Open Hub
Open Hub

 Settings |  Report Duplicate

32
I Use This!
High Activity

News

Analyzed 10 days ago. based on code collected about 1 month ago.
+branch/base-href-fix
Posted about 3 years ago by george
+branch/base-href-fix
Do not override base href for wiki pages. This needs testing. (tags: base-href-fix)
Posted about 3 years ago by george
Do not override base href for wiki pages. This needs testing. (tags: base-href-fix)
When setting $webpagename pass the value of g.zPath though escape_quotes(). This is unclear how g.zPath can contain quotes but let this strange case be handled in a safe way. (tags: base-href-fix)
Posted about 3 years ago by george
When setting $webpagename pass the value of g.zPath though escape_quotes(). This is unclear how g.zPath can contain quotes but let this strange case be handled in a safe way. (tags: base-href-fix)
Move to the begining of the default header. Supply BODY element with a class that derives from $webpagename. (tags: base-href-fix)
Posted about 3 years ago by george
Move to the begining of the default header. Supply BODY element with a class that derives from $webpagename. (tags: base-href-fix)
Minor code refactoring: rename a temporary variable and utilize matching_bracket_offset() one more time. No changes in functionality. (tags: markdown-footnotes)
Posted about 3 years ago by george
Minor code refactoring: rename a temporary variable and utilize matching_bracket_offset() one more time. No changes in functionality. (tags: markdown-footnotes)
Do not export g.zRelReqURI to TH1 interpreter because getParameter proc can retrieve PATH_INFO and QUERY_STRING. Instead export g.zPath (as $webpagename) since that is typically needed in the TH1 headers/footers of custom skins. (tags: base-href-fix)
Posted about 3 years ago by george
Do not export g.zRelReqURI to TH1 interpreter because getParameter proc can retrieve PATH_INFO and QUERY_STRING. Instead export g.zPath (as $webpagename) since that is typically needed in the TH1 headers/footers of custom skins. (tags: base-href-fix)
Make style_set_base_href_suffix() safe for misuse: if the resulting suffix contains unescaped quotes then escape them. $base_href_suffix is intended for interpolation inside of the quoted href attribute. This check-in should address the case when a user of malfunctioning browser (which mishandles quoting) is tricked by an adversary to visit a specially crafted hyperlink. (tags: base-href-fix)
Posted about 3 years ago by george
Make style_set_base_href_suffix() safe for misuse: if the resulting suffix contains unescaped quotes then escape them. $base_href_suffix is intended for interpolation inside of the quoted href attribute. This check-in should address the case when a ... [More] user of malfunctioning browser (which mishandles quoting) is tricked by an adversary to visit a specially crafted hyperlink. (tags: base-href-fix) [Less]
Fix parsing of "free-standing" footnotes that was (slightly) broken by the previous check-in. (tags: markdown-footnotes)
Posted about 3 years ago by george
Fix parsing of "free-standing" footnotes that was (slightly) broken by the previous check-in. (tags: markdown-footnotes)
*MERGE* Back out check-in [5bb921dd0893a548] which was wrong - the REQUEST_URI CGI parameter should include the query string. Improve the CGI variable documentation in comments. Improve robustness to malformed CGI variables. (tags: trunk)
Posted about 3 years ago by drh
*MERGE* Back out check-in [5bb921dd0893a548] which was wrong - the REQUEST_URI CGI parameter should include the query string. Improve the CGI variable documentation in comments. Improve robustness to malformed CGI variables. (tags: trunk)
Improved robustness in CGI variable parsing. (tags: cgi-compliance)
Posted about 3 years ago by drh
Improved robustness in CGI variable parsing. (tags: cgi-compliance)