 1cd8163045 user: stephan tags: trunk | |
|
2025-09-10
| ||
| 14:29 | Update to a newer SQLite that fixes a bug in the SQLite CLI so that it will once again compile on 32-bit windows. check-in: fb8697872b user: drh tags: trunk | |
| 11:40 | Update to the change log check-in: 1042d64538 user: drh tags: trunk | |
| 10:51 | Update the built-in SQLite to the latest trunk for testing. check-in: dc45faa3b7 user: drh tags: trunk | |
| 10:49 | Fix encoding of hyperlinks synthesized by the manifest parser. check-in: 55e9a2ff09 user: drh tags: trunk | |
| 02:46 | Correct misspelled word in timeline HTML output. check-in: 3d1a1ec0e3 user: andybradford tags: trunk | |
|
2025-09-09
| ||
| 14:23 | This should be encoded for URL/HTTP not HTML to avoid broken URLs when symbolic tags have spaces, ampersands, and other things that need proper escaping. Closed-Leaf check-in: 25c0da0126 user: andybradford tags: fix-timeline-moves | |
|
2025-09-05
| ||
| 15:20 | Fix the error log parsing so that timeouts do not appear as panics. check-in: b2ace8830a user: drh tags: trunk | |
|
2025-09-04
| ||
| 12:00 | Fix compiler warning and improve performance in previous check-in. check-in: 9d7c15d409 user: drh tags: trunk | |
|
2025-09-02
| ||
| 22:10 | Allow the plus sign in MIME types again, needed for example in 'application/rss+xml'. check-in: 639c040474 user: danield tags: trunk | |
| 12:52 | Minor internal doc updates. No code changes. check-in: 65448438e8 user: stephan tags: trunk | |
| 12:51 | Change the link to fnc to use its new canonical home, fnc.sh, as pointed out by Florian in the forum. check-in: accce714cc user: stephan tags: trunk | |
|
2025-09-01
| ||
| 17:17 | Finish writing a doc sentence started in the previous checkin. check-in: 7a3d6d7057 user: stephan tags: trunk | |
| 16:58 | Add a CSRF check to /chat-send. check-in: 4caa8cb9ff user: stephan tags: trunk | |
| 15:37 | Reject all GET/COOKIE vars in which the values contain control characters. check-in: 0c1419a466 user: stephan tags: trunk | |
| 15:27 | An alternate approach to [ae8fc0e0b5e6] which instead rejects all GET and COOKIE values which, after decoding, contain any control characters. We have(?) no(?) use cases where control characters are legitimately needed for GET/COOKIE values. Closed-Leaf check-in: c61ae84cab user: stephan tags: no-ctrl-chars | |
| 14:15 | Primative validation of request-supplied mime-types. check-in: ae8fc0e0b5 user: drh tags: trunk | |
|
2025-08-22
| ||
| 15:49 | When deleting cookies via /cookies, use a path of "/" for ROBOT_COOKIE. The alternative would be to set that cookie to be repo-local (i.e. set its path to g.zTop), which would be unfortunate for servers which host many fossils. check-in: 55c972103f user: stephan tags: trunk | |
| 13:59 | Add the /re_rules page. check-in: 8779bd0b3a user: drh tags: trunk | |
| 01:51 | Fix a typo in the regular expression example for robot-exception check-in: 31b09807ef user: drh tags: trunk | |
|
2025-08-21
| ||
| 19:10 | Activate the robot-restrict "timelineX" flag if the c= query parameter is used. check-in: 59ae0e0b18 user: drh tags: trunk | |
| 16:21 | Do not change the /info diff-type to 0 if robot-restrict is turned off. [forum:/forumpost/1bef6821de|Forum post 1bef6821de]. check-in: 879deeda66 user: drh tags: trunk | |
| 15:40 | Show numstat-style statistics in the /ckout page as well. check-in: cb4d17078f user: danield tags: trunk | |
| 14:16 | Avoid excess backslash excaping in text in the new robot-exception setup. check-in: 5dc9f9b97c user: drh tags: trunk | |
| 14:13 | Add /reports to the default robot-restrict setting. check-in: 12d871a00a user: stephan tags: trunk | |
| 14:08 | Add the robot-exception setting. check-in: 86b6ef7fe3 user: drh tags: trunk | |
| 12:08 | Sync with trunk. check-in: 286a900699 user: florian tags: standard-cli-colors | |
| 12:07 | Sync with trunk. check-in: a0377ebb9d user: florian tags: diff-word-wrap | |
