Commits
- Commit:
4d648b92ac1ac5f952a42f29052c56e8d32547a3
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotwebd: add CSP policy
ok tracey@
- Commit:
f897bb2469da024a8db3b1fae10d24ac7cf040e1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotwebd: fix for possible NULL beign passed to fcgi_printf
reported by and ok tracey@
- Commit:
d927f8c8203baf6607d4e64fa3520e2d164100e6
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotwebd: make sure to escape possibly unsafe strings
this fixes only the HTML escaping of strings, the urlencode is still
missig.
while here also plug a memory leak in gotweb_render_branches and drop
some needless ternary operators.
ok tracey@
- Commit:
336c64e8b8d86804e345f9ad6cd5e9690768d48d
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotwebd: minor tweaks to the generated HTML
spotted by validator.w3.org:
- use target="_blank" instead of `_sotd'
- drop `alt' attributes in `a' tags
This fixes all the errors reported; only a warning suggesting to add a
`lang' attribute on the <html> tag remains.
- Commit:
026ac2c462910064c5c9143a96b17a920e6bbc58
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
mark functions internally used by sockets.c as static
ok tracey
- Commit:
859aa9f48371a84128b60e2c2ba9f873a4ea70cf
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
fix previous: store port number in host byte order, convert for struct sockaddr
With the previous patch the listen port was correct, but the debug log output
was still displaying the swapped port number. Now both listen behaviour and
debug log output agree.
- Commit:
d72940a3a166aaa6620b4b444af1fa16b5e216f5
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
fix gotwebd default fcgi listen port byte-order (port 10275 -> port 9000)
ok tracey
- Commit:
2fb25d87ff7b3572bc98a7bea5f7380727b180e5
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotwebd: listen on localhost only by default
ok tracey
- Commit:
610dd8c9f454e1625b0eddc16af87b765279b0a5
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotwebd: struct socket_conf can only use a single address, so don't use a list
ok tracey
- Commit:
01498c42e0fc9fb6355312a236656cf2f36cebc0
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotwebd: add fcgi_printf
instead of fcgi_gen_response which outputs only a fixed strings provide
a printf-like fcgi_printf: it greatly simplifies the generation of the
HTML pages.
While here also (probably) fix some HTML errors: the output was verified
with the W3C validator and it's correct (in the sense that the tags are
properly closed, there are still some other things the validator
complains about.)
ok/encouragement baseprime@, ok jamsek
Thanks for reading such a boring diff!
- Commit:
85f2c2e0132ed34974446382474602b11d336f3a
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix overflow in blame callback
spotted by noticing gotwebd crashing on some blame requests.
Diff from stsp@ with a fix from tracey@, I'm committing it only because
he is short on time.
ok stsp@
- Commit:
4fcc9f7404ca2e0dd2ee085f09d6246587c6c503
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotwebd: initialize IPv4 and IPv6 sockets in the same way
ok tracey
- Commit:
73ffdfc038e3a5f5bf130d7c5754428ff92f69e4
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotwebd: don't listen on FCGI sockets when FCGI is not enabled
ok tracey
- Commit:
2ad48e9a6b577bb911e97eb269ed1654dbb048f9
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotwebd: do not allocate server/socket list heads separately
ok millert@
- Commit:
e087e1f6e7b926dcff23d90de416399c114d582e
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
gotwebd: do not allocate address list heads separately, this is unnecessary
ok millert@
- Commit:
438d0cc30baf8e97fd870f5e620833e0a45401aa
- From:
- Omar Polo <op@omarpolo.com>
- Date:
fix snprintf error handling
follow the "proper secure idiom" described in the CAVEATS section of
printf(3). reminded by tb@ and millert@
- Commit:
ea8d9c76cc8fdc1dacfcc1cb952769fcd0930b10
- From:
- Omar Polo <op@omarpolo.com>
- Date:
convert two snprintf to strlcpy
"looks good to me" millert@
- Commit:
36e83e5eea8d1387c024006cc320e4ef9d545b16
- From:
- Omar Polo <op@omarpolo.com>
- Date:
check for fprintf failure
- Commit:
217e00e5c96081b997cc75f9314f631347527fdf
- From:
- Josiah Frentsos <jfrent@tilde.team>
- Via:
- Stefan Sperling <stsp@stsp.name>
- Date:
got(1): Replace 'Ar sign' with 'Cm sign'
Cm sign matches the markup used in the ssh-keygen(1) man page.
Patch by Josiah Frentsos
- Commit:
c912cbbfaa9889cb87cebee87ff0df1f3c5db9fc
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
regress: adjust expected usage output in "revert_no_arguments" test
- Commit:
827a167b34401bd6541b199377e4e6c68d643151
- From:
- Josiah Frentsos <jfrent@tilde.team>
- Via:
- Stefan Sperling <stsp@stsp.name>
- Date:
Group options in accordance with style(9)
patch by Josiah Frentsos
- Commit:
ace4e41cf157fb25a0b4924a7d9490ced58e12a1
- From:
- Omar Polo <op@omarpolo.com>
- Date:
gotwebd: fix double free in gotweb_process_request
don't free the querystring, it's already done later by
fcgi_celanup_request.
ok tracey@
- Commit:
374f69ddc0b897e90fa603748cac7859adac2769
- From:
- Stefan Sperling <stsp@stsp.name>
- Date:
tog: add missing checks for NULL pointers in log view state
ok jamsek
- Commit:
11edf34c28f6c60a1d37d5c83c758e90df02fe7a
- From:
- Mark Jamsek <mark@jamsek.dev>
- Date:
tog: don't block when processing log view 'G' key map
As per stsp's TODO item, make tog respond to key presses while "loading..."
history. Initial testing in src.git appears to work as intended.
ok stsp@
- Commit:
df68a56be62fb658f8307fc5321e12b7b9fce746
- From:
- Mark Jamsek <mark@jamsek.dev>
- Date:
tog: fix delayed tree index update
If a child blame view has been opened, halfdelay() is reset to a 1 second
refresh rate, so the index in the header lags behind subtree navigation as we
set the index based on the selected tree entry, which isn't updated till that
refresh cycle completes. Don't wait for the selected_entry to update; instead,
compute the index from the first displayed entry and the currently selected
line index.
improved by and ok stsp@