• last updated 21 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
Removed inline js handlers to comply with CSP

Removed obsolete documentation about api not existing anymore

Update docs

Update docs to encourage CSP best practice

Update docs to encourage CSP best practice

Remove reference to inactive email address

  1. … 59 more files in changeset.
Removed link to obsolete documentation, removed mailto link to inactive mail

Fallback to datatype mapping based on acs_datatypes when no direct mapping is available

Replace inline js event when sending the message to comply with CSP

Comment link to inactive email

Acknowledge the original maintainer, but remove link to nonexistant domain

Update documentation to encourage CSP best practice Commented obsolete email contact

Update documentation to encourage CSP best practice

Commented obsolete email contact

Update documentation to encourage CSP best practice

Commented obsolete email contact

Update documentation so best practice is suggested

Commented out obsolete and broken proc

    • -183
    • +187
    /openacs-4/packages/acs-tcl/tcl/navigation-procs.tcl
Fix event name in handler

    • -1
    • +1
    /openacs-4/packages/forums/www/messages-get.tcl
- perform nonce-computation independent of user_id computation

- put resetting of untrusted user_id to the right place

- provide initial value for untrusted user_id

- setting nonce always (also for non-authenticated requests)

Fix event name

Removed inline js handlers to comply with CSP

Removed deprecated html attributes bgcolor and align

Fixed markup

Removed inline js handlers to comply with CSP

Removed deprecated html attributes bgcolor and align

Removed exec mv and used file rename instead

Fixed markup

Removed redundant files: they are duplicated in attach-file.adp and attach-file.tcl

in the same folder, actually used by the OacsAttach plugin and revised for CSP already.

Removed commented markup

Remove inline js handlers to comply with CSP

Remove inline event handlers to comply with CSP

    • -5
    • +18
    /openacs-4/packages/xowiki/tcl/chat-procs.tcl
Creating a transcript is an administrative action, regular users can already

see every transcript created, including the current conversation.

Therefore, disable create transcript button for people without privilege.

(Privilege would be enforced anyway afterwards)

    • -6
    • +17
    /openacs-4/packages/chat/lib/transcripts.tcl
Fix class instead of id so events can fire