• last updated 4 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Use consistently ad_script_abort after ad_return_warning

  1. … 5 more files in changeset.
merged changes from the oacs-5-9 branch and resolved conflicts

  1. … 7834 more files in changeset.
- don't call tclcode_to_html on non-tcl files, since it might loop on e.g. /api-doc/content-page-view?version_id=4404&path=packages/acs-core-docs/www/xml/kernel/ext-auth.xml

- hardening page contracts

  1. … 2 more files in changeset.
- bug fix: view opertions on .xql files did not show the content of the .xql files

- add editor hints to keep spaces/tabs in the furture more consistent

  1. … 754 more files in changeset.
- standardize url construction to protect against injection attacks

  1. … 3 more files in changeset.
- standardize url construction to protect against injection attacks

  1. … 3 more files in changeset.
- provide link for deprecated functions

- harden page contracts

  1. … 4 more files in changeset.
- use type checking for boolean parameters in page_contracts to improve security

  1. … 29 more files in changeset.
Merging back to HEAD branch oacs-5-8 (using tag vg-merge-oacs-5-8-from-20141027).

  1. … 2547 more files in changeset.
- add preview for images

- deactivate source view for images

  1. … 2 more files in changeset.
- fix typo

- improve handling of erroneous and malicious paths provided to the api browser

  1. … 2 more files in changeset.
- allow source view also for www/procs-file-view

- trim path for www/content-page-view and www/procs-file-view

- render not only objects with absolute names as xotcl-objects

- improve integration with xotcl code (especially for "content pages")

  1. … 4 more files in changeset.
- render www-files with syntax highligher (adding links)

- improve rendering of package-view calls (left column was to small)

- improve validity of HTML markup

- don't treat "@" as API command in syntax highlighter

- remove "api" prefix from functions in the "::apidoc::*" namespace

- mark externally called functions as public

  1. … 8 more files in changeset.
- improve performance of syntax highligher significantly (for large sites with many namespaces/procs by an order of magnitude, taks e.g. 100ms instead of 5secs)

- move private functions into a namespace

- replace nested proc-defintions by namespaced procs

- use thread-persistent dict instead of per-call array for formatting information

  1. … 6 more files in changeset.
- use consistently "naturalnum" instead of "integer" when accepting just positive values

  1. … 103 more files in changeset.
- use $::acs::rootdir rather than [acs_root_dir] or [get_server_root]

- mark deprected functions as such in browser

- flatten nested "lindex" structures

  1. … 6 more files in changeset.
- make content-page-view more robust in case packages are e.g. deinstalled, or invalid ids are passed in

- content-page-view: fix cases, where non-existing file is passed in

- replace deprecated "export_url_vars" by "export_vars -url"

- fix bracing in "export_vars -form"

  1. … 121 more files in changeset.
- fixed severe vulnerability with path traversal attack

- fixed severe vulnerability with path traversal attack

- fixed severe vulnerability with path traversal attack

- reset filename in case of attack

- fixed severe vulnerability with path traversal attack

- fixed severe vulnerability with path traversal attack

merge of 4.6.3b1 to HEAD

  1. … 101 more files in changeset.
patch to display xql files bug 155/patch 58 Tom Jackson

  1. … 2 more files in changeset.