Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

199 check-ins occurring around 836a85cbaead8fec.

Several small tweaks to check-in: e73901f1 user: wyoung tags: trunk
Enable client to control how much time skew is allowed before warning. This can be useful if one is not in control of the time on the remote server. Patch rejected because accurate timestamps are crucial. Closed-Leaf check-in: 307f7642 user: andybradford tags: time-skew-setting
Update custom Makefile for MinGW. check-in: 161958a4 user: mistachkin tags: trunk
Added "Alternatives" section to check-in: 004c5507 user: wyoung tags: trunk
When replying to a Forum Post or Reply, show additional information to provide additional context. This helps if one walks away from the browser before submitting the response. Leaf check-in: e19dcc1a user: andybradford tags: forum-replies
Minor /shun wording change suggested in the forum. check-in: b3e8253d user: stephan tags: trunk
Added -- support to (3-way-merge, open, sqlar, stash save|snapshot, tarball, touch, undo/redo, update, zip). Closed-Leaf check-in: 52ae3288 user: stephan tags: double-dash-flag
Added -- support to (diff, finfo, grep, new). We can now grep for patterns which start with a dash. check-in: 639b2c18 user: stephan tags: double-dash-flag
Added -- support to (annotate, artifact, cat, clone). check-in: ef763bcf user: stephan tags: double-dash-flag
Update the fingerprint mechanism so that it if the revised hash algorithm fails, it retries using the legacy hash algorithm before reporting an error (and alarming users). The revised hash is always stored. The "test-fingerprint" command is updated to show both the old and the new hash algorithm and the fingerprint currently stored in the localdb. check-in: 36d36858 user: drh tags: trunk
Help syntax change to match project conventions: [--] to ?--? check-in: 95ed1894 user: stephan tags: double-dash-flag
Added -- support to (changes, clean, extras, ls, commit). check-in: 1b649b9d user: stephan tags: double-dash-flag
Added -- support to (add, rm, mv). check-in: 9a7101d5 user: stephan tags: double-dash-flag
fossil add: fixed leak of ignore-glob prompt string. check-in: e5e09407 user: stephan tags: trunk
Added -- support to wiki create/commit/export. Refactored/simplified how fetching of a dash-as-stdin/stdout argument is done from command-side code. check-in: dba4fd9b user: stephan tags: double-dash-flag
Added -- support to: (branch new) (uv add/cat/edit/export/rm) check-in: 78a30d8d user: stephan tags: double-dash-flag
Simplified the verify_all_options() porting strategy, such that -- is disallowed by default and routines which should/can support it need to call verify_all_options2() instead of us changing the signature of verify_all_options(). This will result in far fewer changes than the previous approach. check-in: a9b9b5bc user: stephan tags: double-dash-flag
Initial work on unified "--" flag support, as requested in There's still lots to do here. check-in: d8ebbd76 user: stephan tags: double-dash-flag
Adds syntax-hl boolean option, fixes file extension retrieval.    The addition of the syntax-hl boolean allows fossil to detect at the behest of the user that a syntax highlighting system that will handle line numbering is being used in cooperation with fossil such that fossil need not try to do line numbering, selection, highlighting, etc, itself. The file extension retrieval is now done with no use of extra or one off queries. Leaf check-in: 6ead94ab user: lmartin92 tags: syntax-hl-with-linenumbers
Remove the discussion of the "close" command from the document as the "close" command is not really needed, is rarely used, and serves no purpose in the document but to confuse the reader. check-in: f6e63530 user: drh tags: trunk
Fix a typo in the CGI extension documentation. check-in: b4ac00d8 user: drh tags: trunk
Updates to the change log. check-in: 4eea6bf9 user: drh tags: trunk
Fix the test-http command so that it omits line-ending conversions. This allows the ssh: clone/sync method to work with a windows server. check-in: 28b15b48 user: drh tags: trunk
Allow remote commands of the form "*/fossil.exe" on the "ssh:" protocol. check-in: 8f70ccaa user: drh tags: trunk
Performance optimizations in the markdown formatter. check-in: ef41fbfa user: drh tags: trunk
