• last updated 11 hours ago
Constraints
Constraints: committers
 
Constraints: files
Constraints: dates
updated version number of jquery (introduced not long ago)

Improved readability of configuration parameter "parameterSecret"

- Switched to camelCase for better readabilty and uniformity

- NaviServer configuration parameters are case insensitive, so no danger for backward compatibility

Made .xql file more consistent by using dot notation

OpenACS for PostgreSQL uses since the release of 5.10.0 the dot

notation for the SQL function acs_permission.permission_p() to ease

portability with Oracle.

In general, one has to be careful that during an upgrade from an older

OpenACS version (e.g. 5.9.*) directly to 5.10.1 to upgrade process

does not depend on the dot notation, otherwise the upgrade will fail.

One should be safe for most UI functions in this respect.

Expand permission test suite to include definition of custom privileges in a couple of setups

Provide an automated test of "advanced" permission features: permission inheritance via group, or via the permission context

Use a simpler approach to achieve the intended result, which does not rely on events

    • -19
    • +8
    /openacs-4/packages/xowiki/tcl/chat-procs.tcl
Keep comments on the server side

    • -7
    • +10
    /openacs-4/packages/xowiki/tcl/chat-procs.tcl
JS upstream updates

- Updated highcharts to 11.4.0 (when highcharts package is not installed)

- Updated jquery-3.6.3 to jquery-3.7.1.

- Bumped version number to 5.10.1b10

    • -2
    • +2
    /openacs-4/packages/xowiki/xowiki.info
    • -2
    • +2
    /openacs-4/packages/xowiki/tcl/resource-init.tcl
Ensure chat javascript is executed only when the chat itself is actually a part of the DOM

This may not be the case at the time of rendering, e.g. because the chat is rendered inside of a <template> tag and appended to the document at a later moment.

    • -2
    • +19
    /openacs-4/packages/xowiki/tcl/chat-procs.tcl
JS upstream updates

- Updated upstream library to 11.4.0

- Bumped version to 0.5

JS upstream updates

- Updated jquery-3.6.3 to jquery-3.7.1.

- Bumped version to 5.10.1b2

JS upstream updates

- Updated boostrap5 to 5.3.3

- Updated jquery-3.6.3 to jquery-3.7.1.

- Bumped version to 5.10.1b4

file jquery-3.7.1.js was initially added on branch oacs-5-10.

file jquery-3.7.1.min.js was initially added on branch oacs-5-10.

Untangle if logics

Reject URLs displaying multiple protocols

Test further improvement of injection attempt by penetration tests

Harden page contract

Strenghten validation against smarter attempts to disguise the javascript: protocol

Replicate a smarter attempt by a penetration tool to disguise the javascript: protocol

Add new extension mjs, for Javascript modules, to the Javascript mime type

file upgrade-5.10.1b3-5.10.1b4.sql was initially added on branch oacs-5-10.

file upgrade-0.6.2d6-0.6.2d7.sql was initially added on branch oacs-5-10.

added missing function args

reduce verbosity

Harden page contracts

Prefer more robust colon notation to quote database values

    • -1
    • +1
    /openacs-4/packages/xowf/tcl/xowf-procs.tcl
We replace spaces with "&nbsp" for Safari, but then convert will fail in the test... clean up the entities before trying to convert

Fix variable name

Calculate the width before quoting is applied and refine the heuristic