Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
18 check-ins for the month beginning 2022-12-01 by user drh
Following month ↑|
2022-12-31
| ||
| 18:51 | Fix another case where PROTECT_READONLY needs to be relaxed even though the request not from the same origin. ... (check-in: 03e21b9c user: drh tags: trunk) | |
| 12:21 | Fix stray character in the change log. ... (check-in: fbcd9a77 user: drh tags: trunk) | |
| 12:16 | Fix more cases where updates to the SUBSCRIBER table should be allowed to occur even if not a request from the same origin. ... (check-in: f33976f7 user: drh tags: trunk) | |
|
2022-12-30
| ||
| 21:12 | Improved comment on the db_obscure() routine. No functional code changes. ... (check-in: aa1a0b31 user: drh tags: trunk) | |
| 20:54 | Security enhancement: Do not store the passwords for remote URLs directly, but instead store the sha1_shared_secret() encoding of those passwords. It is the SHA1 encoding that gets transmitted to the server anyhow, so we might as well just store that. The SHA1 encoding cannot be used to log in. The password is still protected using obscure() even though it is now a SHA1 hash. ... (check-in: 41ba6ea7 user: drh tags: trunk) | |
| 16:32 | Show the parent-project-* CONFIG entries (if they exist) with the "fossil remote config-data" command. When parsing a URL, if the URL comes from the CONFIG table, remember the CONFIG table entry that supplied the password. ... (check-in: 6d0083ad user: drh tags: trunk) | |
| 12:26 | Fix minor typos in the diff source code. ... (check-in: 4e169542 user: drh tags: trunk) | |
| 11:53 | If there is a need to do lazy updates of the full text index during a request that is not from the same origin, then allow database writes for the duration of that update. Also, allow changes to USER and CONFIG tables when explicitly authorized by db_unprotect() even if the request that prompted the change is not from the same origin. ... (check-in: 8e85d6ca user: drh tags: trunk) | |
|
2022-12-29
| ||
| 21:09 | All writes to the subscriber table to update the last contact time even if the request is not from the same origin. ... (check-in: db162628 user: drh tags: trunk) | |
| 20:09 | Improved comments on the SQL protection subsystem. ... (check-in: 0aa3483f user: drh tags: trunk) | |
| 19:49 | Only apply the PROTECT_READONLY restriction to the "repository", "configdb", and "localdb" database files. ... (check-in: b4e00621 user: drh tags: trunk) | |
| 19:39 | Fix the new read-only-repo security mechanism so that it enables write access when necessary. ... (check-in: f8363db8 user: drh tags: trunk) | |
| 18:56 | Add messages to the error log if the authorizer blocks an SQL statement for security reasons. This change requires a bug fix in SQLite and so it also includes the latest trunk version of SQLite. ... (check-in: 3d8bb63a user: drh tags: trunk) | |
| 17:00 | Make the repository database read-only if an HTTP request is not from the same origin. This is not required for security. It is just an extra layer of defense. ... (check-in: 7c71f00a user: drh tags: trunk) | |
|
2022-12-25
| ||
| 14:24 | Use URI extensions rather than name= query parameters on key ticket hyperlinks. ... (check-in: 5f22b960 user: drh tags: trunk) | |
|
2022-12-15
| ||
| 15:39 | Update the built-in SQLite to the latest 3.41.0 alpha that includes various query planner enhancements. This is done in order to test the enhancements to SQLite, to help ensure that they are working correctly in a real-world application. ... (check-in: 7010ce23 user: drh tags: trunk) | |
|
2022-12-07
| ||
| 11:17 | Update to the latest pikchr.c sources. (pikchr.wasm is not updated.) ... (check-in: 544eefd7 user: drh tags: trunk) | |
|
2022-12-05
| ||
| 03:39 | Update the built-in SQLite to the latest 3.41.0 alpha with the query planner tuning enhancements, as a beta-test of SQLite looking for performance regressions. ... (check-in: 4ddd8847 user: drh tags: trunk) | |