Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Add the /secureraw page that requires the complete HASH before it will deliver an artifact. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
7abfca67529a44db3fd5ec8cf0de2782 |
User & Date: | drh 2019-03-18 12:04:02.349 |
Context
2019-03-18
| ||
19:27 | Show what "apt install" commands need to be run on a fresh Ubuntu install in order to build Fossil. ... (check-in: c2cfaa6a user: drh tags: trunk) | |
12:04 | Add the /secureraw page that requires the complete HASH before it will deliver an artifact. ... (check-in: 7abfca67 user: drh tags: trunk) | |
11:48 | Fix a minor typo in a comment used to generate "stash" documentation. ... (check-in: aaa726e1 user: drh tags: trunk) | |
Changes
Changes to src/info.c.
︙ | ︙ | |||
1754 1755 1756 1757 1758 1759 1760 | ** ** Return the uninterpreted content of an artifact. Used primarily ** to view artifacts that are images. */ void rawartifact_page(void){ int rid = 0; char *zUuid; | < < > > | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1754 1755 1756 1757 1758 1759 1760 1761 1762 1763 1764 1765 1766 1767 1768 1769 1770 1771 1772 1773 1774 1775 1776 1777 1778 1779 1780 1781 1782 1783 1784 1785 1786 1787 1788 1789 1790 1791 1792 1793 1794 1795 1796 1797 1798 1799 1800 1801 1802 1803 1804 1805 1806 1807 1808 1809 1810 1811 1812 1813 1814 1815 1816 1817 1818 1819 1820 | ** ** Return the uninterpreted content of an artifact. Used primarily ** to view artifacts that are images. */ void rawartifact_page(void){ int rid = 0; char *zUuid; if( P("ci") && P("filename") ){ rid = artifact_from_ci_and_filename(0, 0); } if( rid==0 ){ rid = name_to_rid_www("name"); } login_check_credentials(); if( !g.perm.Read ){ login_needed(g.anon.Read); return; } if( rid==0 ) fossil_redirect_home(); zUuid = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", rid); if( fossil_strcmp(P("name"), zUuid)==0 && login_is_nobody() ){ g.isConst = 1; } free(zUuid); deliver_artifact(rid, P("m")); } /* ** WEBPAGE: secureraw ** URL: /secureraw/HASH?m=TYPE ** ** Return the uninterpreted content of an artifact. This is similar ** to /raw except in this case the only way to specify the artifact ** is by the full-length SHA1 or SHA3 hash. Abbreviations are not ** accepted. */ void secure_rawartifact_page(void){ int rid = 0; const char *zUuid = PD("name", ""); login_check_credentials(); if( !g.perm.Read ){ login_needed(g.anon.Read); return; } rid = db_int(0, "SELECT rid FROM blob WHERE uuid=%Q", zUuid); if( rid==0 ){ cgi_set_status(404, "Not Found"); @ Unknown artifact: "%h(zUuid)" return; } g.isConst = 1; deliver_artifact(rid, P("m")); } /* ** Generate a verbatim artifact as the result of an HTTP request. ** If zMime is not NULL, use it as the MIME-type. If zMime is ** NULL, guess at the MIME-type based on the filename ** associated with the artifact. */ void deliver_artifact(int rid, const char *zMime){ Blob content; if( zMime==0 ){ char *zFName = db_text(0, "SELECT filename.name FROM mlink, filename" " WHERE mlink.fid=%d" " AND filename.fnid=mlink.fnid", rid); if( !zFName ){ /* Look also at the attachment table */ zFName = db_text(0, "SELECT attachment.filename FROM attachment, blob" |
︙ | ︙ |