OpenACS / openacs-4 / packages

acs-tcl

Tools

Line History

Line Count Graph
Line Count Graph

Stats

Commits this week: 3
Total Committers: 73
Last Commit: 02 Jul
Commits this week: 3
Total Lines of Code (LoC): 68,337
Net change in LoC this week: 0

Commit Activity

Commits By Day In Week
52 week commits volume
Commits By Day In Week
Commits by day
Commits By Day In Week
Commits by hour
Commits By Hour In Day
Commit calendar
 

Most active committers (90 days)

loading
loading
  • last updated 19 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Sunday 03 Apr 2022
10:46 am

gustafn

reduce verbosity

Options
    • -2
    • +2
    ./tcl/security-procs.tcl
Saturday 02 Apr 2022
2:35 pm

gustafn

whitespace cleanup

Options
    • -6
    • +6
    ./tcl/utilities-procs.tcl
2:35 pm

gustafn

added sni hostname and redirect on 301 and 302

Options
    • -3
    • +6
    ./tcl/utilities-procs.tcl
Friday 01 Apr 2022
3:54 pm

gustafn

new API call ::security::csp::add_static_resource_header

The API call set the CSP rule on the current connection for a static

resource depending on the MIME type.

# Sample definition for custom CSP rules for static files in the

# OpenACS configuration file.

#

# ns_section ns/server/$server/acs {

# ...

# ns_param StaticCSP {

# image/svg+xml "script-src 'none'"

# }

# ...

# }

bump version number of acs-tcl to 5.10.1d13

Options
    • -2
    • +2
    ./acs-tcl.info
    • -1
    • +4
    ./tcl/request-processor-procs.tcl
    • -3
    • +17
    ./tcl/security-init.tcl
    • -2
    • +22
    ./tcl/security-procs.tcl
3:14 pm

gustafn

Added new private helper proc ::util::resources::download_helper

to deal with redirects on github, when "util::http::get" is used.

Options
    • -15
    • +43
    ./tcl/utilities-procs.tcl
Tuesday 29 Mar 2022
11:25 am

gustafn

New feature: cookie namespaces

So far, all OpenACS versions used "ad_" as a prefix for cookies (such

as ad_login, ad_session_id, ...). In certain situations this can lead

to confusion, since cookies are managed by browsers via domain names,

and running multiple OpenACS instances in the same domain will cause

overwriting of such cookies by these instances. The can happen e.g.

when running multiple instances on the same machine, or using

port-forwarding to virtual machines/containers, using reverse proxies,

etc. Note that the cookie overwriting problem does not exist for

host-node-mapped subsites, since host-node-mapping depends on domain

names.

One could consider using the port in the cookie name (as

sometimes noted as an option), but this would not work, in case the

same server should be reachable over multiple ports.

Therefore, one can now specify a "CookieNamespace" in the OpenACS

configuration file, which is per default "ad_", which is sufficient

for the majority of installations. In cases, where it is needed, a

different CookieNamespace can now be configured.

To manage the cookie names internally, OpenACS provides a new API call

security::cookie_name to derive the namespaced cookie name from a stem.

Snippet of the OpenACS configuration file for setting the CookieNamespace

#---------------------------------------------------------------------

# OpenACS specific settings (per server)

#---------------------------------------------------------------------

ns_section ns/server/${server}/acs {

ns_param CookieNamespace "ad_"

...

}

Options
    • -8
    • +0
    ./tcl/security-procs-oracle.xql
    • -6
    • +0
    ./tcl/security-procs-postgresql.xql
    • -29
    • +52
    ./tcl/security-procs.tcl
10:53 am

gustafn

cleanup: the updated version of the site-note code is appartently stable enough also for bootstrap situations

Options
    • -16
    • +9
    ./tcl/cluster-init.tcl
10:50 am

gustafn

remove commented out coude

Options
    • -2
    • +1
    ./tcl/request-processor-procs.tcl
10:49 am

gustafn

Provide better debug info in case "ns_parseurl" fails inside util::split_location

Factor our private function "util::ns_set_pretty_print" which might be

used also on other occasions.

Options
    • -6
    • +41
    ./tcl/utilities-procs.tcl
Wednesday 23 Mar 2022
7:55 pm

gustafn

rework of ad_decode

- modernize code

- improve performance

- extend regression test

Options
    • -35
    • +26
    ./tcl/utilities-procs.tcl
    • -0
    • +4
    ./tcl/test/acs-tcl-test-procs.tcl
Friday 18 Mar 2022
10:13 am

antoniop

Revert additional fallbacks, one should take care that ad_conn is invoked correctly

Options
    • -14
    • +3
    ./tcl/request-processor-procs.tcl
Thursday 17 Mar 2022
10:15 am

antoniop

Provide further fallbacks for ad_conn

Options
    • -3
    • +14
    ./tcl/request-processor-procs.tcl
Wednesday 16 Mar 2022
2:18 pm

trenner

check that provided signature is a list, otherwise lassign will fail afterwards

Options
    • -1
    • +9
    ./tcl/security-procs.tcl
Monday 14 Mar 2022
11:54 am

antoniop

Comment out test on WIP feature

Options
    • -32
    • +32
    ./tcl/test/acs-db-00-procs.tcl
Thursday 10 Mar 2022
7:45 am

gustafn

fix for initial (boostrap) installation

Options
    • -2
    • +2
    ./tcl/site-nodes-init.tcl
Wednesday 09 Mar 2022
6:14 pm

gustafn

slightly better way to handle testing in vanilla instances

Options
    • -5
    • +10
    ./tcl/text-html-procs.tcl
Tuesday 08 Mar 2022
10:48 am

antoniop

Test exposing a suboptimal behavior: when we try to resolve the query via db_qd_get_fullname inside of OO code, a warning is generated

Options
    • -0
    • +43
    ./tcl/test/acs-db-00-procs.tcl
10:48 am

antoniop

file acs-db-00-procs.tcl was initially added on branch oacs-5-10.

