Fossil SCM
Improvements to robot-restrict.
Commit
4e73f314739095fe3aff4bd02d7510c578818b6b160177b2c909c0d298db0d28
Parent
8784c600ceaaf1e…
2 files changed
+2
-2
+1
+2
-2
| --- src/robot.c | ||
| +++ src/robot.c | ||
| @@ -252,11 +252,11 @@ | ||
| 252 | 252 | ** The VALUE of this setting is a list of GLOB patterns that match |
| 253 | 253 | ** pages for which complex HTTP requests from unauthenicated clients |
| 254 | 254 | ** should be disallowed. "Unauthenticated" means the user is "nobody". |
| 255 | 255 | ** The recommended value for this setting is: |
| 256 | 256 | ** |
| 257 | -** timelineX,diff,annotate,zip,fileage,file | |
| 257 | +** timelineX,diff,annotate,zip,fileage,file,finfo | |
| 258 | 258 | ** |
| 259 | 259 | ** The "diff" tag covers all diffing pages such as /vdiff, /fdiff, and |
| 260 | 260 | ** /vpatch. The "annotate" tag also covers /blame and /praise. "zip" |
| 261 | 261 | ** also covers /tarball and /sqlar. If a tag has an "X" character appended, |
| 262 | 262 | ** then it only applies if query parameters are such that the page is |
| @@ -268,11 +268,11 @@ | ||
| 268 | 268 | |
| 269 | 269 | /* |
| 270 | 270 | ** Return the default restriction GLOB |
| 271 | 271 | */ |
| 272 | 272 | const char *robot_restrict_default(void){ |
| 273 | - return "timelineX,diff,annotate,zip,fileage,file"; | |
| 273 | + return "timelineX,diff,annotate,zip,fileage,file,finfo"; | |
| 274 | 274 | } |
| 275 | 275 | |
| 276 | 276 | /* |
| 277 | 277 | ** Return true if zTag matches one of the tags in the robot-restrict |
| 278 | 278 | ** setting. |
| 279 | 279 |
| --- src/robot.c | |
| +++ src/robot.c | |
| @@ -252,11 +252,11 @@ | |
| 252 | ** The VALUE of this setting is a list of GLOB patterns that match |
| 253 | ** pages for which complex HTTP requests from unauthenicated clients |
| 254 | ** should be disallowed. "Unauthenticated" means the user is "nobody". |
| 255 | ** The recommended value for this setting is: |
| 256 | ** |
| 257 | ** timelineX,diff,annotate,zip,fileage,file |
| 258 | ** |
| 259 | ** The "diff" tag covers all diffing pages such as /vdiff, /fdiff, and |
| 260 | ** /vpatch. The "annotate" tag also covers /blame and /praise. "zip" |
| 261 | ** also covers /tarball and /sqlar. If a tag has an "X" character appended, |
| 262 | ** then it only applies if query parameters are such that the page is |
| @@ -268,11 +268,11 @@ | |
| 268 | |
| 269 | /* |
| 270 | ** Return the default restriction GLOB |
| 271 | */ |
| 272 | const char *robot_restrict_default(void){ |
| 273 | return "timelineX,diff,annotate,zip,fileage,file"; |
| 274 | } |
| 275 | |
| 276 | /* |
| 277 | ** Return true if zTag matches one of the tags in the robot-restrict |
| 278 | ** setting. |
| 279 |
| --- src/robot.c | |
| +++ src/robot.c | |
| @@ -252,11 +252,11 @@ | |
| 252 | ** The VALUE of this setting is a list of GLOB patterns that match |
| 253 | ** pages for which complex HTTP requests from unauthenicated clients |
| 254 | ** should be disallowed. "Unauthenticated" means the user is "nobody". |
| 255 | ** The recommended value for this setting is: |
| 256 | ** |
| 257 | ** timelineX,diff,annotate,zip,fileage,file,finfo |
| 258 | ** |
| 259 | ** The "diff" tag covers all diffing pages such as /vdiff, /fdiff, and |
| 260 | ** /vpatch. The "annotate" tag also covers /blame and /praise. "zip" |
| 261 | ** also covers /tarball and /sqlar. If a tag has an "X" character appended, |
| 262 | ** then it only applies if query parameters are such that the page is |
| @@ -268,11 +268,11 @@ | |
| 268 | |
| 269 | /* |
| 270 | ** Return the default restriction GLOB |
| 271 | */ |
| 272 | const char *robot_restrict_default(void){ |
| 273 | return "timelineX,diff,annotate,zip,fileage,file,finfo"; |
| 274 | } |
| 275 | |
| 276 | /* |
| 277 | ** Return true if zTag matches one of the tags in the robot-restrict |
| 278 | ** setting. |
| 279 |
+1
| --- src/timeline.c | ||
| +++ src/timeline.c | ||
| @@ -1970,10 +1970,11 @@ | ||
| 1970 | 1970 | } |
| 1971 | 1971 | if( showSql ) db_append_dml_to_blob(&allSql); |
| 1972 | 1972 | if( zUses!=0 ){ |
| 1973 | 1973 | int ufid = db_int(0, "SELECT rid FROM blob WHERE uuid GLOB '%q*'", zUses); |
| 1974 | 1974 | if( ufid ){ |
| 1975 | + if( robot_restrict("timelineX") ) return; | |
| 1975 | 1976 | zUses = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", ufid); |
| 1976 | 1977 | db_multi_exec("CREATE TEMP TABLE usesfile(rid INTEGER PRIMARY KEY)"); |
| 1977 | 1978 | compute_uses_file("usesfile", ufid, 0); |
| 1978 | 1979 | zType = "ci"; |
| 1979 | 1980 | disableY = 1; |
| 1980 | 1981 |
| --- src/timeline.c | |
| +++ src/timeline.c | |
| @@ -1970,10 +1970,11 @@ | |
| 1970 | } |
| 1971 | if( showSql ) db_append_dml_to_blob(&allSql); |
| 1972 | if( zUses!=0 ){ |
| 1973 | int ufid = db_int(0, "SELECT rid FROM blob WHERE uuid GLOB '%q*'", zUses); |
| 1974 | if( ufid ){ |
| 1975 | zUses = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", ufid); |
| 1976 | db_multi_exec("CREATE TEMP TABLE usesfile(rid INTEGER PRIMARY KEY)"); |
| 1977 | compute_uses_file("usesfile", ufid, 0); |
| 1978 | zType = "ci"; |
| 1979 | disableY = 1; |
| 1980 |
| --- src/timeline.c | |
| +++ src/timeline.c | |
| @@ -1970,10 +1970,11 @@ | |
| 1970 | } |
| 1971 | if( showSql ) db_append_dml_to_blob(&allSql); |
| 1972 | if( zUses!=0 ){ |
| 1973 | int ufid = db_int(0, "SELECT rid FROM blob WHERE uuid GLOB '%q*'", zUses); |
| 1974 | if( ufid ){ |
| 1975 | if( robot_restrict("timelineX") ) return; |
| 1976 | zUses = db_text(0, "SELECT uuid FROM blob WHERE rid=%d", ufid); |
| 1977 | db_multi_exec("CREATE TEMP TABLE usesfile(rid INTEGER PRIMARY KEY)"); |
| 1978 | compute_uses_file("usesfile", ufid, 0); |
| 1979 | zType = "ci"; |
| 1980 | disableY = 1; |
| 1981 |