Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
50 check-ins related to "trunk" plus check-in "2019-08-19 01:17:06" occurring around 2019-08-19 01:17:06.
|
2019-08-21
| ||
| 16:57 | Extra defenses against running fossil_atexit() more than once. ... (check-in: bc7683e15a user: drh tags: trunk) | |
| 16:55 | Fix the "shell" command so that it avoids invoking the atexit() handler more than once. ... (check-in: 07a5a2118e user: drh tags: trunk) | |
| 15:56 | Server documentation updates. ... (check-in: b2426c2786 user: drh tags: trunk) | |
| 14:46 | Merge in recent developments on trunk. ... (check-in: 70d091eacc user: andybradford tags: test-updates) | |
| 12:32 | Disallow versioning of security sensitive settings tcl-setup, th1-setup, and th1-uri-regexp. For effective security, these settings should only be controllable by an administrator. ... (check-in: 2da704c5a1 user: drh tags: trunk) | |
| 11:26 | Update to the default CSP page. Attempted to resolve merge conflicts, but more editting is likely necessary. ... (check-in: 33a7b8babe user: drh tags: trunk) | |
| 11:09 | Added a header to the new XSS material in defcsp.md so we can refer directly to it. ... (check-in: 7b843f2d43 user: wyoung tags: trunk) | |
| 11:01 | More thorough explanation of <script nonce> in www/defcsp.md, and explained the reason why Fossil has no way of providing that nonce in most content types rather than link to the "XSS via check-in rights" forum post. This new presentation of that post's ideas is more detailed and includes discussion of the feature's interaction with the TH1 docs feature. ... (check-in: 8d43bb8786 user: wyoung tags: trunk) | |
| 09:40 | Major improvements to the new defcsp.md article. Expanded the introductory material to better describe what the CSP does; added named anchors to headers; moved the discussion of $default_csp overrides into this document from customskin.md, which now just says how you use that variable read-only; and added an entirely new section, "Replacing the Default CSP". ... (check-in: 366b23a180 user: wyoung tags: trunk) | |
| 08:52 | Replaced the redundant copy of the default CSP in skins/bootstrap/header.txt with "$default_csp", allowing the TH1 setup script to override the CSP as in all the other stock skins. (Bootstrap is the last stock skin to define a custom <head> element.) ... (check-in: 14ac2cacdd user: wyoung tags: trunk) | |
|
2019-08-20
| ||
| 19:16 | Fix memcpy() compiler warnings. ... (check-in: 7ae4b1a719 user: drh tags: trunk) | |
| 16:11 | Fix possible misaligned pointer to a 16-bit object. ... (check-in: f7c41be825 user: drh tags: trunk) | |
| 15:04 | Updated and expanded documentation on how to set up a Fossil server. ... (check-in: f146e21af9 user: drh tags: trunk) | |
| 14:55 | Add the --with-sanitizer option to the ./configure script. ... (check-in: 231d693314 user: drh tags: trunk) | |
| 07:01 | Fixed a link punctuation bug introduced in [74a6578c]. ... (Closed-Leaf check-in: c57e17931d user: wyoung tags: server-docs) | |
| 06:34 | Merged in trunk improvements ... (check-in: 42d28c0286 user: wyoung tags: server-docs) | |
| 04:57 | Fixed an unwanted "$nonce" variable expansion within the new customskin.md introduced by [9044fd2dbe] which only occurs *sometimes*: not on fossil-scm.org, and apparently not in my earlier ckout testing prior to checking it in, but now in a different ckout test. This has to be a TH1 thing, but I don't understand why we didn't see this earlier. This is just a workaround for the symptom. ... (check-in: 9bdf650f0b user: wyoung tags: trunk) | |
| 04:34 | Fixed a link from the new material in embeddeddoc.wiki to the new CSP material: that briefly lived in customskin.md before checking it in, but then I moved it to a new document and forgot to update the link. ... (check-in: f4cbfd5acc user: wyoung tags: trunk) | |
| 04:24 | Fixed a couple of Tcl syntax fixes that caused the new --with-sanitizer code to a) run unconditionally irrespective of the option's setting and b) to check for the existence of libubsan whether it was actually needed or not. ... (Closed-Leaf check-in: 66fdab7605 user: wyoung tags: configure-updates) | |
| 04:07 | Added www/defcsp.md, which documents the default Content Security Policy applied by Fossil to the HTML pages it serves. Linked that into embeddeddoc.wik and customskin.md, which touched on this topic before but didn't go into much detail. ... (check-in: 4e6d36d7d4 user: wyoung tags: trunk) | |
| 02:09 | Fix a compiler warning in the security-audit page. ... (check-in: 3243a6c148 user: drh tags: trunk) | |
| 01:34 | Added --with-sanitizer configure-time option for appending -fsanitize=VALUE to CFLAGS and LDFLAGS, plus automatic detection of -lubsan for GCC, which doesn't automatically link to that with -fsanitize=undefined as Clang does. EDIT: This check-in breaks the built on Ubuntu 18.04. ... (check-in: 7907b6ffae user: wyoung tags: configure-updates) | |
|
2019-08-19
| ||
| 17:18 | Have the security-audit page analyze and display the content security policy. ... (check-in: 9cf90a4f9d user: drh tags: trunk) | |
| 13:04 | Increase the default HTTP request timeout to 10 minutes. Provide the FOSSIL_DEFAULT_TIMEOUT compile-time option for setting an alternative default. ... (check-in: 7979989dff user: drh tags: trunk) | |
