Fossil SCM
Add the FOSSIL_NONCE parameter to extension CGI.
Commit
3f0ade5592df4d91f70335d85fb7f4a5f7ae4c99a2f0663bc0ca533f59dd078f
Parent
b26967cfcb58f24…
1 file changed
+2
+2
| --- src/extcgi.c | ||
| +++ src/extcgi.c | ||
| @@ -48,10 +48,11 @@ | ||
| 48 | 48 | "AUTH_CONTENT", |
| 49 | 49 | "CONTENT_LENGTH", |
| 50 | 50 | "CONTENT_TYPE", |
| 51 | 51 | "DOCUMENT_ROOT", |
| 52 | 52 | "FOSSIL_CAPABILITIES", |
| 53 | + "FOSSIL_NONCE", | |
| 53 | 54 | "FOSSIL_REPOSITORY", |
| 54 | 55 | "FOSSIL_URI", |
| 55 | 56 | "FOSSIL_USER", |
| 56 | 57 | "GATEWAY_INTERFACE", |
| 57 | 58 | "HTTPS", |
| @@ -220,10 +221,11 @@ | ||
| 220 | 221 | cgi_replace_parameter("PATH_INFO", zName + strlen(zScript+nRoot+1)); |
| 221 | 222 | if( g.zLogin ){ |
| 222 | 223 | cgi_replace_parameter("REMOTE_USER", g.zLogin); |
| 223 | 224 | cgi_set_parameter_nocopy("FOSSIL_USER", g.zLogin, 0); |
| 224 | 225 | } |
| 226 | + cgi_set_parameter_nocopy("FOSSIL_NONCE", style_nonce(), 0); | |
| 225 | 227 | cgi_set_parameter_nocopy("FOSSIL_REPOSITORY", g.zRepositoryName, 0); |
| 226 | 228 | cgi_set_parameter_nocopy("FOSSIL_URI", g.zTop, 0); |
| 227 | 229 | cgi_set_parameter_nocopy("FOSSIL_CAPABILITIES", |
| 228 | 230 | db_text("","SELECT fullcap(cap) FROM user WHERE login=%Q", |
| 229 | 231 | g.zLogin ? g.zLogin : "nobody"), 0); |
| 230 | 232 |
| --- src/extcgi.c | |
| +++ src/extcgi.c | |
| @@ -48,10 +48,11 @@ | |
| 48 | "AUTH_CONTENT", |
| 49 | "CONTENT_LENGTH", |
| 50 | "CONTENT_TYPE", |
| 51 | "DOCUMENT_ROOT", |
| 52 | "FOSSIL_CAPABILITIES", |
| 53 | "FOSSIL_REPOSITORY", |
| 54 | "FOSSIL_URI", |
| 55 | "FOSSIL_USER", |
| 56 | "GATEWAY_INTERFACE", |
| 57 | "HTTPS", |
| @@ -220,10 +221,11 @@ | |
| 220 | cgi_replace_parameter("PATH_INFO", zName + strlen(zScript+nRoot+1)); |
| 221 | if( g.zLogin ){ |
| 222 | cgi_replace_parameter("REMOTE_USER", g.zLogin); |
| 223 | cgi_set_parameter_nocopy("FOSSIL_USER", g.zLogin, 0); |
| 224 | } |
| 225 | cgi_set_parameter_nocopy("FOSSIL_REPOSITORY", g.zRepositoryName, 0); |
| 226 | cgi_set_parameter_nocopy("FOSSIL_URI", g.zTop, 0); |
| 227 | cgi_set_parameter_nocopy("FOSSIL_CAPABILITIES", |
| 228 | db_text("","SELECT fullcap(cap) FROM user WHERE login=%Q", |
| 229 | g.zLogin ? g.zLogin : "nobody"), 0); |
| 230 |
| --- src/extcgi.c | |
| +++ src/extcgi.c | |
| @@ -48,10 +48,11 @@ | |
| 48 | "AUTH_CONTENT", |
| 49 | "CONTENT_LENGTH", |
| 50 | "CONTENT_TYPE", |
| 51 | "DOCUMENT_ROOT", |
| 52 | "FOSSIL_CAPABILITIES", |
| 53 | "FOSSIL_NONCE", |
| 54 | "FOSSIL_REPOSITORY", |
| 55 | "FOSSIL_URI", |
| 56 | "FOSSIL_USER", |
| 57 | "GATEWAY_INTERFACE", |
| 58 | "HTTPS", |
| @@ -220,10 +221,11 @@ | |
| 221 | cgi_replace_parameter("PATH_INFO", zName + strlen(zScript+nRoot+1)); |
| 222 | if( g.zLogin ){ |
| 223 | cgi_replace_parameter("REMOTE_USER", g.zLogin); |
| 224 | cgi_set_parameter_nocopy("FOSSIL_USER", g.zLogin, 0); |
| 225 | } |
| 226 | cgi_set_parameter_nocopy("FOSSIL_NONCE", style_nonce(), 0); |
| 227 | cgi_set_parameter_nocopy("FOSSIL_REPOSITORY", g.zRepositoryName, 0); |
| 228 | cgi_set_parameter_nocopy("FOSSIL_URI", g.zTop, 0); |
| 229 | cgi_set_parameter_nocopy("FOSSIL_CAPABILITIES", |
| 230 | db_text("","SELECT fullcap(cap) FROM user WHERE login=%Q", |
| 231 | g.zLogin ? g.zLogin : "nobody"), 0); |
| 232 |