Create and use the blob_append_string() macro for appending string literals. Improvements to blob_append_char(). check-in: 48c47e1e user: drh tags: trunk
Performance optimization to frequently used blob_append() routine. check-in: 93392374 user: drh tags: trunk
Use the strcspn() C-library routine to optimize the textLength() function in the Fossil-wiki formatter. check-in: 64a63468 user: drh tags: trunk
Additional efforts to limit depth of recursion in markdown. check-in: cd5e9f26 user: drh tags: trunk
Attempt to limit the depth of recursion in markdown formatting. check-in: a5835cac user: drh tags: trunk
Fix a problem with the treatment of unterminated quoted attributes in HTML elements in the wiki formatter. check-in: 48276cfc user: drh tags: trunk
Simplification of buffer management in the markdown formatter. check-in: f8e9197d user: drh tags: trunk
Fix two harmless memory leaks. check-in: 7949d941 user: drh tags: trunk
Move the implementation of the test-markdown-render command so that it is beside the test-wiki-render command in wikiformat.c. Also make minor enhancements to the help text for both commands. check-in: fcb20df7 user: drh tags: trunk
Fix a memory leak in the markdown renderer. check-in: 199b20d0 user: drh tags: trunk
Fix harmless memory leaks. check-in: 79988f96 user: drh tags: trunk
Fix a potential bug in the table parsing logic of markdown rendering. check-in: 2263cf08 user: drh tags: trunk
Fix a potential endless loop in the markdown formatter. Enhance the fuzzer to run inputs on both the Fossil-wiki and the markdown formatters on each iteration. check-in: 4b46fb91 user: drh tags: trunk
Additional rebustness improvements for BOM handling. check-in: 9d962928 user: drh tags: trunk
Improved comments on the fuzz.c module. No code changes. check-in: 898d5b6d user: drh tags: trunk
Merge the libfuzzer integration. check-in: 3a712921 user: drh tags: trunk
Fix an off-by-one error in the BOM decoder. check-in: b3f45b33 user: drh tags: trunk
Add support for testing with libFuzzer. Leaf check-in: 8a6e8e27 user: drh tags: libFuzzer
Change the database fingerprint algorithm slightly so that it is not dependent on the details of floating-point computations, and thus gives the same answer on a native x64 processor as it does under valgrind. Also fix a bug in the RID change event computation so that it works even if files have been added. check-in: 265f8e2d user: drh tags: trunk
Update the built-in SQLite to the latest 3.30.0 alpha version, for testing. check-in: 44900415 user: drh tags: trunk
Updates to the change log. check-in: b6c36e87 user: drh tags: trunk
In the db_get(N,D) function, if N is setting, then always leave D as NULL so that we use the published default value for that setting. check-in: eb804dc6 user: drh tags: trunk
Style cleanup (no tabs). No functional change. check-in: 89872d17 user: andybradford tags: trunk
Do not acquire check-in locks if autosync is pullonly, as the lock will not be cancelled by a subsequent push and will need to time out. check-in: 0d5251d3 user: drh tags: trunk
Updates to the check-in locking protocol. The check-in lock timeout now defaults to 60 seconds, but the lock is renewed and fork and close-branch tests are repeated after an interactive check-in comment entry. check-in: 18d58801 user: drh tags: trunk
Update to openssl 1.1.1d check-in: 74aac0ed user: jan.nijtmans tags: trunk
Merge in latest developments from trunk. Leaf check-in: b713393b user: andybradford tags: db-begin-txn-updates
Attempt to improve error messages resulting from SQL errors. check-in: b94e15cf user: drh tags: trunk
Rewrote the "One vs. Many Check-outs per Repository" section in to focus more on default modes of operation and their consequences in response to nit-picking on the thread about this article pointing out that you can make Git work in the Fossil style. Defaults matter. check-in: 10a57cec user: wyoung tags: trunk
Enhance the title for the /finfo page when the ubg query parameter is present. Use the ubg query parameter for the document history link on the page. check-in: 80f98251 user: drh tags: trunk
Added paragraph on feedback loops, control theory, and OODA to the fossil-v-git doc, distilling a recent discussion on the forum. check-in: b0f2a48f user: wyoung tags: trunk
