Fossil SCM
Remove an overly aggressive call to cgi_check_for_malice() on the /login page.
Commit
57d3dbb11b514ad734d9af14e9d25c32f938d43dda66d18c3ca62e6cc7424ac7
Parent
928bac993454765…
1 file changed
-1
-1
| --- src/login.c | ||
| +++ src/login.c | ||
| @@ -575,11 +575,10 @@ | ||
| 575 | 575 | /* If the "Reset Password" button in the form was pressed, render |
| 576 | 576 | ** the Request Password Reset page in place of this one. */ |
| 577 | 577 | login_reqpwreset_page(); |
| 578 | 578 | return; |
| 579 | 579 | } |
| 580 | - cgi_check_for_malice(); | |
| 581 | 580 | login_check_credentials(); |
| 582 | 581 | fossil_redirect_to_https_if_needed(1); |
| 583 | 582 | sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0, |
| 584 | 583 | constant_time_cmp_function, 0, 0); |
| 585 | 584 | zUsername = P("u"); |
| 586 | 585 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -575,11 +575,10 @@ | |
| 575 | /* If the "Reset Password" button in the form was pressed, render |
| 576 | ** the Request Password Reset page in place of this one. */ |
| 577 | login_reqpwreset_page(); |
| 578 | return; |
| 579 | } |
| 580 | cgi_check_for_malice(); |
| 581 | login_check_credentials(); |
| 582 | fossil_redirect_to_https_if_needed(1); |
| 583 | sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0, |
| 584 | constant_time_cmp_function, 0, 0); |
| 585 | zUsername = P("u"); |
| 586 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -575,11 +575,10 @@ | |
| 575 | /* If the "Reset Password" button in the form was pressed, render |
| 576 | ** the Request Password Reset page in place of this one. */ |
| 577 | login_reqpwreset_page(); |
| 578 | return; |
| 579 | } |
| 580 | login_check_credentials(); |
| 581 | fossil_redirect_to_https_if_needed(1); |
| 582 | sqlite3_create_function(g.db, "constant_time_cmp", 2, SQLITE_UTF8, 0, |
| 583 | constant_time_cmp_function, 0, 0); |
| 584 | zUsername = P("u"); |
| 585 |