Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | On the /test_env page, show the AUTH_CONTENT and AUTH_TYPE environment variables in "cookie" mode. - On second thought, better to not show these, since they can expose passwords on screen. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | security-risk |
Files: | files | file ages | folders |
SHA3-256: |
d28cb283f3d753886f33d60417cb07ff |
User & Date: | drh 2017-07-03 11:26:11.543 |
Original Comment: | On the /test_env page, show the AUTH_CONTENT and AUTH_TYPE environment variables in "cookie" mode. |
Context
2017-07-03
| ||
13:48 | On the server.wiki page, point to the source code comments that describe the various CGI options. ... (Closed-Leaf check-in: d407e22f user: drh tags: security-risk) | |
11:26 | On the /test_env page, show the AUTH_CONTENT and AUTH_TYPE environment variables in "cookie" mode. - On second thought, better to not show these, since they can expose passwords on screen. ... (check-in: d28cb283 user: drh tags: security-risk) | |
09:31 | Update changes.wiki. Some eol-spacing ... (check-in: 86d4754a user: jan.nijtmans tags: trunk) | |
Changes
Changes to src/style.c.
︙ | ︙ | |||
1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 | if( i>0 ){ @ anonymous-adds = %s(zCap)<br /> } @ g.zRepositoryName = %h(g.zRepositoryName)<br /> @ load_average() = %f(load_average())<br /> @ <hr /> P("HTTP_USER_AGENT"); cgi_print_all(showAll); if( showAll && blob_size(&g.httpHeader)>0 ){ @ <hr /> @ <pre> @ %h(blob_str(&g.httpHeader)) @ </pre> } | > > > > | 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 | if( i>0 ){ @ anonymous-adds = %s(zCap)<br /> } @ g.zRepositoryName = %h(g.zRepositoryName)<br /> @ load_average() = %f(load_average())<br /> @ <hr /> P("HTTP_USER_AGENT"); if( showAll ){ P("AUTH_CONTENT"); P("AUTH_TYPE"); } cgi_print_all(showAll); if( showAll && blob_size(&g.httpHeader)>0 ){ @ <hr /> @ <pre> @ %h(blob_str(&g.httpHeader)) @ </pre> } |
︙ | ︙ |