| 01:17 | The www/customskin.md document hadn't been updated since we removed the explicit <html><head> stuff from the default skins and moved that into the C code so we could insert the CSP and such automatically. Updated it to show the inner <div> tags that you actually get by default now, and talked about how the HTML document wrapper is added automatically. Also fixed some spelling and grammar errors. ... (check-in: 9044fd2dbe user: wyoung tags: trunk) | |
| 00:51 | Fix embedded HTML detection for the 'doc' web page when the 'data-title' attribute is not specified. ... (check-in: 3d6a4fd95c user: mistachkin tags: trunk) | |
|
2019-08-18
| ||
| 01:03 | Capitalization fix in HTML output from /artifact_stats ... (check-in: d570edc646 user: wyoung tags: trunk) | |
| 00:59 | Include forum artifact statistics on the /artifact_stats page. ... (check-in: e2f2a05eff user: drh tags: trunk) | |
|
2019-08-16
| ||
| 03:33 | Relaxed the "enforcing" language around the planned change of hash policy from "auto" to "sha3" in Fossil 2.10 within section 2.8 of the fossil-v-git.wiki doc, and clarified what will actually happen with that release as compared to the current release. ... (check-in: c5461fb599 user: wyoung tags: trunk) | |
| 01:58 | Merged recent spell check fixes into this branch so we don't revert any of them. ... (check-in: a9fd086f13 user: wyoung tags: server-docs) | |
| 01:57 | Another spell check pass on www/* using a different dictionary than in the prior pass. ([79c2cb083152]) ... (check-in: 0996347d4a user: wyoung tags: trunk) | |
|
2019-08-15
| ||
| 16:16 | Server Documentation Update. This ckeckin contains instructions for using Fossil as a windows service and with stunnel as an https proxy. ... (check-in: 8b7c563d49 user: ckennedy tags: server-docs) | |
|
2019-08-13
| ||
| 23:29 | Additional documentation on CGI configuration options. Updates to the change log. New hyperlinks interconnecting the various documents. ... (check-in: fbc3b2f72e user: drh tags: trunk) | |
| 20:44 | Remove the sigalrm_handler() function on windows builds as it is never called there. ... (check-in: 1d7afcdff6 user: drh tags: trunk) | |
| 20:31 | Improvements to HOME search on windows, and improve the documentation of the same. ... (check-in: 006afac0f0 user: drh tags: trunk) | |
| 19:31 | Set a default timeout on CGI requests of 300 seconds. ... (check-in: 859d6b1694 user: drh tags: trunk) | |
| 14:40 | Add "Forum Posts" as an option to "Activity Reports" ... (check-in: 6ada7e3768 user: drh tags: trunk) | |
| 12:32 | Improvements to the hyperlink description in /md_rules. ... (check-in: b8fac03594 user: drh tags: trunk) | |
|
2019-08-10
| ||
| 23:04 | Added "Forum Posts" choice to the "Activity Reports" sub section of /stat. ... (Closed-Leaf check-in: f39e47a19e user: wyoung tags: forum-post-activity-report) | |
| 18:07 | Refine HOME search order on Windows to maintain backward compatibility with the previous search hierarchy. ... (Closed-Leaf check-in: c07cbcd3db user: mistachkin tags: windows-env-usage-v2) | |
| 15:34 | Merge in from trunk. ... (check-in: 0f9f2e403d user: andybradford tags: test-updates) | |
| 03:23 | Inserted %USERPROFILE% between %FOSSIL_HOME% and %LOCALAPPDATA% in the code that chooses where the user's account-wide _fossil file lives on Windows. (This is the Windows analog to the ~/.fossil file on POSIX systems.) Also updated the docs to match. ... (check-in: 15176c8ae5 user: wyoung tags: windows-env-usage) | |
|
2019-08-09
| ||
| 21:08 | Update the /stat page to show forum statistics. ... (check-in: 29141af7af user: drh tags: trunk) | |
| 20:56 | Fixes to the new markdown hyperlink logic to handle the case there the target URL is not defined. ... (check-in: 44545eef88 user: drh tags: trunk) | |
| 20:15 | Contributing PowerShell script Set-ChildProject.ps1. This script wraps the code for converting a project into a child project into an easy to use PowerShell script. The script should be cross platform, but was only tested on Windows 10. ... (Leaf check-in: 0b70cf6d57 user: ckennedy tags: windows-tools) | |
| 18:14 | Enhance markdown to use the same hyperlink target resolving logic as Fossil wiki. That means that wiki page names and check-in and ticket hashes can now be used as markdown hyperlink URLs. Also enhance markdown hyperlinks so that if the display text is an empty string, the URL is used as the display text. ... (check-in: 774fb7712f user: drh tags: trunk) | |
| 16:40 | Two additional places where links to /markup_help are useful. ... (check-in: 5f328d9f90 user: drh tags: trunk) | |
| 16:37 | Fix up the markdown rules to include recent enhancements to fenced code blocks. On "Markup Style:" entry boxes, provide a hyperlink for easy access to the rule sheets. ... (check-in: 18a84ed81e user: drh tags: trunk) | |
| 15:57 | Further work on the fenced code blocks of markdown. Allow blank lines in the middle of a fenced code block. And also allow ~ character (three or more) to serve as the delimiter for fenced code blocks. ... (check-in: c7600da489 user: drh tags: trunk) | |
| 12:15 | Added an aside in fossil-v-git about Git's minority use of high-level scripting languages aside from its dominant one, POSIX shell, with a comparison to Fossil's own use of high-level scripting. ... (check-in: 1296ee46a3 user: wyoung tags: trunk) | |