| 12:06 | Sync with trunk. check-in: 5ee83f2807 user: florian tags: diff-keyboard-navigation | |
| 12:04 | Sync with trunk. check-in: bab295db10 user: florian tags: timeline-keyboard-navigation | |
| 12:02 | Change [3710202914] to call the function to load the diff-related JS code even for blocked diffs. By default, the loader function is already a no-op if diffs are blocked, so the behavior intended by [3710202914] is retained. But other branches are patching the loader function because they rely on the JS code even if the diffs are hidden. check-in: 171127fd14 user: florian tags: trunk | |
| 10:51 | Rearrange fields in the Robot Defense setup to make it easier to understand. check-in: 58a48e3abe user: drh tags: trunk | |
|
2025-08-20
| ||
| 15:02 | When appending the ssh signature, use a more direct function with the same result. check-in: 5d040f1ff0 user: danield tags: trunk | |
| 00:03 | Performance optimization in Th_RenderToBlob(). check-in: b853b5d471 user: drh tags: trunk | |
|
2025-08-19
| ||
| 22:55 | Do not duplicate the "name" query parameter in the robot.c captcha. check-in: 118540fa84 user: drh tags: trunk | |
| 18:54 | Improvements to robot-restrict. check-in: 4e73f31473 user: drh tags: trunk | |
| 16:57 | Create a new interface for checking to see if a tag exists in the robot-restrict setting. check-in: 8784c600ce user: drh tags: trunk | |
| 16:35 | Attempt to make recent robot defense improvements portable to IE. I do not have access to IE and hence cannot test this, so the changes are mostly a guess. [forum:/forumpost/e18c040d32|Forum post e18c040d32]. check-in: 3d32a10930 user: drh tags: trunk | |
| 16:02 | Do not show diffs on the /vinfo page unless we know that the client is not a robot. check-in: 3710202914 user: drh tags: trunk | |
| 15:42 | Refactor the code in robot.c to make interfaces available to other parts of the system. check-in: 4fa618faf1 user: drh tags: trunk | |
| 10:57 | Check to see that CSS has been loaded before activating hyperlinks if the user is "nobody". check-in: 3f6a6bdce4 user: drh tags: trunk | |
| 10:37 | Make "off" the preferred way to diable robot-restrict check-in: db69c47abd user: drh tags: trunk | |
| 10:28 | Documentation update: Make the robot-restrict setting "none" or "off" to disable all restrictions. check-in: 26a9b03336 user: drh tags: trunk | |
|
2025-08-18
| ||
| 15:49 | New setting "anon-cookie-lifespan" sets the life span of an anonymous login cookie. The default is 8 hours. Set to zero to disable anonymous login. check-in: 7d2b47a7c3 user: drh tags: trunk | |
| 11:45 | Additional obfuscation of the javascript that runs to implement the anti-robot defense. check-in: 4c4bce351d user: drh tags: trunk | |
|
2025-08-17
| ||
| 19:38 | Wrap the robot_restrict() JS check in an onload handler so that it won't run until the external resources (namely style.css) are loaded. check-in: e5991efb68 user: stephan tags: trunk | |
| 19:04 | Improvements to robot detection in the robot_restrict() function. check-in: e5b00c610d user: drh tags: trunk | |
| 19:02 | Obfuscation of the robot-test code. Closed-Leaf check-in: 2fdd7ace52 user: drh tags: robotck-instant | |
| 18:44 | Merge the robot tests from trunk with the new tests from this branch so that *all* the tests are run. check-in: 95a57c637f user: drh tags: robotck-instant | |
| 18:33 | Merge recent trunk enhancements into the robotck-instant branch. check-in: dd11b563f4 user: drh tags: robotck-instant | |
| 18:20 | Use the UserAgent value from the HTTP request header, rather than the client IP address, as the additional factor in the anonymous login cookie hash, since some client are on networks where their IP address can shift frequently. check-in: 0693766805 user: drh tags: trunk | |
| 17:47 | Because this new check is too fast to see the progress indicator, make the final result label more explicit. check-in: b6cf0c2052 user: stephan tags: robotck-instant | |