Reworked the final paragraph of the new section 2.8 in, adding in a mention of www/ to the comparison, to make it fairer. check-in: 8f7576b0 user: wyoung tags: trunk
Added section "7.0 Collapsing check-ins throws away valuable information" to, linked to from the previous throwaway comment about squashing a whole branch down to a single commit during rebase. This section explains an entire class of harms that come from rebase which wasn't previously covered. check-in: c71fe99f user: wyoung tags: trunk
Added section "2.8 Test Before Commit" to the fossil-v-git doc. check-in: e5ba4578 user: wyoung tags: trunk
Added a few paras to section 3.0 in, giving consequences of siloed development in Socratic fashion. check-in: 924bf44d user: wyoung tags: trunk
Assorted grammar and spelling fixes in www/ Also added named anchors to all of the sections. check-in: cd689b38 user: wyoung tags: trunk
Added another link from www/ to check-in: 29997f80 user: wyoung tags: trunk
Add the optimized file_is_simple_pathname_nonstrict() as an alternative to file_is_simple_pathname() when parsing manifests. check-in: b4aadf2c user: drh tags: trunk
Use strchr() to improve the performance of defossilize(). check-in: 0aaefeab user: drh tags: trunk
Use strspn() to improve the performance of validate16(). check-in: c550d6e0 user: drh tags: trunk
Add the --limit N option to the test-parse-all-blobs test command, so that we can easily limit the run-time of that command for cachegrind performance testing. check-in: 52211ccc user: drh tags: trunk
Performance optimization in the control artifact parser. check-in: 3d802ec5 user: drh tags: trunk
Add the lock-timeout setting. check-in: 6d3daf74 user: drh tags: trunk
Performance optimization in fossil_strcmp(). check-in: 72a4b613 user: drh tags: trunk
Adjust test case for TH1 permissions tests. WrUnver (y) is not enabled by default and must be intentionally set. check-in: 582d3357 user: andybradford tags: trunk
Minor editorial changes to, in an attempt to improve clarity and readability. check-in: 9b32c180 user: drh tags: trunk
Fix a typo in the document. check-in: 82f75864 user: drh tags: trunk
Include new repolist-skin setting in list of all settings so tests will pass. check-in: 2e3bffaa user: andybradford tags: trunk
Add the noreadme query parameter to /dir check-in: bf3383b9 user: drh tags: trunk
makeheaders.c: suggestions from do not emit main() decl, elide C++ constructor member initialization, and add a missing fclose(). check-in: 9512ed93 user: stephan tags: trunk
Remove the "Draft" notation from the rebase document. Link the new document into the documentation index. check-in: 569cc741 user: drh tags: trunk
Replaced ASCII art diagrams in the new rebase document with yEd SVG diagrams. Same semantic content. check-in: d6222f89 user: wyoung tags: trunk
Upper-case query parameter, POST parameter, and cookie names are converted to lower-case prior to entering them into the parameter set. Before this change, upper-case names were silently rejected. check-in: 19bbd2c5 user: drh tags: trunk
Minor tweaks prior to merging. Closed-Leaf check-in: 4231d4b6 user: drh tags: noJsonCgiFlag
Fixed a bug introduced in [bcdc4c55] which breaks capabilities for all Admin and Setup users. check-in: a6ffdaf2 user: wyoung tags: trunk
Correct a minor grammatical error in a sentence for new rebase document. check-in: 049c42df user: andybradford tags: trunk
An extension of the now-merged code-in-pre branch to allow it to work on /artifact pages and such when the ln parameter is given. This branch is a proof of concept only, for demonstrating a point and experimentation, not to be merged. See the forum discussion for details. Leaf check-in: a65834a7 user: wyoung tags: code-in-pre-with-ln
Fixed a few spelling and grammar errors in www/ check-in: 708696d8 user: wyoung tags: trunk
Small tweaks to previous. check-in: 1ff41dda user: wyoung tags: trunk
Updated caps docs to cover the two "missing" caps on Admin and Setup users better, including this recent decision to deny them cap x. This check-in also fixes a number of links broken within these docs during the stage where we were breaking the docs up and moving things around, which should have been caught before merging this down to trunk. check-in: 8a77f459 user: wyoung tags: trunk
