• last updated 18 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
regenerated documentation

  1. … 437 more files in changeset.
Add missing validation and use a localized error message

Add missing validation

Implement a package-specific page contract filter to collect current (and future) security fixes

Reject frames and iframes in the content

strengthen boolean variables in page contracts

  1. … 12 more files in changeset.
Fix version in package URL

  1. … 11 more files in changeset.
bumped version numbers to 5.10.1b1

  1. … 85 more files in changeset.
Prevent Javascript in the comment content

Note that this check is additional to that coming from e.g. allowed tags or similar

Do not allow data URLs

make check more robust

harden page_contract

The return URL is already site-absolute and does not need manipulation

Deprecate trivial wrappers for ad_html_text_convert

  1. … 1 more file in changeset.
Now that oneof filter can handle a wider range of formattings, prefer this filter to manual validation

Deprecate export_ns_set_vars and extend export_vars to be able to export also a custom ns_set, which was the real added value provided by this api

  1. … 9 more files in changeset.
harden page contracts

split the filters in the requires block - currently the requires block support only one filter for an argument

harden page contract

harden page contracts

harden page contracts

Cleanup leftover code

Reimplement the add/edit api to use ad_form

file comment-add-edit.adp was initially added on branch oacs-5-10.

    • -0
    • +0
    ./lib/comment-add-edit.adp
file comment-edit.adp was initially added on branch oacs-5-10.

file comment-add.adp was initially added on branch oacs-5-10.

file comment-add-edit.tcl was initially added on branch oacs-5-10.

    • -0
    • +0
    ./lib/comment-add-edit.tcl
Cleanup trivial remarks, provide the user_id explictly to the permission check

Fix typo

Enforce the mimetype the same in follow up script