| 17:16 | Make anonymous cookies valid for 8 hours. Include the client IP address as part of the cookie hash, but do not display the client IP address within the text of the cookie. check-in: 68da4784aa user: drh tags: trunk | |
| 15:37 | Move the z-level style into default.css, in case the adversaries read inlined STYLE tags (which now, in hindsight, seems more likely to me). Change the HTTP result code from robot_proofofwork() to a non-200 code, the hope being that the adversaries will stop on a non-200 code. check-in: c7ad43638d user: stephan tags: robotck-instant | |
| 15:00 | Remove some dead code from /chat. check-in: 144c5dbe00 user: stephan tags: trunk | |
| 14:52 | Correct a mis-calculation of fontSize for /chat attachments which use the Embed checkbox. check-in: e3f0dcc325 user: stephan tags: trunk | |
| 13:21 | Add a comment explaining why document.body's z-level is explicitly set to 0. Remove some EOL whitespace. check-in: 7c57a20ebd user: stephan tags: robotck-instant | |
| 12:52 | Add (stash rename) to the changelog. check-in: c834adb656 user: stephan tags: trunk | |
| 12:50 | Add (stash rename) subcommand to change the label associated with a stash entry. check-in: 1aaa6fc58d user: stephan tags: trunk | |
| 12:29 | Fix the previous checkin to actually compute the work value. This slows it down by a tiny fraction of a second but it's still effectively instant. This calculation can be moved up a level into the C code to turn this back into an instant operation, but leaving it on the client seems like a reasonable choice. check-in: c27cfa9f60 user: stephan tags: robotck-instant | |
| 12:10 | An experiment in reducing the proof-of-work to a single operation. (This description is intentionally vague.) check-in: b765e65267 user: stephan tags: robotck-instant | |
|
2025-08-16
| ||
| 16:48 | Add a simple UI that allows any registered user (not "anonymous" or "nobody") to create access tokens. check-in: 2a3d303124 user: drh tags: trunk | |
| 15:54 | Change the name of the robot-test cookie to fossil-client-ok. Decode that cookie's meaning on the /cookies page. check-in: dc2232c6bd user: drh tags: trunk | |
| 14:44 | Cache the results of calling robot_restrict() so that subsequent calls are very fast. check-in: 1bdda5d01d user: drh tags: trunk | |
| 14:20 | Open up access to /test-robotck to all users. Clear the "Press OK to continue" from the screen when the Ok button is pressed, so that it does not linger for zip and tarball downloads. check-in: 508d3cd98a user: drh tags: trunk | |
| 13:59 | Improvements and simplifications to anti-robot defenses. check-in: 16b33097fe user: drh tags: trunk | |
| 13:57 | Improved anti-robot captcha. Closed-Leaf check-in: 206089acd1 user: drh tags: robot-restrict-simplified | |
| 10:10 | Correct the signature of an extern decl of fossil_strndup(), as reported in [forum:21ac5f59a0 | forum post 21ac5f59a0]. check-in: d546932976 user: stephan tags: trunk | |
| 00:36 | Add the "timelineX" tag to robot-restrict processing. Move /honeypot over to the captcha.c file and have it use the resources found there. check-in: 54afc94ce0 user: drh tags: robot-restrict-simplified | |
|
2025-08-15
| ||
| 23:46 | Convert the g.isHuman variable into g.isRobot. check-in: 6422bca15d user: drh tags: robot-restrict-simplified | |
| 23:18 | Simplifications to the logic that tries to keep robots out. check-in: 02adced1c1 user: drh tags: robot-restrict-simplified | |
| 19:58 | Add /zip and /tarball pages to the robot-squelch mechanism. check-in: 661991aa62 user: drh tags: trunk | |
| 19:07 | Add the "robot-squelch" defense against bot-nets. Still incomplete, but sufficient to hold off the latest attacks. check-in: de66eeaab7 user: drh tags: trunk | |
| 18:49 | Bug fix in the new cgi_is_qp() routine of the previous check-in. Closed-Leaf check-in: ef57ecf260 user: drh tags: robot-squelch | |
| 18:47 | Further improvements to the squelch captcha. check-in: 055908da97 user: drh tags: robot-squelch | |
| 16:21 | Slightly more sophisticated captcha. check-in: a10e785dfb user: drh tags: robot-squelch | |
