Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Do not export g.zRelReqURI to TH1 interpreter because
getParameter proc can retrieve PATH_INFO
and QUERY_STRING . Instead export g.zPath
(as $webpagename) since that is typically needed in
the TH1 headers/footers of custom skins.
|
---|---|
Downloads: | Tarball | ZIP archive | SQL archive |
Timelines: | family | ancestors | descendants | both | base-href-fix |
Files: | files | file ages | folders |
SHA3-256: |
ff4c7ed6096beceb2cf48055e3c475fd |
User & Date: | george 2022-02-14 23:06:12 |
Context
2022-02-15
| ||
00:14 |
Move <meta charset="UTF-8"> to the begining of the default header.
Supply BODY element with a class that derives from $webpagename.
...
(check-in: 6d135904 user: george tags: base-href-fix)
| |
2022-02-14
| ||
23:06 |
Do not export g.zRelReqURI to TH1 interpreter because
getParameter proc can retrieve PATH_INFO
and QUERY_STRING . Instead export g.zPath
(as $webpagename) since that is typically needed in
the TH1 headers/footers of custom skins.
...
(check-in: ff4c7ed6 user: george tags: base-href-fix)
| |
22:43 |
Make style_set_base_href_suffix() safe for misuse:
if the resulting suffix contains unescaped quotes then escape them.
$base_href_suffix is intended for interpolation inside
of the quoted href attribute. This check-in should address the case
when a user of malfunctioning browser (which mishandles quoting)
is tricked by an adversary to visit a specially crafted hyperlink.
...
(check-in: d97752f3 user: george tags: base-href-fix)
| |
Changes
Changes to src/style.c.
︙ | ︙ | |||
791 792 793 794 795 796 797 | if( zTitle ) Th_Store("title", zTitle); Th_Store("baseurl", g.zBaseURL); Th_Store("secureurl", fossil_wants_https(1)? g.zHttpsURL: g.zBaseURL); Th_Store("home", g.zTop); Th_Store("index_page", db_get("index-page","/home")); if( local_zCurrentPage==0 ) style_set_current_page("%T", g.zPath); Th_Store("current_page", local_zCurrentPage); | < | < < | | 791 792 793 794 795 796 797 798 799 800 801 802 803 804 805 806 807 | if( zTitle ) Th_Store("title", zTitle); Th_Store("baseurl", g.zBaseURL); Th_Store("secureurl", fossil_wants_https(1)? g.zHttpsURL: g.zBaseURL); Th_Store("home", g.zTop); Th_Store("index_page", db_get("index-page","/home")); if( local_zCurrentPage==0 ) style_set_current_page("%T", g.zPath); Th_Store("current_page", local_zCurrentPage); if( !local_zBaseHrefSuffix ) style_set_base_href_suffix("%s",g.zRelReqURI); Th_Store("base_href_suffix", local_zBaseHrefSuffix); Th_Store("webpagename", g.zPath); Th_Store("csrf_token", g.zCsrfToken); Th_Store("release_version", RELEASE_VERSION); Th_Store("manifest_version", MANIFEST_VERSION); Th_Store("manifest_date", MANIFEST_DATE); Th_Store("compiler_name", COMPILER_NAME); Th_Store("mainmenu", style_get_mainmenu()); stylesheet_url_var(); |
︙ | ︙ |