• last updated 16 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Do not allow unusual schemas like base64 and json as local URLs

This case was flagged by a vulnerability scan, but at least at the found instance

it was a false positive...

Extended json2dict to cover arraycontainer

Many thank to Rolf for his feedback!

adjust coverage information

Bump version number to 5.10.1b5 such we can depend on new functionality

new API function: util::json2dict

This function is similar to the tcllib function json::json2dict, but

is based on tDOM and is several times faster.

file json-test-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/test/json-test-procs.tcl
Mode use of new util::resources::version_dir

Made download helper more modular and added support for a version_API

whitespace cleanup

Added support for specifying -expires and -timeout with a time unit

Previously, the "integer" constrain avoided this. Now, we rely on the

error messages of NaviServer to handle incorrect values.

Flush the package_url cache when we mount a new package, as this may be the first time that we instantiate this particular package

fixed test server_startup_ok

Previously, the test was returning different results depending on the order of

tests.

While it is in general better to avoid error entries in the log file during

regression test, since these testing expected behavior, while error entries

in the log file should indicated unexpected behavior. However, it is still

a long way to let the regression test run cleanly.

  1. … 1 more file in changeset.
Fixed regression test and make more use of "aa_test_start" and "aa_test_end"

This change reduces the errors in the log file a lets run the

regression test (on my site) without reported errors as reported by

acs_kernel__server_startup_ok.

  1. … 2 more files in changeset.
Skip test, when the optional parameter DiskCache is not defined.

Otherwise, the attempt to set the parameter will fail and will output

an error message to the log file.

Spelling changes

Provide an API to check/set/clear the state of the regression test

The new calls are:

- aa_test_running_p

- aa_test_start

- aa_test_end

  1. … 1 more file in changeset.
Claim additional coverage

Extend test suite to check URL protocol validation

Complete the URL earlier, so that protocol-relative URLs can be correctly determined as external or not

Extend test suite to check behavior validating external URLs

Fixes for regression test: util_http_json_encoding

This change corrects 2 bugs, causing the regression test to fail under certain circumstances:

1) use for test location [::acs::test::url] instead of [ad_url]

The call [::acs::test::url] should be used for all tests in the regression tests and avoids

problems with wrong URLs when running e.g. in a container

2) When running on a setup with self-signed certificates, the curl requests require a "-k"

flag to be passed. Otherwise, the regression test fails.

Rework URL validation in ad_dom_sanitize_html

We now prefer higher level api to determine:

- if a URL is external

- what protocol should be assumed for a URL when this is relative or protocol-relative

Fix test case

Extend test suite

provide a better domain name for temporal accounts in regression test

    • -2
    • +2
    ./tcl/test/community-core-test-procs.tcl
made test for valid protocols case invariant

Reflect api changes in the test suite

improved spelling

  1. … 14 more files in changeset.
Cluster updates: better support when running in containers

- generalized servers running with an INADDR_ANY address

- handling of running server with ephemeral ports

- streamline function and variable names

- added ./tcl/acs-container-procs.tcl

* make container definitions independent of cluster handling

* create container mapping based on a JSON file, which

can be obtained from docker to get information about

external addresses

* The final interface is a mapping file in Tcl providing at least

the Tcl dict ::docker::containerMapping containing the docker

mapping. A dict key like "8080/tcp" (internal port) will return a

dict containing the keys "host", "port" and "proto" (e.g. proto

https host 192.168.1.192 port 58115).

file acs-container-procs.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./tcl/acs-container-procs.tcl