Removed 'x' from the string of caps reported for Admin and Setup users in capability_expand(), which is used within the SQLite extension function fullcaps(), which among other things affects the output of /setup_ucap_list. We were still reporting that Admin and Setup users have Private capability despite [bcdc4c55]. check-in: 63581ec8 user: wyoung tags: trunk
Remove a spurious line from the header comment of the makeheaders.c utility program. check-in: d5a6ea96 user: drh tags: trunk
Add section numbers to the Rebase document. check-in: 237bde96 user: drh tags: trunk
More typo fixes in the Rebase document. check-in: aaacce23 user: drh tags: trunk
Merge updates from trunk. check-in: 20c64950 user: mistachkin tags: noJsonCgiFlag
Setup and Admin users should not automatically have have the Private capability. This reverses the principal change from check-in [b241130222]. check-in: bcdc4c55 user: mistachkin tags: trunk
Fix a typo in the Rebase document. check-in: 18e58e29 user: drh tags: trunk
Minor edits to Rebase Considered Harmful, for clarity. check-in: a2ea8151 user: drh tags: trunk
Add initial draft of the "Rebase Considered Harmful" document. check-in: 4f79941f user: drh tags: trunk
Update the built-in SQLite to the latest 3.30.0 alpha, as an SQLite beta test. check-in: f8823ae8 user: drh tags: trunk
Update the 'reconstruct' command to issue an error instead of a warning on failure importing the list of private artifacts, so no new repository with all-public contents is created. Leaf check-in: 8c4ef2c0 user: florian tags: private-branches
Update the Private Branches document to explain how to publish private branches (i.e. how to make them non-private), and mention why the --integrate option is ignored when merging private branches. check-in: 86ecdeef user: florian tags: private-branches
Reflow the help screens for 'deconstruct' and 'reconstruct', and add the new --keep-private option. check-in: dc8fcc7f user: florian tags: private-branches
Enhance the 'deconstruct' and 'reconstruct' commands with a new command-line option to save and restore the list of private artifacts. check-in: 66a14e93 user: florian tags: private-branches
Update the 'commit --private' command to only apply default branch name ("private") and color ("orange") if not specified otherwise on the command-line, and if the parent is not already private, to simplify the management of private branches with distinct names. check-in: 836a85cb user: florian tags: private-branches
Make sure the check-in manifest of a merge child does not include a +close tag referring to the leaf check-in on a private branch, so as not to generate a missing artifact reference on repository clones without that private branch. check-in: 8268c5da user: florian tags: private-branches
Update the 'branch new' command to track the status of private branches in the PRIVATE table, instead of using +private tags. check-in: 70849e76 user: florian tags: private-branches
Merged caps-doc branch down to trunk, improving documentation of user capabilities in Fossil. check-in: 779ddefa user: wyoung tags: trunk
Noted lack of WrUnver permission on Setup users by default. Closed-Leaf check-in: ca4085c2 user: wyoung tags: caps-doc
Fixed discussion of "x" cap in www/ to match its current implementation. check-in: c5561039 user: wyoung tags: trunk
Back out check-in [3ad81c3c499599b4] which was causing sync to fail. check-in: e1962ef6 user: drh tags: trunk
Wiki test fixes. check-in: b40f1ac1 user: drh tags: trunk
Make calls to db_begin_write() instead of db_begin_transaction() where appropriate. check-in: 3ad81c3c user: drh tags: trunk
Include the "js" property in the configuration export for skins. check-in: 498fc87a user: drh tags: trunk
When displaying documents, provide class hints about the language of the document to syntax highlighter extensions. check-in: 74b538f6 user: drh tags: trunk
Improvements to /vdiff. Provide the branch= query parameter. In the name decoder, all "merge-in:BRANCH" to mean the most recent merge-in to BRANCH from its parent. Provide "Diff" links for branches that show all changes since the most recent merge-in. check-in: e632a092 user: drh tags: trunk
Fix a possible UNIQUE constraint violation in the new /vdiff logic. Closed-Leaf check-in: 8e175a67 user: drh tags: vdiff-improvements
