• last updated 18 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
- get rid of javascript: links

- adding 'unsafe-inline' to list templates until need for "onclick" is removed

- remvoving code that was commented out

- adding nonce values to script tags

- use class = 'button' for non-navigational links

- add nonce

- add validator for forum_ids

    • -7
    • +27
    /openacs-4/packages/forums/tcl/forums-procs.tcl
    • -14
    • +13
    /openacs-4/packages/forums/www/message-post.tcl
Fixed typo - Thanks to Felix Mödritscher

    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/package-procs.tcl
Fix path in commit-hook script

Provide a commit-hook script

- generalize unknown mime-type handling for form-field "file" (untested)

- use action button like on other pages

- flag success/error more prominent

- fix construction of utl when head channel is used

- handle error when opening psql and error from withing psql the same way

- improve line reaks in source control

- improve comments

Execute security::csrf::validate only for non __batch_mode requests - Many thanks to Günter Ernst.

Reactivate commit hooks

- move deprecated proc lmap (since this conflicts with the built-in function of tcl 8.6) to acs-outdated

- use dicts for default ports

file acs-tcl-procs.tcl was initially added on branch oacs-5-9.

    • -0
    • +0
    /openacs-4/packages/acs-outdated/tcl/acs-tcl-procs.tcl
BootstrapTableRenderer: patch to prevent workflow action buttons from appearing outside of the form

- replace "my log ..." by "ns_log notice ..." as default exit handler (many thanks to Guenter Ernst for reporting)

New parameter omit_field_name_spec for create_raw_form_field proc in order to override defaults on specs. This is still lacking the parameter setting logic.

Removed obsolete xql files: their logic was already contained in general-comments-procs xqls

file upgrade-5.9.1d1-5.9.1d2.sql was initially added on branch oacs-5-9.

Removed RFC822 id generation from acs_message__new stored procedure:

beside being replication of what already available in proc acs_mail_lite::generate_message_id,

it was buggy, because it assumed http protocol (no https) and also broke General Comments

on installations that by chance had an empty SystemURL parameter

- fix typo (many thanks to Thomas Renner)

- fix omitted update after replacement of "xo::dc foreach" (many thanks to Thomas Renner)

- fixed default value specification (many thanks to Thomas Renner)

- remove one more assumption that the "base" configuration is always using the http driver