OpenACS / openacs-4 / packages / acs-tcl / tcl

utilities-procs-naviserver.tcl

Tools

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 0
Total Committers: 2
Last Commit: 07 Nov
Commits this week: 0
Total Lines of Code (LoC): 208
Net change in LoC this week: 0

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated 22 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Wednesday 11 Sep
8:11 am

gustafn

merge with missing files

Options
    • -0
    • +0
    ./utilities-procs-naviserver.tcl
  2. … 1464 more files in changeset.
Tuesday 03 Sep
5:37 pm

gustafn

merge from oacs-5-10

Options
    • -24
    • +38
    ./utilities-procs-naviserver.tcl
  2. … 8099 more files in changeset.
Tuesday 24 May 2022
12:01 am

gustafn

Use NaviServer feature "ns_deletecookie ... -samesite $samesite ..." when available.

Options
    • -2
    • +7
    ./utilities-procs-naviserver.tcl
  2. … 2 more files in changeset.
Monday 21 Sep 2020
1:28 pm

gustafn

use common "icanuse" idioms

Options
    • -13
    • +6
    ./utilities-procs-naviserver.tcl
  2. … 1 more file in changeset.
Thursday 31 Oct 2019
7:11 pm

gustafn

improve cross references in apidoc

Options
    • -1
    • +3
    ./utilities-procs-naviserver.tcl
  2. … 1 more file in changeset.
Sunday 20 Oct 2019
2:52 pm

gustafn

- Fix a tricky Tcl_Obj sharing bug triggered by the usage of C-level

IndexObjs based on volatile tables. Consider the following example:

proc foo {x} {

return [bar -value x ...]

}

The Tcl_Obj "x" is shared as name of argument and as a value of the

non-positional parameter "-value". When bar (e.g. C-implemented)

uses Tcl_GetIndexFromObj*() to lookup "x" in a table of options,

which is volatile, the involved Tcl_Obj will be converted to an

indexObj.

On a call with wrong number of arguments( e.g."foo 1 2 3"), Tcl

will try to give a nice error message, saying that "foo x" can be

called only with one argument. When printing argument "x", it sees

that "x" is an indexObj, and for these kinds of objects, "x" might

be an abbreviated version of a full name. Since the table behind

the indexObj is in the case above volatile, a crash might happen.

The committed fix above is just a temporary measure. NaviServer should

try to avoid such Tcl_Obj conversions in these cases. It is also

questionable, whether the attempt to interpret a argument name as

an abbreviated.

Options
    • -6
    • +7
    ./utilities-procs-naviserver.tcl
Friday 18 Oct 2019
6:07 pm

antoniop

Whitespace cleanup

Options
    • -14
    • +13
    ./utilities-procs-naviserver.tcl
Saturday 10 Aug 2019
4:33 pm

gustafn

improve spelling

Options
    • -2
    • +2
    ./utilities-procs-naviserver.tcl
  2. … 15 more files in changeset.
Sunday 10 Mar 2019
10:34 pm

gustafn

improve spelling

Options
    • -2
    • +2
    ./utilities-procs-naviserver.tcl
  2. … 14 more files in changeset.
Sunday 17 Feb 2019
1:19 pm

gustafn

- ad_set_cookie: add option "-samesite" and use it, when the server supports it (NaviServer 4.99.18)

- use "-samesite strict" per default on signed cookies

Background from NaviServer commit:

ns_setcookie: add flag "-samesite" with values "strict|lax|none"

When the flag is set it prevents the browser from

sending this cookie along with cross-site requests to mitigate cross site

scripting attacks. Permissible values are [term strict], [term lax],

or [term none] (default). While the value [term strict] prevents

sending the cookie to the target site in all cross-site browsing

context, the value of [term lax] allows sending the cookie when the

user clicks on regular links. For details, see

https://www.owasp.org/index.php/SameSite

This cookie flag is not yet part of an RFC, but most major browsers

support it. Browsers that do not support it, ignore the flag

silently (see https://caniuse.com/#search=samesite).

Although most cookies should probably use the flags, in order to

provide backward compatibility, the flag can't be activated by

default on all cookies.

Options
    • -3
    • +17
    ./utilities-procs-naviserver.tcl
  2. … 2 more files in changeset.
Thursday 20 Dec 2018
7:14 pm

gustafn

don't raise exception when folder_path is empty

Options
    • -2
    • +6
    ./utilities-procs-naviserver.tcl
  2. … 1 more file in changeset.
Monday 14 May 2018
3:22 pm

gustafn

make spelling of names more consistent

Options
    • -2
    • +2
    ./utilities-procs-naviserver.tcl
  2. … 5 more files in changeset.
Wednesday 25 Apr 2018
10:46 am

gustafn

improve documentation

Options
    • -11
    • +10
    ./utilities-procs-naviserver.tcl
  2. … 10 more files in changeset.
Monday 26 Feb 2018
8:07 pm

gustafn

factor out naviserver and aolserver specific code

Options
    • -0
    • +191
    ./utilities-procs-naviserver.tcl
  2. … 2 more files in changeset.