Fossil SCM

More information about cookies on the /cookies page.

drh 2024-08-23 16:10 trunk

Commit 10949f530084a92d784bab69349ccc970b850f7eeac951398d90b296a27addcc

Parent 8581e376c341a59…

1 file changed +27

M src/cookies.c

+27

		--- src/cookies.c
		+++ src/cookies.c
		@@ -211,10 +211,19 @@
211	211	assert( zPName!=0 );
212	212	cookie_parse();
213	213	for(i=0; i<cookies.nParam && strcmp(zPName,cookies.aParam[i].zPName); i++){}
214	214	return i<cookies.nParam ? cookies.aParam[i].zPValue : zDefault;
215	215	}
	216	+
	217	+/* Return the number of characters of hex in the prefix to the
	218	+** given string.
	219	+*/
	220	+static int hex_prefix_length(const char *z){
	221	+ int i;
	222	+ for(i=0; fossil_isXdigit(z[i]); i++){}
	223	+ return i;
	224	+}
216	225
217	226	/*
218	227	** WEBPAGE: cookies
219	228	**
220	229	** Show all cookies associated with Fossil. This shows the text of the
		@@ -229,10 +238,11 @@
229	238	void cookie_page(void){
230	239	int i;
231	240	int nCookie = 0;
232	241	const char *zName = 0;
233	242	const char *zValue = 0;
	243	+ const char *zLoginCookie = login_cookie_name();
234	244	int isQP = 0;
235	245	int bFDSonly = strstr(g.zPath, "fdscookie")!=0;
236	246	cookie_parse();
237	247	if( bFDSonly ){
238	248	style_header("Display Preferences Cookie");
		@@ -254,15 +264,32 @@
254	264	nCookie++;
255	265	@ <li><p><b>%h(zName)</b>: %h(zValue)
256	266	@ <input type="submit" name="%h(zDel)" value="Delete">
257	267	if( fossil_strcmp(zName, DISPLAY_SETTINGS_COOKIE)==0 && cookies.nParam>0 ){
258	268	int j;
	269	+ @ <p>This cookie remembers your Fossil display preferences.
259	270	@ <ul>
260	271	for(j=0; j<cookies.nParam; j++){
261	272	@ <li>%h(cookies.aParam[j].zPName): "%h(cookies.aParam[j].zPValue)"
262	273	}
263	274	@ </ul>
	275	+ }else
	276	+ if( fossil_strcmp(zName, zLoginCookie)==0 ){
	277	+ @ <p>This is your login cookie. If you delete this cookie, you will
	278	+ @ be logged out.
	279	+ }else
	280	+ if( fossil_strncmp(zName, "fossil-", 7)==0
	281	+ && strlen(zName)==32
	282	+ && hex_prefix_length(&zName[7])==16
	283	+ && hex_prefix_length(zValue)>24
	284	+ ){
	285	+ @ <p>This appears to be a login cookie for another Fossil repository
	286	+ @ in the same website.
	287	+ }
	288	+ else {
	289	+ @ <p>This cookie was not generated by Fossil. It might be something
	290	+ @ from another program on the same website.
264	291	}
265	292	fossil_free(zDel);
266	293	}
267	294	@ </ol>
268	295	@ </form>
269	296

	--- src/cookies.c
	+++ src/cookies.c
	@@ -211,10 +211,19 @@
211	assert( zPName!=0 );
212	cookie_parse();
213	for(i=0; i<cookies.nParam && strcmp(zPName,cookies.aParam[i].zPName); i++){}
214	return i<cookies.nParam ? cookies.aParam[i].zPValue : zDefault;
215	}









216
217	/*
218	** WEBPAGE: cookies
219	**
220	** Show all cookies associated with Fossil. This shows the text of the
	@@ -229,10 +238,11 @@
229	void cookie_page(void){
230	int i;
231	int nCookie = 0;
232	const char *zName = 0;
233	const char *zValue = 0;

234	int isQP = 0;
235	int bFDSonly = strstr(g.zPath, "fdscookie")!=0;
236	cookie_parse();
237	if( bFDSonly ){
238	style_header("Display Preferences Cookie");
	@@ -254,15 +264,32 @@
254	nCookie++;
255	@ <li><p><b>%h(zName)</b>: %h(zValue)
256	@ <input type="submit" name="%h(zDel)" value="Delete">
257	if( fossil_strcmp(zName, DISPLAY_SETTINGS_COOKIE)==0 && cookies.nParam>0 ){
258	int j;

259	@ <ul>
260	for(j=0; j<cookies.nParam; j++){
261	@ <li>%h(cookies.aParam[j].zPName): "%h(cookies.aParam[j].zPValue)"
262	}
263	@ </ul>
















264	}
265	fossil_free(zDel);
266	}
267	@ </ol>
268	@ </form>
269

	--- src/cookies.c
	+++ src/cookies.c
	@@ -211,10 +211,19 @@
211	assert( zPName!=0 );
212	cookie_parse();
213	for(i=0; i<cookies.nParam && strcmp(zPName,cookies.aParam[i].zPName); i++){}
214	return i<cookies.nParam ? cookies.aParam[i].zPValue : zDefault;
215	}
216
217	/* Return the number of characters of hex in the prefix to the
218	** given string.
219	*/
220	static int hex_prefix_length(const char *z){
221	int i;
222	for(i=0; fossil_isXdigit(z[i]); i++){}
223	return i;
224	}
225
226	/*
227	** WEBPAGE: cookies
228	**
229	** Show all cookies associated with Fossil. This shows the text of the
	@@ -229,10 +238,11 @@
238	void cookie_page(void){
239	int i;
240	int nCookie = 0;
241	const char *zName = 0;
242	const char *zValue = 0;
243	const char *zLoginCookie = login_cookie_name();
244	int isQP = 0;
245	int bFDSonly = strstr(g.zPath, "fdscookie")!=0;
246	cookie_parse();
247	if( bFDSonly ){
248	style_header("Display Preferences Cookie");
	@@ -254,15 +264,32 @@
264	nCookie++;
265	@ <li><p><b>%h(zName)</b>: %h(zValue)
266	@ <input type="submit" name="%h(zDel)" value="Delete">
267	if( fossil_strcmp(zName, DISPLAY_SETTINGS_COOKIE)==0 && cookies.nParam>0 ){
268	int j;
269	@ <p>This cookie remembers your Fossil display preferences.
270	@ <ul>
271	for(j=0; j<cookies.nParam; j++){
272	@ <li>%h(cookies.aParam[j].zPName): "%h(cookies.aParam[j].zPValue)"
273	}
274	@ </ul>
275	}else
276	if( fossil_strcmp(zName, zLoginCookie)==0 ){
277	@ <p>This is your login cookie. If you delete this cookie, you will
278	@ be logged out.
279	}else
280	if( fossil_strncmp(zName, "fossil-", 7)==0
281	&& strlen(zName)==32
282	&& hex_prefix_length(&zName[7])==16
283	&& hex_prefix_length(zValue)>24
284	){
285	@ <p>This appears to be a login cookie for another Fossil repository
286	@ in the same website.
287	}
288	else {
289	@ <p>This cookie was not generated by Fossil. It might be something
290	@ from another program on the same website.
291	}
292	fossil_free(zDel);
293	}
294	@ </ol>
295	@ </form>
296

Fossil SCM

Keyboard Shortcuts