• last updated 8 hours ago
Constraints: committers
Constraints: files
Constraints: dates
Add page contract

distinguish between url and item_ref

don't rely on uppercase header field names

whitespace changes

whitespace changes

add safety-guard in case, someone tries to call action via hacking form hacking

    • -13
    • +25
fix typoCVS: ----------------------------------------------------------------------

add transtional code to support semi-upgraded folders (having no description field set)

    • -1
    • +13
whitespace cleanup

    • -713
    • +713
provide better argument name

switch to simple new group::update call with dict as argument

This change fixes as well a bug in install::xml::action::set-join-policy

since group::get returns a member "text" which is not accepted by


    • -3
    • +3
    • -3
    • +2
provide configuration for exam folder

    • -0
    • +2
provide additional configuration hooks when creating new pages

- p.source (copy variables from that site-wide page upon creation)

- p.configure (call a method for configuration of the page)

    • -5
    • +14
provide mimetype to "text" field (otherwise form is incorrectly displayed in browser)

support passing a dict as argument to "group::update" (not only array)

support folder instances as prototype pages

provide a default menu config via proc

The setup of the menu of xowf instances can be now configured

via {config -use xowf}, new instances are created with this setup

    • -1
    • +23
relax default samesite setting for login and session cookies to lax

This change was made because otherwise the "keep me logged in"

is often lost, e.g. also with toplevel navigation requests

(e.g. when navigating to the site via Google)

show notification controls only, when the request is not from a bot

    • -3
    • +3
    • -17
    • +21
    • -6
    • +9
    • -3
    • +6
added "ad_conn bot_p" to check, whether request was initiated by a bot

This feature is based on a simple heuristic based on the user-agent

(which can be certainly extended). It is useful to avoid e.g. Google

bot to run into "notifications subscribe" + login attempts, which

are useful for not-logged-in user, but not for bots. These attemps

lead to failures in google statistics that might reduce the google

ranking of a web site.

    • -2
    • +2
reduce debugging output

fix listing of batch run

- make links clickable

- modernize Tcl code

improve debug message

Try to ask the browser to disable noise suppression on the microphone, so that silence detection won't trigger in case of "normal" environmental silence

Port of downstream behavior:

create_link instproc is supposed to return an object. In case of error, just crash and let the anchor insproc handle the exception, instead of trying to use the error message as an object.

    • -9
    • +3
relax url detection

add check if item_id exists

fix typo in log statement

Whitespace changes

Deprecate 'f::lambda' in favor of tcllib implementation