| 15:11 | Merge trunk enhancements into the robot-squelch branch. check-in: a46ffe0fb7 user: drh tags: robot-squelch | |
| 15:06 | Add a really simple captcha - the user just has to press a button. check-in: b3337295f1 user: drh tags: robot-squelch | |
| 13:55 | Prototyping new defenses against bot-nets check-in: 3f4885a983 user: drh tags: robot-squelch | |
| 12:32 | Allow /xfer to service anonymous clones if they have any of the Clone, Zip, or Read permissions. This is a temporary measure, as described in the code's comments. Closed-Leaf check-in: f9547c7c84 user: stephan tags: relaxed-clone-permissions | |
| 05:10 | Update [6c8c93a5f7] to fix redirects to the captcha screen and set the keyboard focus to the password input field if there's no user ID input field. check-in: b8731485b0 user: florian tags: trunk | |
| 04:50 | Merge the revamped Copy Buttons. check-in: 63712b631c user: florian tags: trunk | |
|
2025-08-14
| ||
| 21:01 | The "/login?anon=2" page demonstrates the captcha even if the user is currently logged in. check-in: e58112a4f3 user: drh tags: trunk | |
| 19:35 | Improved captcha screen. Less clutter. Easier for first-time visitors to digest. check-in: 6c8c93a5f7 user: drh tags: trunk | |
| 12:46 | Reduce the timeout for anonymous logins to 1 hours. Add the IP address to the anonymous login cookie. check-in: 60a9fac4e1 user: drh tags: trunk | |
|
2025-08-13
| ||
| 15:48 | Allow the mimetype query parameter for non-CGI content in /ext. check-in: 639b96b9ad user: drh tags: trunk | |
|
2025-08-12
| ||
| 15:27 | Use equal horizontal spacing for normal and "flipped" Copy Buttons (where the latter are positioned after the text to be copied). The idea is for the buttons to be tied to "their" text without spaces in between, resulting in a somewhat narrower spacing to emphasize the connection, but to have normal HTML whitespace on the other side. Closed-Leaf check-in: 2bc2f7249c user: florian tags: copybtn.js-responsive | |
| 15:20 | Add some higher-specificity CSS declarations to prevent dark-mode skins from overriding the relevant styles of the Copy Button layout, so users don't need to sync their skin customizations with the changes on this branch. check-in: b7f2c9f329 user: florian tags: copybtn.js-responsive | |
| 15:04 | Revamp the Copy Buttons for a more responsive user experience. See the [branch/copybtn.js-responsive | wiki page linked to this branch] for more details. check-in: 32c3a210c8 user: florian tags: copybtn.js-responsive | |
|
2025-08-10
| ||
| 10:28 | Raise an error when trying to insert an unversioned file if the file size would cause the database row to exceed SQLITE_LIMIT_LENGTH. check-in: c6265bb3a7 user: drh tags: trunk | |
|
2025-08-07
| ||
| 19:46 | Add an assert() in a block which cannot happen. It survives 'reconstruct', so we can probably remove the block, but leaving it around for a while seems prudent. check-in: 7d4af37f39 user: stephan tags: trunk | |
|
2025-08-06
| ||
| 10:30 | Show numstat-style statistics in the 'Changes' section of /info and friends. check-in: 18151a8615 user: danield tags: trunk | |
| 06:29 | Fill in more help for fossil user whoami command. Leaf check-in: aef4a2c023 user: brickviking tags: user-whoami | |
|
2025-08-04
| ||
| 23:58 | Add a NULL check where a change from [4c3e1728e1b1a9cb] inadvertently changed the semantics from NULL=="" to NULL==NULL, triggering a null pointer deref via backlinks parsing. Triggered by rebuild when encountering a tag with no value. check-in: 441264b759 user: stephan tags: trunk | |
|
2025-08-03
| ||
| 22:47 | Attempt to augment the "attempt to write a readonly database" error from Fossil by listing all databases it is using that are read-only. check-in: 0ea8703b60 user: drh tags: trunk | |
| 11:31 | Eliminate a superfluous allocation and have freepass() zero out its storage to avoid a duplicate free() in the very off chance that it's ever called twice. These are cleanups made in passing, not fixing known problems. check-in: 1c9d5cd81d user: stephan tags: trunk | |