Options
    • -0
    • +0
    ./tcl/test/acs-db-00-procs.tcl
9:59 am

gustafn

reduce dependency on xo namespace in acs-core

Options
    • -2
    • +2
    ./tcl/site-nodes-init.tcl
9:54 am

gustafn

redice verbosity

Options
    • -10
    • +9
    ./tcl/site-nodes-procs.tcl
Friday 04 Mar 2022
3:46 pm

hectorr

Fix quote_unquote_html test

Options
    • -1
    • +1
    ./tcl/test/html-conversion-procs.tcl
Thursday 03 Mar 2022
7:40 pm

gustafn

Support specification of allowed tags/attributes/protocols via global package parameters.

This change makes it possible to define for a package values for

AllowedTags, AllowedAttributes, or AllowedProtocols. If (some of)

these exist, use these for configuring "ad_html_security_check". If +

not, fall back to the default (site wide) definition.

This change is fully backward compatible and effects on sites defining

such global parameters. This change was induced by the need of large

sites, where it is not feasible to set these parameters on the package

instance level, since this site has 830000 packages instances.

Bump version number to 5.10.1d19

Options
    • -2
    • +2
    ./acs-tcl.info
  2. … 2 more files in changeset.
Wednesday 02 Mar 2022
6:01 pm

gustafn

Make ad_html_security_check configurable

ad_html_security_check has now three optional attributes

to make it configurable for different situations

-allowed_tags

-allowed_attributes

-allowed_protocols

If these attributes are not specified, the behavior is exactly like

before. This change makes it also easier to regression test this

function, since the behavior does not necessarily depend on a site's

parameter settings.

The function was also modernized, new regression tests were added.

Options
    • -47
    • +78
    ./tcl/text-html-procs.tcl
    • -20
    • +39
    ./tcl/test/html-conversion-procs.tcl
Wednesday 23 Feb 2022
3:18 pm

gustafn

make sure, the dependencies are aligned (drop of xo::site_node)

Options
    • -2
    • +2
    ./acs-tcl.info
  2. … 1 more file in changeset.
Tuesday 22 Feb 2022
12:24 pm

gustafn

Improve spelling

Options
    • -1
    • +1
    ./tcl/acs-db-00-procs.tcl
    • -1
    • +1
    ./tcl/site-nodes-procs.tcl
12:24 pm

gustafn

Fine-tuning the new db function interface

#

# Check, wether we have to regenerate the database function interface.

#

# - During initial setup, there are no db-functions, so nothing has to

# be done.

#

# - During regular startup of the server, the generation of the stub

# interface happens in the *init procs (hopefully this is always

# sufficient, but seems so)

#

# - During reloads of acs-db-*-procs, the base classes are interface

# objects are recreated and cleaned up from all prior definitons,

# which means that in this situations, we have to regeneate the

# interface.

#

# - One might call manually the regeneration, when database functions

# have been altered and no restart is desired.

#

Options
    • -10
    • +41
    ./tcl/acs-db-12-procs.tcl
Monday 21 Feb 2022
9:35 pm

gustafn

Reform of site-nodes-procs

- made XOTcl2 based implementation of site-nodes usable during

initial bootstrap

- made new site-node cache implementation working for Oracle

- now, the same code works during bootstrap, for PostgreSQL and Oracle

and independent of xotcl-core being installed or not.

- removed old and broken nsv-based site-node cache

- reduced need of .xql files (removed query for delete.delete_site_node)

- moved deprecated calls to deprecated-procs.tcl

This change make the code much clearer and eases maintenance and debugging.

Options
    • -327
    • +499
    ./tcl/deprecated-procs.tcl
    • -6
    • +0
    ./tcl/site-nodes-procs-oracle.xql
    • -6
    • +0
    ./tcl/site-nodes-procs-postgresql.xql
    • -1587
    • +777
    ./tcl/site-nodes-procs.tcl
9:27 pm

gustafn

Update of SQL function calling interface to make it usable during initial bootstrap

- add sanity checks and produce error messages,

when function args are incorrect.

- do not throw errors in case it is called before the

table acs_function_args was created (during boot)

- added preliminary "list" call to acs::dc

- added first *-init.tcl to be called after loading

the *-proc.tcl files.

- removed all references to the ::xo::* namespace

Options
    • -0
    • +9
    ./tcl/00-acs-tcl-init.tcl
    • -1
    • +0
    ./tcl/20-memoize-init.tcl
    • -3
    • +29
    ./tcl/acs-db-00-procs.tcl
    • -7
    • +50
    ./tcl/acs-db-12-procs.tcl
9:27 pm

gustafn

file 00-acs-tcl-init.tcl was initially added on branch oacs-5-10.

Options
    • -0
    • +0
    ./tcl/00-acs-tcl-init.tcl
9:13 pm

gustafn

Make parameter::get_from_package_key usable during inital boot

This change makes parameter::get_from_package_key usable during

initial boot, i.e. before the table apm_parameters is created.

In these cases, the function returns just the default value.

Options
    • -55
    • +71
    ./tcl/parameter-procs.tcl