Adds 'js' to CONFIGSET_SKIN so that skin javascript is included in exports, syncs, etc. Works okay outside of checkouts in my testing. Probably needs some review by drh before being merged. Closed-Leaf check-in: 5d2299d8 user: ckennedy tags: js-skin-export
Added a new section to www/, "Serving Files Within the Limits". It pulls together a bit of info already in the document on the topic and then expands it considerably. The overall message is, "You probably don't have to override the default CSP." check-in: 58883ecc user: wyoung tags: trunk
In /artifact and similar pages, put HTML code tag inside pre with class="language-zExt" where zExt is the extension from the artifact's file name, if any. This allows JS code highlighting plugins to style such pre blocks automatically based on file name extension. Closed-Leaf check-in: f3b91714 user: wyoung tags: code-in-pre
Minor typo correction in comment---no functional change. check-in: ab2b8de8 user: andybradford tags: trunk
Avoid warning about extra call to db_end_transaction() by returning at the end of a complete block. check-in: 7b2350a8 user: andybradford tags: trunk
If there is nothing to stash, issue an error. check-in: d959c48a user: andybradford tags: trunk
Merge in latest from trunk. check-in: aa376391 user: andybradford tags: db-begin-txn-updates
Merge in trunk latest developments. Closed-Leaf check-in: 08291fec user: andybradford tags: test-updates
The IIS web server does not define REQUEST_URI, instead is uses PATH_INFO for virtually the same purpose. Define REQUEST_URI the same as PATH_INFO and redefine PATH_INFO with SCRIPT_NAME removed from the beginning. Leaf check-in: 54fdd1a5 user: tsbg tags: iis-cgi
IIS and possibly other web servers define environment variables with an empty value. Handle them the same as non-existing environment variables. check-in: 9a2ec393 user: tsbg tags: iis-cgi
Ouput an error if the CGI control file is missing on the command line. This prevents IIS to fall in a endless loop. check-in: 6a59d33e user: tsbg tags: iis-cgi
Changed internal docs on capability 6 (AdminForum) to remove the claim that it can be used to revoke capabilty 4 (WrTForum) from users. I think that feature was planned, but no UI was ever created to support it. Maybe that feature will come someday, but the forum feature is over a year old now. Doing it on this branch because this is all part of the capability documentation improvements. Without this checkin, the cap ref doesn't match the code's internal docs. check-in: fd9ba57a user: wyoung tags: caps-doc
Linked to the new caps docs from the existing www/* docs wherever "capability" or "capabilities" was mentioned before. check-in: 0af0e146 user: wyoung tags: caps-doc
Clarified meaning of EmailAlert (7) in cap ref. check-in: 4aceb600 user: wyoung tags: caps-doc
Merged in trunk changes check-in: 493254b2 user: wyoung tags: caps-doc
Updated comment about "6-character random hex password" at the top level of the new setup docs to track [23a9f9bac2]. check-in: f304ba31 user: wyoung tags: trunk
Linked to the new material showing Fossil's idea of user power hierarchy from the comment in about Fossil's support for the organization's social and power hierarchies. It's not that Fossil has *no* support for enforcing this, it's that it's usually a fairly loose match between the two systems. This is an important point, because some people new to Fossil expect 1:1 mapping and get disappointed when we tell them it just doesn't do that. check-in: b72795a3 user: wyoung tags: caps-doc
Fixed some URLs still referring to in its old location. check-in: 182c4d7a user: wyoung tags: caps-doc
Investigated the use of HTTP for sync over ssh:// and file:// URLs and added what I found to the "Caps Affect Web Interfaces Only" section of the new caps docs. check-in: 845b4594 user: wyoung tags: caps-doc
Documented Public Pages and the default user capability set in www/caps/ check-in: 4671ddb1 user: wyoung tags: caps-doc
Moved the discussion about inadvertent attribution of artifacts and the problems with easy solutions to the problem into the implementation details section of the new caps docs and expanded it to cover recent forum discussions. check-in: 78ad8b74 user: wyoung tags: caps-doc
Assorted small improvements to top-level caps doc check-in: f21bfbee user: wyoung tags: caps-doc
