Activity OpenACS/

Introduce a new option for form-usages includelet which, similar to child resources, allows to specify bulk actions (currently, only 'export' is implemented)

- -1
- +20
/openacs-4/packages/xowiki/tcl/includelet-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../includelet-procs.tcl

1:30 pm

gustafn

report server tag name as well to get precise version info

- -1
- +1
/openacs-4/packages/xotcl-core/tcl/01-debug-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../01-debug-procs.tcl

7:22 pm

hectorr

Add '-delete' flag to 'ad_parameter_cache' in 'parameter::set_value', to delete the value from cache before setting, making the value coherent amongst threads (thanks Antonio for the fix).

- -2
- +2
/openacs-4/packages/acs-tcl/tcl/parameter-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../parameter-procs.tcl

11:15 am

gustafn

make code more robust when exposed to hacking attacks

- -3
- +12
/openacs-4/packages/acs-api-browser/www/proc-view.tcl
- History
- Source
- Diff
/openacs-4/packages/.../www/proc-view.tcl

10:49 pm

gustafn

keep chain on session_ids in case the sessions change

- -14
- +20
/openacs-4/packages/acs-tcl/tcl/security-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../security-procs.tcl

11:07 am

gustafn

More
MAIN:gustafn:20190219100744
changed 3 files
MAIN

comment out and/or drop references t money to address issue #3381

- -2
- +1
/openacs-4/packages/dynamic-types/sql/oracle/widgets-create.sql
- History
- Source
- Diff
/openacs-4/packages/.../widgets-create.sql
- -2
- +1
/openacs-4/packages/dynamic-types/sql/postgresql/metadata-create.sql
- History
- Source
- Diff
/openacs-4/packages/.../metadata-create.sql
- -2
- +2
/openacs-4/packages/dynamic-types/tcl/table-procs-postgresql.xql
- History
- Source
- Diff
/openacs-4/.../table-procs-postgresql.xql

10:45 am

gustafn

Default value for "sign" in export vars should be empty, and not "0"

- -3
- +5
/openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../utilities-procs.tcl

2:13 pm

gustafn

- relax strict error handling on export_vars_sign for the time being

- -2
- +9
/openacs-4/packages/acs-tcl/tcl/utilities-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../utilities-procs.tcl

1:40 pm

antoniop

Fix regression in 'if_no_rows' idiom for db_foreach, document alternative syntax, create a test for db_foreach main functionalities

- -7
- +5
/openacs-4/packages/acs-tcl/tcl/00-database-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../00-database-procs.tcl
- -0
- +35
/openacs-4/packages/acs-tcl/tcl/test/acs-tcl-test-procs.tcl
- History
- Source
- Diff
/openacs-4/.../acs-tcl-test-procs.tcl

4:52 pm

gustafn

simplify and fix subst operation

- -3
- +2
/openacs-4/packages/acs-admin/www/apm/packages-install.tcl
- History
- Source
- Diff
/openacs-4/packages/.../packages-install.tcl

4:50 pm

gustafn

distinguish between "install" and "upgrade" in heading and explanation text

- -5
- +5
/openacs-4/packages/acs-admin/www/apm/packages-install.tcl
- History
- Source
- Diff
/openacs-4/packages/.../packages-install.tcl

1:19 pm

gustafn

- ad_set_cookie: add option "-samesite" and use it, when the server supports it (NaviServer 4.99.18)

- use "-samesite strict" per default on signed cookies

Background from NaviServer commit:

ns_setcookie: add flag "-samesite" with values "strict|lax|none"

When the flag is set it prevents the browser from

sending this cookie along with cross-site requests to mitigate cross site

scripting attacks. Permissible values are [term strict], [term lax],

or [term none] (default). While the value [term strict] prevents

sending the cookie to the target site in all cross-site browsing

context, the value of [term lax] allows sending the cookie when the

user clicks on regular links. For details, see

https://www.owasp.org/index.php/SameSite

This cookie flag is not yet part of an RFC, but most major browsers

support it. Browsers that do not support it, ignore the flag

silently (see https://caniuse.com/#search=samesite).

