Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | On the /test_env page, show the AUTH_CONTENT and AUTH_TYPE environment variables in "cookie" mode. - On second thought, better to not show these, since they can expose passwords on screen. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | security-risk |
| Files: | files | file ages | folders |
| SHA3-256: | d28cb283f3d753886f33d60417cb07ff |
| User & Date: | drh 2017-07-03 11:26:11 |
| Original Comment: | On the /test_env page, show the AUTH_CONTENT and AUTH_TYPE environment variables in "cookie" mode. |
Context
|
2017-07-03
| ||
| 13:48 | On the server.wiki page, point to the source code comments that describe the various CGI options. Closed-Leaf check-in: d407e22f user: drh tags: security-risk | |
| 11:26 | On the /test_env page, show the AUTH_CONTENT and AUTH_TYPE environment variables in "cookie" mode. - On second thought, better to not show these, since they can expose passwords on screen. check-in: d28cb283 user: drh tags: security-risk | |
| 09:31 | Update changes.wiki. Some eol-spacing check-in: 86d4754a user: jan.nijtmans tags: trunk | |
Changes
Changes to src/style.c.
1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 |
if( i>0 ){
@ anonymous-adds = %s(zCap)<br />
}
@ g.zRepositoryName = %h(g.zRepositoryName)<br />
@ load_average() = %f(load_average())<br />
@ <hr />
P("HTTP_USER_AGENT");
cgi_print_all(showAll);
if( showAll && blob_size(&g.httpHeader)>0 ){
@ <hr />
@ <pre>
@ %h(blob_str(&g.httpHeader))
@ </pre>
}
|
> > > > |
1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 |
if( i>0 ){
@ anonymous-adds = %s(zCap)<br />
}
@ g.zRepositoryName = %h(g.zRepositoryName)<br />
@ load_average() = %f(load_average())<br />
@ <hr />
P("HTTP_USER_AGENT");
if( showAll ){
P("AUTH_CONTENT");
P("AUTH_TYPE");
}
cgi_print_all(showAll);
if( showAll && blob_size(&g.httpHeader)>0 ){
@ <hr />
@ <pre>
@ %h(blob_str(&g.httpHeader))
@ </pre>
}
|