Expanded the "Why Not Bitfields?" discussion in www/caps/ Also tweaked the "Capability Letter Choices" text a bit while in there. check-in: 3ac560a2 user: wyoung tags: caps-doc
Changed the hamburger menu link href from "#" to "/sitemap" so clicks on it do something useful in the noscript case. check-in: b2379b31 user: wyoung tags: trunk
Added 'or' help for checkin/ci alias, per forum request. check-in: f616380d user: stephan tags: trunk
For candidate CGI parameter names that start with an uppercase letter, convert them to lowercase and then add. check-in: b47b6b69 user: mistachkin tags: noJsonCgiFlag
Moved www/ to www/caps/ and www/ to www/caps/ Then broke three chunks of the old doc out into new www/caps/* docs: login groups, implementation details of user capabilities, and the user capability reference material. The latter switched from Markdown to HTML format so we could make it a clearer-looking table, rather than its prior hard-to-read bullet list form. check-in: c6cdf9ce user: wyoung tags: caps-doc
Merged most of the new material on Setup vs Admin in the new capabilities doc into the pre-existing doc, which already covers this topic. check-in: ee901c7b user: wyoung tags: caps-doc
Change 'NO_JSON' to lowercase. Remove other branch changes that are now superfluous. check-in: 8baac264 user: mistachkin tags: noJsonCgiFlag
Add hyperlinks to the branch diff page from branch timeline and from /info. check-in: 833b220a user: drh tags: vdiff-improvements
Query and post parameters may never begin with an upper-case letter. To allow that is a huge security hole. check-in: 72c721ea user: drh tags: noJsonCgiFlag
Restore legacy title handling behavior for TH1 docs (changed via check-in [8abeb62737c2b527]). check-in: 42190026 user: mistachkin tags: noJsonCgiFlag
Attempt to fix 'CONTENT_TYPE' detection when a suffix, e.g. '; charset=utf-8', is present. check-in: 891bbc6f user: mistachkin tags: noJsonCgiFlag
Improve comment. check-in: 316dd394 user: mistachkin tags: noJsonCgiFlag
More refinements. check-in: c1f4a846 user: mistachkin tags: noJsonCgiFlag
If the '--cgiupperparamsok' command line option or 'uppercase_params' CGI control line are present, allow parameter names to start with an uppercase letter. check-in: ab0d81f8 user: mistachkin tags: noJsonCgiFlag
Make it possible to disable JSON auto-detection in the CGI subsystem. check-in: a7754353 user: mistachkin tags: noJsonCgiFlag
Grepped the Fossil source code for C code that checks for Setup caps exclusively to preotect functions and listed those in the Reference section of Also expanded the coverage of the "caps affect Fossil web interfaces only" section, which plays into this. check-in: 689f7683 user: wyoung tags: caps-doc
Added cap "n" to "r" in skins that show a /ticket link in their header, since the handler for it allows the page to show for those who can only file new tickets, not just those who can see existing tickets. Also fixed some skins that were using "anoncap" to test this: it needs to work for all logged-in users, not just "anonymous". Leaf check-in: f4e3abce user: wyoung tags: skin-cap-matching
Minor wording change in the header of /vdiff. check-in: 69adb45d user: drh tags: vdiff-improvements
Updates to the /vdiff page with the branch=BRANCH query parameter so that it uses merge-in: instead of root: and thus excludes merge-in check-ins from the diff. check-in: b36dc6f1 user: drh tags: vdiff-improvements
Rewrote explanation of "o" cap. check-in: 208ca0d7 user: wyoung tags: caps-doc
Add the "merge-in:NAME" name type, similar to "root:NAME" except that it finds the youngest anscestor of NAME that is in the branch from which the branch of NAME derived. check-in: dcd8f1d8 user: drh tags: vdiff-improvements
Disentangled discussion of "developer" vs "reader" in check-in: 869494eb user: wyoung tags: caps-doc
Added (Names) to the "Capability Reference" section of so the reference can be used while reading C source code, which uses these names instead of the capability characters in all code past the login handler. check-in: d48dff8f user: wyoung tags: caps-doc
Merge in documentation enhancements from trunk. check-in: c1b62c32 user: drh tags: vdiff-improvements
Remove an unused subroutine. Fix a minor CSS problem. check-in: 2078c746 user: drh tags: vdiff-improvements
