
  • last updated 20 hours ago
Constraints: committers
Constraints: files
Constraints: dates
- add validation against invalid host header fields

  1. … 3 more files in changeset.
Fix indentation from previous commit

Fixed problem when exporting empty variables pointed by Gustaf:

when one exported something like {{var ""} ... this was seen as absence of value,

so $var was searched for one in the caller scope. Hardened check for presence of an explicit value.

- only subst value, when it was provided explicitely in the "- -export" list. (see also change in www/register/user-new.tcl in

- set port to default-port when switching proto to https behind a proxy

  1. … 1 more file in changeset.
ad_form: completed support for -export parameter. Now the same syntax used

for "vars" argument in export_vars proc can be used. In particular

one can specify :multiple, :array and :sign flags on variables.

This change required modification to template::widget::hidden: now, when

specifying both -value and -values flags, if -values is non-empty this will

have the precedence over -value, and this widget will me multiple.

Commit on branch 5-9

  1. … 1 more file in changeset.
ad_form: completed support for -export parameter. Now the same syntax used

for "vars" argument in export_vars proc can be used. In particular

one can specify :multiple, :array and :sign flags on variables.

This change required modification to template::widget::hidden: now, when

specifying both -value and -values flags, if -values is non-empty this will

have the precedence over -value, and this widget will me multiple.

  1. … 1 more file in changeset.
- remove trailing .html from doc references (to allow e.g. .adp as well)

  1. … 4 more files in changeset.
- remove globals for errorInfo/errorCode and use namespace qualifiers instead

  1. … 12 more files in changeset.
- handle cases, where __new_p is not set in form

- validate contents of __new_p

- use tcl8.5 idioms

Merging back to HEAD branch oacs-5-8 (using tag vg-merge-oacs-5-8-from-20141027).

  1. … 2547 more files in changeset.
- use expand operator rather than eval to reduce likelyhood of

unwanted interference and to improve security

  1. … 9 more files in changeset.
- fix for bug #3217 (xss vulnerbility found by AppScan, reported by Andrew Helsley)

- don't use backslash in multiline expressions

- make long expressions more uniform and more readable

- use "in" or not in (ni) operator instead of lsearch

- brace expressions to allow for tcl compilation

- bump version number

  1. … 23 more files in changeset.
- don't abbreviate subcommands

  1. … 4 more files in changeset.
- use tcl 8.5 extended index format for "string range"

- modernize tcl

  1. … 6 more files in changeset.
- replace deprecated "ad_require_permission" by "permission::require_permission"

  1. … 68 more files in changeset.
- get rid of empty_string_p

  1. … 20 more files in changeset.
1. Changed trigger functions from "opaque" to "trigger" to get rid of the

warnings during initial install (only for acs-kernel, there are a lot


2. Added "embeds" for postgresql and partially for oracle.

3. Added global parameters for postgresql and partially for oracle.

(oracle will be forthcoming shortly)

  1. … 29 more files in changeset.
Added a missing subst in ad_set_form_values

undo escaped changes

  1. … 2 more files in changeset.
ensure that charset is always included in content type for text/* media types.

  1. … 3 more files in changeset.
Merged the 5.3 branch with HEAD. Look for tags with the pattern


  1. … 324 more files in changeset.
Zen: removing trailing input tag / to pass html transitional

  1. … 8 more files in changeset.
Support for fieldset and legend stuff in sections (actual support awaits a

commit to acs-templating by emma_r, after testing)

project zen: adding fieldset parameter to ad_form

Normalizing string comparison operations into tcl 8.4 operations, enabling byte-code compilation for expressions and many conditionals

  1. … 367 more files in changeset.
Double Click protection

  1. … 1 more file in changeset.
fix for the bug with tcl 8.5 mentioned in