Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Change 'NO_JSON' to lowercase. Remove other branch changes that are now superfluous. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | noJsonCgiFlag |
Files: | files | file ages | folders |
SHA3-256: |
8baac2646c3ef6ccf70722a6cc07580d |
User & Date: | mistachkin 2019-08-27 12:51:34.174 |
Context
2019-08-27
| ||
20:57 | For candidate CGI parameter names that start with an uppercase letter, convert them to lowercase and then add. ... (check-in: b47b6b69 user: mistachkin tags: noJsonCgiFlag) | |
12:51 | Change 'NO_JSON' to lowercase. Remove other branch changes that are now superfluous. ... (check-in: 8baac264 user: mistachkin tags: noJsonCgiFlag) | |
10:40 | Query and post parameters may never begin with an upper-case letter. To allow that is a huge security hole. ... (check-in: 72c721ea user: drh tags: noJsonCgiFlag) | |
Changes
Changes to src/cgi.c.
︙ | ︙ | |||
949 950 951 952 953 954 955 | char *zSemi; int len; const char *zRequestUri = cgi_parameter("REQUEST_URI",0); const char *zScriptName = cgi_parameter("SCRIPT_NAME",0); const char *zPathInfo = cgi_parameter("PATH_INFO",0); #ifdef FOSSIL_ENABLE_JSON | | | 949 950 951 952 953 954 955 956 957 958 959 960 961 962 963 | char *zSemi; int len; const char *zRequestUri = cgi_parameter("REQUEST_URI",0); const char *zScriptName = cgi_parameter("SCRIPT_NAME",0); const char *zPathInfo = cgi_parameter("PATH_INFO",0); #ifdef FOSSIL_ENABLE_JSON int noJson = P("no_json")!=0; if( noJson==0 ){ json_main_bootstrap(); } #endif g.isHTTP = 1; cgi_destination(CGI_BODY); if( zScriptName==0 ) malformed_request("missing SCRIPT_NAME"); if( zRequestUri==0 ){ const char *z = zPathInfo; |
︙ | ︙ |
Changes to src/main.c.
︙ | ︙ | |||
1946 1947 1948 1949 1950 1951 1952 | ** repolist When in "directory:" mode, display a page ** showing a list of available repositories if ** the URL is "/". ** ** localauth Grant administrator privileges to connections ** from 127.0.0.1 or ::1. ** | < < < | 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 1956 1957 1958 1959 | ** repolist When in "directory:" mode, display a page ** showing a list of available repositories if ** the URL is "/". ** ** localauth Grant administrator privileges to connections ** from 127.0.0.1 or ::1. ** ** skin: LABEL Use the built-in skin called LABEL rather than ** the default. If there are no skins called LABEL ** then this line is a no-op. ** ** files: GLOBLIST GLOBLIST is a comma-separated list of GLOB ** patterns that specify files that can be ** returned verbatim. This feature allows Fossil |
︙ | ︙ | |||
2299 2300 2301 2302 2303 2304 2305 | ** --extroot DIR document root for the /ext extension mechanism ** --files GLOB comma-separate glob patterns for static file to serve ** --host NAME specify hostname of the server ** --https signal a request coming in via https ** --in FILE Take input from FILE instead of standard input ** --ipaddr ADDR Assume the request comes from the given IP address ** --localauth enable automatic login for local connections | < < | 2296 2297 2298 2299 2300 2301 2302 2303 2304 2305 2306 2307 2308 2309 | ** --extroot DIR document root for the /ext extension mechanism ** --files GLOB comma-separate glob patterns for static file to serve ** --host NAME specify hostname of the server ** --https signal a request coming in via https ** --in FILE Take input from FILE instead of standard input ** --ipaddr ADDR Assume the request comes from the given IP address ** --localauth enable automatic login for local connections ** --nocompress do not compress HTTP replies ** --nodelay omit backoffice processing if it would delay process exit ** --nojail drop root privilege but do not enter the chroot jail ** --nossl signal that no SSL connections are available ** --notfound URL use URL as "HTTP 404, object not found" page. ** --out FILE write results to FILE instead of to standard output ** --repolist If REPOSITORY is directory, URL "/" lists all repos |
︙ | ︙ |
Changes to src/winhttp.c.
