Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Disallow versioning of security sensitive settings tcl-setup, th1-setup, and th1-uri-regexp. For effective security, these settings should only be controllable by an administrator. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
2da704c5a17a802ae51e870934505e82 |
| User & Date: | drh 2019-08-21 12:32:20 |
Context
|
2019-08-21
| ||
| 15:56 | Server documentation updates. ... (check-in: b2426c27 user: drh tags: trunk) | |
| 14:46 | Merge in recent developments on trunk. ... (check-in: 70d091ea user: andybradford tags: test-updates) | |
| 12:32 | Disallow versioning of security sensitive settings tcl-setup, th1-setup, and th1-uri-regexp. For effective security, these settings should only be controllable by an administrator. ... (check-in: 2da704c5 user: drh tags: trunk) | |
| 11:26 | Update to the default CSP page. Attempted to resolve merge conflicts, but more editting is likely necessary. ... (check-in: 33a7b8ba user: drh tags: trunk) | |
Changes
Changes to src/db.c.
| ︙ | ︙ | |||
3489 3490 3491 3492 3493 3494 3495 | ** If enabled Tcl integration commands will be added to the TH1 ** interpreter, allowing arbitrary Tcl expressions and ** scripts to be evaluated from TH1. Additionally, the Tcl ** interpreter will be able to evaluate arbitrary TH1 ** expressions and scripts. */ /* | | | 3489 3490 3491 3492 3493 3494 3495 3496 3497 3498 3499 3500 3501 3502 3503 | ** If enabled Tcl integration commands will be added to the TH1 ** interpreter, allowing arbitrary Tcl expressions and ** scripts to be evaluated from TH1. Additionally, the Tcl ** interpreter will be able to evaluate arbitrary TH1 ** expressions and scripts. */ /* ** SETTING: tcl-setup width=40 block-text ** This is the setup script to be evaluated after creating ** and initializing the Tcl interpreter. By default, this ** is empty and no extra setup is performed. */ #endif /* FOSSIL_ENABLE_TCL */ /* ** SETTING: tclsh width=80 default=tclsh |
| ︙ | ︙ | |||
3521 3522 3523 3524 3525 3526 3527 | /* ** SETTING: th1-hooks boolean default=off ** If enabled, special TH1 commands will be called before and ** after any Fossil command or web page. */ #endif /* | | | | 3521 3522 3523 3524 3525 3526 3527 3528 3529 3530 3531 3532 3533 3534 3535 3536 3537 3538 3539 3540 3541 | /* ** SETTING: th1-hooks boolean default=off ** If enabled, special TH1 commands will be called before and ** after any Fossil command or web page. */ #endif /* ** SETTING: th1-setup width=40 block-text ** This is the setup script to be evaluated after creating ** and initializing the TH1 interpreter. By default, this ** is empty and no extra setup is performed. */ /* ** SETTING: th1-uri-regexp width=40 block-text ** Specify which URI's are allowed in HTTP requests from ** TH1 scripts. If empty, no HTTP requests are allowed ** whatsoever. */ /* ** SETTING: uv-sync boolean default=off ** If true, automatically send unversioned files as part |
| ︙ | ︙ |