Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Removed a no-longer-correct doc passage which referenced the older practice of using an IP component in the login cookie. |
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
1dc5e1ce6da482c7abda63f21830a137 |
User & Date: | stephan 2021-10-10 15:55:53 |
Context
2021-10-11
| ||
10:11 | When doing an automatic open following a clone, do not autosync. The repo was just cloned and should already be current. See forum post 0dbfeab2ff. ... (check-in: 160bd677 user: drh tags: trunk) | |
2021-10-10
| ||
15:55 | Removed a no-longer-correct doc passage which referenced the older practice of using an IP component in the login cookie. ... (check-in: 1dc5e1ce user: stephan tags: trunk) | |
15:44 | /chat: grouped config settings into categories. Moved config checkboxes back to the left, per /chat feedback, but now clicking anywhere on their row toggles them. Slightly shrunk the main buttons when in non-compact mode. Various look-and-feel and help text tweaks to the config view. ... (check-in: 67e85998 user: stephan tags: trunk) | |
Changes
Changes to www/password.wiki.
︙ | ︙ | |||
75 76 77 78 79 80 81 | address of the client is stored in the USER.COOKIE and USER.IPADDR fields of the USER table on the server. The USER.CEXPIRE field holds an expiration date for the cookie, encoded as a Julian day number. On all subsequent HTTP requests, the cookie value is matched against the USER table to enable access to the repository. | < < < < < < < < < < < < < < | 75 76 77 78 79 80 81 82 83 84 85 86 87 88 | address of the client is stored in the USER.COOKIE and USER.IPADDR fields of the USER table on the server. The USER.CEXPIRE field holds an expiration date for the cookie, encoded as a Julian day number. On all subsequent HTTP requests, the cookie value is matched against the USER table to enable access to the repository. Note that in order to log into a Fossil server, it is necessary to write information into the repository database. Hence, login is not possible on a Fossil repository with a read-only database file. The user password is sent over the wire as cleartext on the initial login attempt. The plan moving forward is to compute the SHA1 hash of the password on the client using JavaScript and then send only the hash |
︙ | ︙ |