Although most cookies should probably use the flags, in order to

provide backward compatibility, the flag can't be activated by

default on all cookies.

- -1
- +3
/openacs-4/packages/acs-tcl/tcl/security-procs.tcl
- History
- Source
- Diff
/openacs-4/packages/.../security-procs.tcl
- -0
- +1
/openacs-4/packages/acs-tcl/tcl/utilities-procs-aolserver.tcl
- History
- Source
- Diff
/openacs-4/.../utilities-procs-aolserver.tcl
- -3
- +17
/openacs-4/packages/acs-tcl/tcl/utilities-procs-naviserver.tcl
- History
- Source
- Diff
/openacs-4/.../utilities-procs-naviserver.tcl

10:33 am

gustafn

Bring files on oacs-5-10 in sync with HEAD

- -13
- +0
/openacs-4/packages/chat/lib/transcripts.xql
- History
- Source
- Diff
/openacs-4/packages/.../lib/transcripts.xql
- -3
- +18
/openacs-4/packages/faq-portlet/www/faq-portlet.tcl
- History
- Source
- Diff
/openacs-4/packages/.../www/faq-portlet.tcl
- -0
- +37
/openacs-4/packages/general-comments/tcl/general-comments-procs-oracle.xql
- History
- Source
- Diff
/openacs-4/.../general-comments-procs-oracle.xql
- -0
- +39
/openacs-4/packages/general-comments/tcl/general-comments-procs-postgresql.xql
- History
- Source
- Diff
/openacs-4/.../general-comments-procs-postgresql.xql

9:47 am

gustafn

whitespace and spelling changes

- -3
- +3
/openacs-4/packages/xowiki/resources/templates/oacs-view.adp
- History
- Source
- Diff
/openacs-4/packages/.../oacs-view.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/oacs-view2.adp
- History
- Source
- Diff
/openacs-4/packages/.../oacs-view2.adp
- -7
- +7
/openacs-4/packages/xowiki/resources/templates/oacs-view3-bootstrap3.adp
- History
- Source
- Diff
/openacs-4/.../oacs-view3-bootstrap3.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/oacs-view3.adp
- History
- Source
- Diff
/openacs-4/packages/.../oacs-view3.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/view-book-no-ajax.adp
- History
- Source
- Diff
/openacs-4/packages/.../view-book-no-ajax.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/view-book.adp
- History
- Source
- Diff
/openacs-4/packages/.../view-book.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/view-default.adp
- History
- Source
- Diff
/openacs-4/packages/.../view-default.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/view-links.adp
- History
- Source
- Diff
/openacs-4/packages/.../view-links.adp
- -2
- +2
/openacs-4/packages/xowiki/resources/templates/view-plain.adp
- History
- Source
- Diff
/openacs-4/packages/.../view-plain.adp
- -12
- +12
/openacs-4/packages/xowiki/tcl/adp-generator-procs.tcl
- History
- Source
- Diff
/openacs-4/.../adp-generator-procs.tcl

7:18 pm

antoniop

category_tree::get_categories reform:

always return all root categories of given tree. Keep sorting by localized name, but use the en_US translation as a default when desired one is missing. Improve documentation.

- -10
- +26
/openacs-4/packages/categories/tcl/category-trees-procs.tcl
- History
- Source
- Diff
/openacs-4/.../category-trees-procs.tcl
- -11
- +0
/openacs-4/packages/categories/tcl/category-trees-procs.xql
- History
- Source
- Diff
/openacs-4/.../category-trees-procs.xql

6:32 pm

Rollback of 'boolean' parameter datatype, as oracle does not see necessary to have 'boolean' datatypes, and they do not even provide with a proper alternative on what to use instead. Great. See: https://asktom.oracle.com/pls/asktom/f?p=100:11:0::::P11_QUESTION_ID:6263249199595#876972400346931526