|
2025-08-02
| ||
| 17:56 | Add the (user whoami) subcommand, which figures out who you are via db_find_and_open_repository(). In response to [forum:a174e200b018abbd | forum thread a174e200b018abbd]. check-in: a06df610c9 user: stephan tags: user-whoami | |
|
2025-08-01
| ||
| 13:03 | Fix diff -tk's handling of the file list when the Reload button is tapped and the list of files is changed. Problem reported in /chat. check-in: 4bb41f9242 user: stephan tags: trunk | |
| 12:08 | Change all datetime() calls in tktsetup.c to use toLocal() as their second argument so that they display in the configured timezone. This should resolve [forum:82ac9af1533f78f7 | forum thread 82ac9af1533f78f7]. check-in: 2a39681ad1 user: stephan tags: trunk | |
| 04:59 | Typo fix in help output, noted [forum:/forumpost/af1ee76f78 | on the forum]. check-in: 0d94d71d25 user: wyoung tags: trunk | |
| 04:50 | Added the --verbose|v flag to the test-looks-like-utf8 command so that one can find out why a command like "fossil ci" is considering an input known to be text as "binary", then fix it. Leaf check-in: cf6c15bb28 user: wyoung tags: verbose-looks-like | |
|
2025-07-31
| ||
| 12:50 | Shorten line statistics text for the benefit of devices with limited screen width. Closed-Leaf check-in: 941f67a83e user: danield tags: gui-diff-numstat | |
|
2025-07-30
| ||
| 17:48 | Fix a compiler warning in the previous check-in. check-in: a8ef11b63c user: danield tags: trunk | |
| 17:26 | Show numstat-style statistics in the 'Changes' section of /info and friends. check-in: 25e156c9b7 user: danield tags: gui-diff-numstat | |
| 17:14 | Add the test-generate-uuid command. check-in: 062bb67c03 user: danield tags: trunk | |
| 16:54 | Update the built-in SQLite to the latest trunk version for testing. check-in: 104c079dcd user: drh tags: trunk | |
|
2025-07-28
| ||
| 02:32 | Merge from trunk. check-in: 53010e9688 user: brickviking tags: bv-infotool | |
|
2025-07-27
| ||
| 11:58 | When unversioned content is saved, add an entry to the admin log. check-in: 7991defa6f user: stephan tags: trunk | |
| 11:07 | Teach the sync protocol how to work with an out-of-band login card, saving an extra server-side copy of the sync content which is required only to account for an inlined login card. i.e. it saves RAM, potentially lots of it. The new login card mechanism is instead transported via an HTTP header. This also, not coincidentally, simplifies implementation of the login card in non-fossil(1) clients which are currently learning to speak the sync protocol. check-in: 18628904c3 user: stephan tags: trunk | |
|
2025-07-25
| ||
| 18:47 | Do not add the sync login cookie unless we know the remote supports it. It's harmless in that case but it doesn't need to be there. Rename the login cookie from the unweildy x-f-x-l (X-Fossil-Xfer-Login) to x-f-l-c (X-Fossil-Login-Card) because the former is unsightly. Closed-Leaf check-in: 9789e1dce7 user: stephan tags: xfer-login-card | |
| 15:08 | Extend the login card mode version check to include the date and time. It is currently still set to 2.27.1, but if/when merged then the version would need to be reverted to 2.27.0 and the version/date/time check will need to be set to compare against the trunk version from immediately before the merge. This needs more testing but looks like it will resolve the "post-2.26 trunk" incompatibility. check-in: 86cc923de4 user: stephan tags: xfer-login-card | |
|
2025-07-24
| ||
| 05:26 | Remove the now-obsolete parsing of the X-Fossil-Xfer-Login HTTP header. check-in: 8dbcf2acba user: stephan tags: xfer-login-card | |
| 05:10 | Use a Cookie, instead of a custom HTTP header and/or URL param, to send the sync login header, as suggested in [forum:9959d2d9d9be22d2 | forum post 9959d2d9d9be22d2]. This is simpler. check-in: 756ad2f23c user: stephan tags: xfer-login-card | |