︙ | ︙ | |||
548 549 550 551 552 553 554 | } if( zFileGlob ){ blob_appendf(&options, " --files-urlenc %T", zFileGlob); } if( g.useLocalauth ){ blob_appendf(&options, " --localauth"); } | < < < | 548 549 550 551 552 553 554 555 556 557 558 559 560 561 | } if( zFileGlob ){ blob_appendf(&options, " --files-urlenc %T", zFileGlob); } if( g.useLocalauth ){ blob_appendf(&options, " --localauth"); } if( g.thTrace ){ blob_appendf(&options, " --th-trace"); } if( flags & HTTP_SERVER_REPOLIST ){ blob_appendf(&options, " --repolist"); } zSkin = skin_in_use(); |
︙ | ︙ | |||
985 986 987 988 989 990 991 | ** ** --localauth ** ** Enables automatic login if the --localauth option is present ** and the "localauth" setting is off and the connection is from ** localhost. ** | < < < < | 982 983 984 985 986 987 988 989 990 991 992 993 994 995 | ** ** --localauth ** ** Enables automatic login if the --localauth option is present ** and the "localauth" setting is off and the connection is from ** localhost. ** ** --repolist ** ** If REPOSITORY is directory, URL "/" lists all repositories. ** ** --scgi ** ** Create an SCGI server instead of an HTTP server |
︙ | ︙ | |||
1049 1050 1051 1052 1053 1054 1055 | const char *zStart = find_option("start", "S", 1); const char *zUsername = find_option("username", "U", 1); const char *zPassword = find_option("password", "W", 1); const char *zPort = find_option("port", "P", 1); const char *zNotFound = find_option("notfound", 0, 1); const char *zFileGlob = find_option("files", 0, 1); const char *zLocalAuth = find_option("localauth", 0, 0); | < | 1042 1043 1044 1045 1046 1047 1048 1049 1050 1051 1052 1053 1054 1055 | const char *zStart = find_option("start", "S", 1); const char *zUsername = find_option("username", "U", 1); const char *zPassword = find_option("password", "W", 1); const char *zPort = find_option("port", "P", 1); const char *zNotFound = find_option("notfound", 0, 1); const char *zFileGlob = find_option("files", 0, 1); const char *zLocalAuth = find_option("localauth", 0, 0); const char *zRepository = find_repository_option(); int useSCGI = find_option("scgi", 0, 0)!=0; int allowRepoList = find_option("repolist",0,0)!=0; Blob binPath; verify_all_options(); if( g.argc==4 ){ |
︙ | ︙ | |||
1104 1105 1106 1107 1108 1109 1110 | if( zAltBase ) blob_appendf(&binPath, " --baseurl %s", zAltBase); if( zPort ) blob_appendf(&binPath, " --port %s", zPort); if( useSCGI ) blob_appendf(&binPath, " --scgi"); if( allowRepoList ) blob_appendf(&binPath, " --repolist"); if( zNotFound ) blob_appendf(&binPath, " --notfound \"%s\"", zNotFound); if( zFileGlob ) blob_appendf(&binPath, " --files-urlenc %T", zFileGlob); if( zLocalAuth ) blob_append(&binPath, " --localauth", -1); | < | 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 | if( zAltBase ) blob_appendf(&binPath, " --baseurl %s", zAltBase); if( zPort ) blob_appendf(&binPath, " --port %s", zPort); if( useSCGI ) blob_appendf(&binPath, " --scgi"); if( allowRepoList ) blob_appendf(&binPath, " --repolist"); if( zNotFound ) blob_appendf(&binPath, " --notfound \"%s\"", zNotFound); if( zFileGlob ) blob_appendf(&binPath, " --files-urlenc %T", zFileGlob); if( zLocalAuth ) blob_append(&binPath, " --localauth", -1); blob_appendf(&binPath, " \"%s\"", g.zRepositoryName); /* Create the service. */ hScm = OpenSCManagerW(NULL, NULL, SC_MANAGER_ALL_ACCESS); if( !hScm ) winhttp_fatal("create", zSvcName, win32_get_last_errmsg()); hSvc = CreateServiceW( hScm, /* Handle to the SCM */ fossil_utf8_to_unicode(zSvcName), /* Name of the service */ |
︙ | ︙ |