Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
40 check-ins using file src/security_audit.c version a8ba14e51a
|
2018-08-30
| ||
| 16:13 | Silence warning about unused variable check-in: 2f72c1fbd2 user: andygoth tags: trunk | |
| 16:05 | Add the ability to delete users to the /setup_uedit webpage. check-in: 1e5cdd35cd user: drh tags: trunk | |
| 14:43 | Attempt to make the /subscribe and /alerts forms less confusing. check-in: 6d04bab418 user: drh tags: trunk | |
| 14:03 | Update the built-in SQLite to the latest 3.25.0 alpha version, for testing. check-in: 57e80ad20a user: drh tags: trunk | |
|
2018-08-29
| ||
| 12:57 | Improvements to the capability listing page: /setup_ucap_list check-in: 8689cf8b83 user: drh tags: trunk | |
| 11:17 | Updates to the "How The Download Page Works" document. check-in: 498cfbf76a user: drh tags: trunk | |
| 11:06 | Disallow inline javascript unless protected by a nonce. check-in: ff747b5151 user: drh tags: trunk | |
| 11:04 | Try to start a new write transaction before updating the VCACHE table. This will hopefully prevent occasional "database is locked" errors when browsing the documentation. check-in: 03979823d1 user: drh tags: trunk | |
| 03:31 | Fixed some Markdown-isms just checked into www/forum.wiki. check-in: 34a3bc12b0 user: wyoung tags: trunk | |
| 03:25 | Assorted improvements to the "Skin Setup" section of forum.wiki. check-in: 04d4bde170 user: wyoung tags: trunk | |
| 03:13 | Clarity fixes to the Email Alerts capability paragraph of forum.wiki check-in: d6e5754d71 user: wyoung tags: trunk | |
|
2018-08-27
| ||
| 15:00 | Remove unnecessary execute bit check-in: cabc447c68 user: andygoth tags: trunk | |
| 15:00 | Correct markdown reference documentation on optional outermost | characters check-in: 08e4371bdc user: andygoth tags: trunk | |
|
2018-08-26
| ||
| 03:35 | Applied the new CSP nonce to the <script> tags in the header for the Enhanced Original, Eagle, and Xekri skins, else the clock in the upper right breaks and Chrome gives an error about the CSP violation. Closed-Leaf check-in: b9d86ed261 user: wyoung tags: csp-nonce | |
| 02:20 | Update JSON code to account for new capabilities. Also, the 'setup' and 'admin' capabilities should imply 'debug'. check-in: 3f12d40661 user: mistachkin tags: trunk | |
|
2018-08-25
| ||
| 20:41 | Coloring the hyperlinks to the newest forum posts from /forum with a dimmer and less saturated version of the normal hyperlink color in the default skin, to test the new div.forumPosts selector. Other skins to be updated later if this is approved. check-in: 86ff84dac8 user: wyoung tags: trunk | |
| 17:50 | Merge enhancements from trunk. check-in: 17b9ecbea6 user: drh tags: csp-nonce | |
| 17:24 | Merged forum-skin-links branch to trunk. check-in: 91c2b1b6c5 user: wyoung tags: trunk | |
| 16:06 | Added new CSS class forumPosts to the <div> containing the list of posts on the /forum page so that skins can target elements of this list differently than others. One immediate use for this is styling read threads differently via a:visited styling. Currently, only one of the stock skins ships with an unconditional a:visited change, so that all links show in the same color regardless of their state. That's fine in most areas of the UI, but in the forum, a skin developer may want something special, so we need a way to mark them differently. This <div> was already using the broadly-used "fileage" style, but we don't want changes to a:visited and such to affect all other users of fileage, so we need a unique style to this page. check-in: 7778249033 user: wyoung tags: trunk | |
|
2018-08-24
| ||
| 08:29 | Merge trunk. Undo unintended changes in previous commit check-in: 5583448c56 user: jan.nijtmans tags: openssl-1.1 | |
| 08:25 | Add configurations "enable-capieng" (use Windows Certificate Store) and "no-weak-ssl-ciphers" (disable RC4 support) check-in: b5a11142ee user: jan.nijtmans tags: openssl-1.1 | |
|
2018-08-23
| ||
| 16:02 | Do not try to run backoffice if not connected to a valid repository. check-in: 3f5b254932 user: drh tags: trunk | |
| 15:14 | Merge trunk. Update to Beta 7 of OpenSSL 1.1.1 (pre release 9, with TLS 1.3 support !!!) check-in: cbdbc0a0ce user: jan.nijtmans tags: openssl-1.1 | |
| 15:07 | Add the meta-viewport header to the repository list page. check-in: bb7c2d91df user: drh tags: trunk | |
| 02:57 | Put all javascript inline using a nonce. Disallow 'unsafe-inline' CSP for javascript. check-in: 89c40851f0 user: drh tags: csp-nonce | |
|
2018-08-22
| ||
| 19:43 | Fix a unfinalized query in the /admin_log page. check-in: 6022ad49c4 user: drh tags: trunk | |
|
2018-08-21
| ||
| 01:33 | Dynamic number of columns on the /help page, based on screen width check-in: 1d495e89e2 user: drh tags: trunk | |
|
2018-08-20
| ||
| 23:36 | Add 10% more horizontal space in columns of the file browser /dir page. check-in: 0acb670e53 user: drh tags: trunk | |
| 19:30 | For timeline graphs on narrow screens, set the rail pitch to its minimum value to conserve horizontal space. check-in: e63da90dee user: drh tags: trunk | |
| 19:15 | When displaying a timeline on a narrow screen, move the date to the third column to make the first column narrower. check-in: 8fc7c1b1bb user: drh tags: trunk | |
| 18:29 | Fix harmless compiler warnings. check-in: 02bd594146 user: drh tags: trunk | |
| 18:05 | Make all webpages more mobile-friendly. There are still many tweaks possible, but it seems to basically work now. check-in: 9131af26f1 user: drh tags: trunk | |
| 18:04 | Enable responsive design by default on all skins. Closed-Leaf check-in: 466744aae2 user: drh tags: mobile | |
| 17:51 | Add automatic columnation of the capabilities in the /setup_uedit screen. check-in: 4f4956f831 user: drh tags: mobile | |
| 17:31 | On the flat /dir webpage, automatically adjust the number of columns based on the screen width. check-in: 50698a3c27 user: drh tags: mobile | |
| 16:06 | Simple changes to the default CSS and Header that seem to help Fossil work better on mobile by avoiding menu wraps. check-in: 5fb040810e user: drh tags: mobile | |
|
2018-08-17
| ||
| 15:38 | Fix the /setup_smtp page so that it edits the routing table sensibly. check-in: 5416287d18 user: drh tags: trunk | |
| 14:24 | Add the /emailoutq page, accessible only by the administrator. check-in: ca732777c4 user: drh tags: trunk | |
| 13:04 | Break out the user configuration pages into a separate "setupuser.c" source file. check-in: a49ed35bb7 user: drh tags: trunk | |
| 12:32 | Improvements to privilege processing and the "Security Audit" page /secaudit0. check-in: 397d23c161 user: drh tags: trunk | |