| 03:16 | Previous checkin should not have compiled - clean rebuild uncovered a stale dep. Re-map the fLoginCardMode to a bitmask so that it's possible to tell when multiple paths toggle that on, and which paths they were. check-in: 780d3b2fe3 user: stephan tags: xfer-login-card | |
| 03:03 | Doc touchups. check-in: aa36afc52c user: stephan tags: xfer-login-card | |
| 02:41 | Update the change log and sync.wiki for the login card additions. check-in: edfa01d9d2 user: stephan tags: xfer-login-card | |
| 02:20 | Doc improvements and internal API renaming for clarity. No functional changes. check-in: 286110dec0 user: stephan tags: xfer-login-card | |
| 01:12 | Remove some debug output. check-in: d1b7be2ff8 user: stephan tags: xfer-login-card | |
|
2025-07-23
| ||
| 23:31 | Remove some xfer login process debug output. check-in: 815a84cbcc user: stephan tags: xfer-login-card | |
| 20:56 | Account for CGI-hosted fossil instances by sending the xfer login card as a URL argument. This is somewhat inelegant but works around their inability to read HTTP headers. This version is still more verbose than it needs to be, and requires more testing for compatibility with trunk fossil versions. check-in: 439af9348b user: stephan tags: xfer-login-card | |
| 17:39 | Add the x-fossil-xfer-login header check in one additional place. With the help of the included debug output, the login problem seems to be caused by CGI (only) instances not reading the inbound HTTP headers. My attempts to make it do have, so far, only triggered HTTP 500 responses. (Edit: i'd forgotten that CGIs don't get headers. The headers are necessarily consumed by the web server to find the CGI script and populate its environment.) check-in: 6c900645ea user: stephan tags: xfer-login-card | |
| 15:58 | Minor optimization: replace calls to mprintf("%s", X) with fossil_strdup(X). check-in: 4c3e1728e1 user: danield tags: trunk | |
|
2025-07-22
| ||
| 22:53 | Add some debugging 'message' cards to help trace how the remote is handling the login. check-in: 21be2978af user: stephan tags: xfer-login-card | |
| 18:11 | Remove some dead code. Add some internal docs. Add a couple of const qualifiers to help me reason through the xfer payload buffer's lifetime. check-in: 459d0cbbc7 user: stephan tags: xfer-login-card | |
| 17:52 | Remove lots of debug output. Replace a couple of mprintf() with fossil_strdup() and a couple free() with fossil_free(). Milestone: libfossil has successfully logged in to this version of fossil. check-in: 1078a123c1 user: stephan tags: xfer-login-card | |
| 15:53 | Doc typo fixes. check-in: 2250a684cc user: stephan tags: xfer-login-card | |
| 15:51 | Set g.syncInfo.bLoginCardHeader=1 if that inbound header is detected, rather than delaying it until the /xfer handling. Internal doc additions. check-in: 4fc13c5c88 user: stephan tags: xfer-login-card | |
| 15:41 | Enable the HTTP login header if the xfer server-version is high enough, analog to the same check for the client-version. check-in: bc3ad94411 user: stephan tags: xfer-login-card | |
| 15:12 | Get sync working from both login card forms and add a temporary --login-card-header CLI flag to force it to emit the HTTP header form of the card in output requests. If all is well, this checkin should be able to push to the canonical repo, despite their differences. check-in: 042560df54 user: stephan tags: xfer-login-card | |
| 02:32 | The previous checkin left me unable to push because (of course) the remote trunk doesn't know how to use the login card header. This checkin disables, via a macro toggle, the use of that header on outbound sync requests. check-in: cb42278d84 user: stephan tags: xfer-login-card | |
| 02:16 | For testing purposes only, unconditionally use the X-Fossil-Xfer-Login HTTP header for sync requests, rather than add it to the payload (which seems to work okay). This is primarily so that apples-to-apples comparisons can be made in libfossil's testing, and will be reverted (or applied conditionally) once the libfossil side is working. check-in: ff942066d5 user: stephan tags: xfer-login-card | |
