• last updated 12 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Make the check for relative URLs less strict to cover some valid cases (see RFC 1808) and extend test cases.

Add the 'relative' flag to 'util_url_valid_p', to check also relative URLs. Extend 'acs_tcl__util_url_valid_p' test case and bump package version.

  1. … 1 more file in changeset.
Refine URL validation regexp and extend 'acs_tcl__util_url_valid_p' test case.

Reuse email validation logic

Replace regexp for mail validation by the version proposed by mozilla for the email input type validation, and increment the test cases for valid/invalid emails. Thanks to Günter Ernst for the pointers.

Fix ancient typo

Add 'object_p' test case, covering 'acs_object::object_p'

Add 'string_length_compare' test case, covering 'util::string_length_compare'

Add 'name_to_path' test case, covering 'util::name_to_path'

Add 'util_email_valid_p' test case, covering 'util_email_valid_p'

Increase verbosity

Add 'db_boolean' test case, covering 'db_boolean'

Add 'ad_future_years_list' test case, covering 'ad_future_years_list'

Add 'host_admin_and_outgoing_sender' test case, covering 'ad_outgoing_sender' and 'ad_host_administrator'

fix once more handling of internal redirects in error cases

many thanks to thomas renner!

Remove message keys sanitizing, which does not belong here

use the right message key

VS: ----------------------------------------------------------------------

Fixed a bug in the request processor, when URL is /%3F

The problem was that /%3F corresponds to a URL which is literally '/?'

(question mark is not the separator for query variables). In this case

a "string match" operation to determine the suffix based on this

string will lead to unexpected characters since '?' is a match

character. This lead in turn to a problem with redirects to the

internally redirect of custom error pages. So, in this case (and

probably others) the custom error page was not displayed.

improved spelling

Added page_contract filter "object_id"

This change adds the page_contract filter "object_id", which validates

values whether these are syntactically acceptable as object_ids in

PostgreSQL and Oracle.

Note that before one is able to use the filter, the server has to be

restarted. Otherwise, when e.g. "apm/version_reload.tcl" would be

executed with the new filter, it would fail. So, one has to be careful

on update scripts, when people upgrade from old version not to create

a blocking mutual blocking condition.

  1. … 3 more files in changeset.
improve comments

new variant of zip_file_contains_valid_filenames independent of "unuip -l"

unfortunately the behavior of "unzip -l" differs not only between

macOS and Linux, but even between different linux families, although

showing the same version.

fix typo

improve handling of zip files that contain filenames, which are not valid UTF-8

In acs-tcl.documentation__check_proc_doc automated test, if the test fails on procs that belong to namespaces outside the OpenACS codebase, just issue a warning rather than failing

improved listing of covered procs

added minor debugging aids, make disk-cache more similar to ns_cache

Remove non-functional "double click protection" in order to remove a potential attack vector

added page contract filter "printable" to avoid passing of binary values to certain pages

  1. … 1 more file in changeset.
removed unclear test