• last updated 19 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Unwrap fake oneliners

Fix typo

prettify error message

make ad_dom_sanitize_html more robust against invalid input

use per-thread caching infrastructure instead of reinventing

Cache the information about a package being a singleton and expose into a private api, use the api in parameter::get_from_package_key, called quite often in our downstream pages

fixed bug in redirects and disabled acs-testing package, changed node info from array to dict

fix case where the manual slash-parsing in the sitenode code is confused with percent-substitutions

This is just a "quick fix", since the Proper solution in more complex:

# A URL path /%2f/ is syntactically permissible,

# but this is not supported in the current site-nodes code. It

# would be correct, to avoid the parsing of the slashes here and

# to process instead the result of [ns_conn urlv], which is

# already parsed (before the percent substitutions). This would

# probably require the request processor to perform some mangling

# of urlv in vhost cases to set a a proper [ad_conn urlv] ... and

# of course to pass the "urlv" instead of the "url" to the

# slash-parsing functions.

add log warnings when include-contract is violated, since (in most cases) the passed values should be pre-checked

improve documentation

Fix expression to the original intention: check if ns_conn url ends by ad_conn extra_url

ad_return_url: experimental change to produce per default a proper encoded result

Background: before this change, ad_return_url encoded always the query

variables but not the URL path. This mixed result is complex to handle

to achieve ex-post a proper encoding. The function has a flag

"-urlencode", which is nowhere used in OpenACS. Other functions like

e.g. export_vars, or pretty_link return per default as well the

encoded URL. "ad_return_url" has a new flag "-path_encode=false" to

obtain the previous behavior (similar to the other mentioned

functions).

break overlong lines and improve comments

improve spelling

provide a compatibility function for ns_parsehostport for earlier versions of NaviServer

Reduce usage of ns_mktemp in OpenACS

ns_mktemp uses the deprecated old POSIX call mktemp(), which should

not be used anymore for security reasons (race between the name

creation and opening the file). This change removes several usages of

"ns_mktemp" from OpenACS and replaces it with calls to the

safe Tcl call "file tempfile ..." (introduced by Tcl 8.6).

  1. … 3 more files in changeset.
fix header generation

since the headers are set in a loop, "ns_set put" is incorrect

since it is additive. "ns_set update" is correct.

make using page-filter "object_id" backwards compatible by allowing it to be used also during update scripts

  1. … 1 more file in changeset.
improve spelling

Adapt 'ad_urlencode_url' to the new 'ns_parseurl' stricter behavior

added "ns_parseurl -strict" to icanuse definitions

Make so that also party::update enforces emails to be lowercase, add/extend automated tests to make sure emails are lowercase everywhere

    • -2
    • +15
    ./test/community-core-test-procs.tcl
Refine regex and extend tests

Extend 'acs_tcl__util_url_valid_p' test case

Make the check for relative URLs less strict to cover some valid cases (see RFC 1808) and extend test cases.

Add the 'relative' flag to 'util_url_valid_p', to check also relative URLs. Extend 'acs_tcl__util_url_valid_p' test case and bump package version.

  1. … 1 more file in changeset.
Refine URL validation regexp and extend 'acs_tcl__util_url_valid_p' test case.

Reuse email validation logic

Replace regexp for mail validation by the version proposed by mozilla for the email input type validation, and increment the test cases for valid/invalid emails. Thanks to Günter Ernst for the pointers.

Fix ancient typo