|
2025-07-21
| ||
| 23:45 | Move the X-Fossil-Xfer-Login header check to the correct end of the connection. It is receiving these from libfossil tests but is failing to validate them, but that may well be a bug in that brand new downstream code. check-in: b49c9b3685 user: stephan tags: xfer-login-card | |
| 19:47 | Update sync.wiki for [12cc5bbf227e3]. check-in: a4c5a2a961 user: stephan tags: xfer-login-card | |
| 19:39 | Do not allow more than one login card in the sync protocol. check-in: 12cc5bbf22 user: drh tags: xfer-login-card | |
| 18:42 | Replace an mprintf() with fossil_strdup(). check-in: 73a2bd06b1 user: stephan tags: xfer-login-card | |
| 18:40 | And this time compile before committing. check-in: a62ffc1922 user: stephan tags: xfer-login-card | |
| 18:38 | Enable an /xfer login card to be delivered via the X-Fossil-Xfer-Login HTTP header, which is expected to be in the same format as the sync protocol's login card. The purpose of this is to simplify generation of the login card from non-fossil(1) clients, namely libfossil. This is untested until libfossil can generate such cards (it's just missing a bit of glue for that). check-in: cfddded40e user: stephan tags: xfer-login-card | |
| 17:16 | Account for [638b7e094b899a] when building with --json, as reported in [forum:9acc3d0022407bfe | forum post 9acc3d0022]. check-in: c6f0d7aecd user: stephan tags: trunk | |
| 13:20 | Remove FossilUserPerms::Query, as it's unused and its designated capabilities letter 'q' collides with ModTkt. It's been there since 2011-09-14 but went unnoticed until today when that struct was emacs-macro-reformatted into libfossil and triggered a duplicate case value for the letter 'q'. check-in: 638b7e094b user: stephan tags: trunk | |
| 12:23 | Sync with trunk. check-in: e17d35e796 user: florian tags: standard-cli-colors | |
| 12:20 | Sync with trunk. check-in: 931e7065bb user: florian tags: diff-word-wrap | |
| 12:16 | Sync with trunk. check-in: 75244ee4fd user: florian tags: diff-keyboard-navigation | |
| 12:14 | Sync with trunk. check-in: a2a1e4a7dc user: florian tags: timeline-keyboard-navigation | |
|
2025-07-15
| ||
| 20:11 | Update the built-in SQLite to the latest trunk version, for testing. check-in: 01855974c9 user: drh tags: trunk | |
| 08:16 | Move the mark->rid assignment down one block to avoid setting it if we're not going to use it for the 'b' and 'c' mark cases. Leaf check-in: c2d25c42f9 user: stephan tags: git-parse-mark-fix | |
| 08:13 | A proposed, but also unproven, patch for the git export parse_mark() issues discussed in [forum:906c248f2f79de41 | forum thread 906c248f2f]. check-in: 076c8def28 user: stephan tags: git-parse-mark-fix | |
|
2025-07-14
| ||
| 17:31 | Add mentions in changes.wiki and signing.md that SSH-signed artifacts are "ignored" by fossil versions prior to 2.26, as suggested in [forum:9348885dd6 | forum post 9348885dd6]. check-in: 3f8d014f99 user: stephan tags: trunk | |
| 13:13 | Add the -l and -x options to the test-filezip command. check-in: 932d351ea5 user: drh tags: trunk | |
|
2025-07-13
| ||
| 20:57 | Update the (undocumented) test-filezip command so that the ZIP archvie it creates has correct timestamps. check-in: 6368fce274 user: drh tags: trunk | |
|
2025-07-09
| ||
| 21:54 | improve whatis output when lising checkins contain some file artifact by showing on which branch belong the checkin. (just like the /whatis webpage) check-in: d3896c2acd user: mgagnon tags: trunk | |
| 14:16 | Update the change log for version 2.27 check-in: a403e11b6f user: drh tags: trunk | |
| 13:52 | Update the built-in SQLite to a version that fixes a possible UAF following OOM. check-in: a6d506ecc4 user: drh tags: trunk | |
| 13:46 | Do not give unnecessary clues to user anonymous (which is the login used by most attack robots) that something has gone wrong inside of Fossil. check-in: c66b038cae user: drh tags: trunk | |