• last updated 3 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
- bump version number to 0.149 to allow other packages to rely on the initialize parameter of "get_instance_from_db"

- add optional parameter "-initialize true|false" to "get_instance_from_db"

- improve debug messages for broken installations

- make return explicit

Avoid using deprecated content_item__new/17

- added kernel parameter MaxUrlLength (default 2000) to remove

hard-coded length in request-processor-procs.

- lifted data model restriction of 100 characters for url-segments

(changing types of "site_nodes.name" from "varchar(100)" to "text")

(PostgreSQL only)

- site_node__node_id

* use built-in string functions instead of characterwise loop

* use default for last argument

* Improve source-code documentation

- bumped version number of kernel to 5.9.1d15

file upgrade-5.9.1d14-5.9.1d15.sql was initially added on branch oacs-5-9.

Fixed table alias

security-procs:

- fix broken comparisons when "UseHostnameDomainforReg" is set

(see also issue #3293).

- don't use string match/regesub when manipulating URLs

(causes troubles with IP-literal notation). Instead, us

"eq" or "util::split_location"/"util::join_location"

- added means to ease debugging of login_urls and login_cookie:

variables "::security::log(login_url)" and

"::security::log(login_cookie)" contain the log severity.

by setting these to e.g. "notice", this does not require

to activate full debugging (setting severity to debug) in order

to obtain log output.

- added new function "util::join_location" as counterpart of

"util::split_location" to use IP-literal notation when necessary

(IPv6). The function can be used in connection with

"util::split_location" to substitute hostnames/ports etc. in full

urls instead of insecure regsub operations.

- function "util::external_url_p":

* don't use "string match" for comparing locations, since this

will fail with IP-literal notation

* no need to compare with encoded name (if needed, on should provide

an option).

- update dependcies, otherwise the update order in large updates is not correct

- get rid of the pesky "MISSING FORMWIDGET: ...formbutton:ok" message

- address bug #3293: actual code in oacs-5-9 used full host header

(from request header fields) which might contain port.

db-query is now performed without the optional port

- improve Tcl coding (use defaults, break long lines)

Prefer ns_quotehtml over ad_quotehtml, and quote fixing.

Value of within ad_quotehtml to avoid possible XSS attacks.

Added subst fixing acs_ListCheckAll variable substitutions not working.

hidden_p is a boolean noe, therefore rewriting the case clause of portal::configure_dispatch.toggle_tab_visibility

file upgrade-2.9.1d2-2.9.1d3.sql was initially added on branch oacs-5-9.

Deleting old definition of portal_page__new/11

- security::validated_host_header: Handle aliases for locations, which cannot be determined from config files, but which are supposed to be ok

- fix for openacs.org site bug #101

Improving root_of_host_

- reduce dependency of the paths in the configuration script

- treat not only http, but as well https locations

- improve comments

- don't report urls in security::locations obtained form https drivers which loaded but not listening (identifiable via port number 0)

- don't add explicit permissions for swa users on permission

- add etp__create_extlink/5 as in use on openacs.org

- add backwards compatible stub etp__create_extlink/4

- bump version number to 1.9d5

- fix spelling of variable name

- don't complain in rp_lookup_node_from_host when pass-in host is emtpy (return empty node_id as well)

- Make parsing of "Accept-Language" header fields more robust:

ignore spaces after the comma, ignore wildcard value "*"

- Accept locales as syntactically correct when these contain numeric values (such as e.g. "es_419" for “Latin American Spanish”).

Since lang::conn::valid_locale_p is used in lang::conn::get_accept_language_header, OpenACS throws exceptions

on invalid locales, these caused problem even when these are low on the preference list of the Accept-Language header field.

- modernize SQL