On the /vdiff page, show a timeline with both check-ins using different highlights on each check-in. check-in: 6e40f866 user: drh tags: vdiff-improvements
Changed all of the [anycap jor] TH1 calls in the stock skins wrapping the generation of that skin's /timeline and /timeline.rss links to [anycap ijr2] to match the user caps the timeline HTTP hit handler actually checks for in the C code. This is a branch in part because it needs review, but also it's the start of a broader effort to check the other cap checks in the skins to make sure they a) match what the C code checks for; and b) match each other. check-in: 9cee8cf5 user: wyoung tags: skin-cap-matching
Added HTTP proxying info to Debian nginx server setup guide. check-in: c6a033ce user: wyoung tags: trunk
Replaced the content of "Running Fossil in SCGI Mode" within www/server/debian/ with references to our other Fossil server docs. This also reduces the prior focus of this section on fslsrv to a single sentence, since we now prefer the systemd option, now that we have it. check-in: a4bb92f7 user: wyoung tags: trunk
Swapped the simple "whole site is Fossil" example in www/server/debian/ for the more complicated one where only /code is served by Fossil. This is probably going to be more common, and it shows off the important detail of setting SCRIPT_NAME properly. Made a minor adjustment to any/ to track this change, so there is not a pointless difference between these two nginx configs. check-in: 653e90ca user: wyoung tags: trunk
Clarified use of scgi_params, SCRIPT_NAME, and service starting in the generic SCGI server setup doc. check-in: 5a58ac31 user: wyoung tags: trunk
Merge fork check-in: 6c6aae97 user: andygoth tags: trunk
Add the fossil_random_password() utility function and use it to generate a stronger initial admin-user password in the "fossil new" command. check-in: 23a9f9ba user: drh tags: trunk
If the test-markdown-render or test-wiki-render commands are invoked without a repository in which to check for Wiki page names and artifact hashes, then substitute a temporary, empty, in-memory repository so that the commands will still work and won't give SQL errors. check-in: 0ac64dad user: drh tags: trunk
Clarified the placement of "moderator" and "subscriber" in the power hierarchy expression within www/, since each could float up and down somewhat within the fixed hierarchy we give here. Also fixed a broken URL. check-in: ba88f4f2 user: wyoung tags: caps-doc
Markdown hyperlinks are only converted to links to wiki if the named wikipage actually exists. Otherwise, the link becomes a relative link. This is for backwards compatibility. check-in: 3b10e644 user: drh tags: trunk
Added www/, a complete treatment on user capabilities, user categories, login groups, and administration matters involving all of this. It does not replace the pre-existing doc, but a bit of its content did move into this new doc. The new doc also contains the user capability info previously in the doc. This is on a branch because although it's quite useful already, it could use some work before being merged down. At the barest minimum, there are some unanswered questions in the new doc that need addressing.    This new doc does not replace the existing documentation in the UI. It may be that we end up paring that down a bit now that we have a full doc to refer to, but that is a topic for the forum thread that will appear shortly after this checkin. check-in: 832f107e user: wyoung tags: caps-doc
Fixed a few fatal error messages from the login-group command that referred to an "add" command, which is now called "join". The symptom I saw is that "fossil login-group add" complained that "add" is not a valid command and that you should give '"add" or "leave"' instead! check-in: 09c65d75 user: wyoung tags: trunk
Fixed a few messages from the login-group command that referred to an apparent older name for the "join" sub-command, "add". This lead to a confusing symptom: "fossil login-group add foo" -> {unknown command "add" - should be "add" or "leave"}. check-in: 739cd872 user: wyoung tags: trunk
Stronger recommendation for changing the default user's random hex password prior to setting up a Fossil server after learning it's 6 hex digits, not 8 as I thoght when I wrote that! check-in: 9fcd6e44 user: wyoung tags: trunk
Added bullet list detailing the sources for <script nonce=""> from a Fossil server and the reasons we consider each path safe. check-in: 91377ae4 user: wyoung tags: trunk
Reworked the material explaining why in-page <style> is currently allowed by Fossil's default CSP to make it clearer that this is most likely a temporary situation and that local custom CSS should go in the skin instead. check-in: 092eeebf user: wyoung tags: trunk
Expanded the discussion of in-repo and out-of-repo resource links in check-in: 23fcd765 user: wyoung tags: trunk
Reworked the new introductory material in to be less about the CSP as last-resort and more about being a secondary filter to our other measures. Gave examples to clarify the tensions that prevent a purely server-side solution from being a practical solution. check-in: 1c4df5bf user: wyoung tags: trunk
"RaspberryPI" -> "Raspberry Pi" check-in: 5182be99 user: wyoung tags: trunk
Assorted refinements to the new pre- and post-activation advice sections in www/server/index.html: nix passive voice, add a few details, add some links to related docs, etc. Also fixed a CSS indenting problem preventing correct use of in , then made use of the new freedom in these sections' numbered lists. check-in: b5c2c9bf user: wyoung tags: trunk
Fix the $ROOT mechanism in HTML documents so that it accepts any whitespace character before href= and script=. Add $ROOT in appropriate places in the server documentation. check-in: 3e183bfa user: drh tags: trunk
Outline how to configure a repository before and after server activation. check-in: 154ea087 user: drh tags: trunk
Improvements to the althttpd documentation. check-in: 44f1df9f user: drh tags: trunk
Further improvements to the server document. check-in: c2c4d303 user: drh tags: trunk
Extra defenses against running fossil_atexit() more than once. check-in: bc7683e1 user: drh tags: trunk
Fix the "shell" command so that it avoids invoking the atexit() handler more than once. check-in: 07a5a211 user: drh tags: trunk
Server documentation updates. check-in: b2426c27 user: drh tags: trunk
Merge in recent developments on trunk. check-in: 70d091ea user: andybradford tags: test-updates
Disallow versioning of security sensitive settings tcl-setup, th1-setup, and th1-uri-regexp. For effective security, these settings should only be controllable by an administrator. check-in: 2da704c5 user: drh tags: trunk
Update to the default CSP page. Attempted to resolve merge conflicts, but more editting is likely necessary. check-in: 33a7b8ba user: drh tags: trunk
Added a header to the new XSS material in so we can refer directly to it. check-in: 7b843f2d user: wyoung tags: trunk
More thorough explanation of <script nonce> in www/, and explained the reason why Fossil has no way of providing that nonce in most content types rather than link to the "XSS via check-in rights" forum post. This new presentation of that post's ideas is more detailed and includes discussion of the feature's interaction with the TH1 docs feature. check-in: 8d43bb87 user: wyoung tags: trunk
Major improvements to the new article. Expanded the introductory material to better describe what the CSP does; added named anchors to headers; moved the discussion of $default_csp overrides into this document from, which now just says how you use that variable read-only; and added an entirely new section, "Replacing the Default CSP". check-in: 366b23a1 user: wyoung tags: trunk
Replaced the redundant copy of the default CSP in skins/bootstrap/header.txt with "$default_csp", allowing the TH1 setup script to override the CSP as in all the other stock skins. (Bootstrap is the last stock skin to define a custom <head> element.) check-in: 14ac2cac user: wyoung tags: trunk
Fix memcpy() compiler warnings. check-in: 7ae4b1a7 user: drh tags: trunk
Fix possible misaligned pointer to a 16-bit object. check-in: f7c41be8 user: drh tags: trunk
Updated and expanded documentation on how to set up a Fossil server. check-in: f146e21a user: drh tags: trunk
Add the --with-sanitizer option to the ./configure script. check-in: 231d6933 user: drh tags: trunk
Fixed a link punctuation bug introduced in [74a6578c]. Closed-Leaf check-in: c57e1793 user: wyoung tags: server-docs