Fossil SCM

Update the form spider protections so that links to /register go through even if spider protection is fully enabled. This allows self-registration even if user "nobody" has no permissions.

drh 2021-03-24 15:40 trunk

Commit 89b724dcfae8a6c59f409241c9622184b0505352c64f1d39e5ad99704c41ad5e

Parent bed4b0f7fc586f9…

1 file changed +3 -1

~ src/style.c

M src/style.c

+3 -1

		--- src/style.c
		+++ src/style.c
		@@ -212,11 +212,13 @@
212	212	va_list ap;
213	213	if( zOtherArgs==0 ) zOtherArgs = "";
214	214	va_start(ap, zAction);
215	215	zLink = vmprintf(zAction, ap);
216	216	va_end(ap);
217		- if( g.perm.Hyperlink && !g.javascriptHyperlink ){
	217	+ if( fossil_strcmp(zLink,"/register")==0
	218	+ \|\| (g.perm.Hyperlink && !g.javascriptHyperlink)
	219	+ ){
218	220	@ <form method="POST" action="%z(zLink)" %s(zOtherArgs)>
219	221	}else{
220	222	needHrefJs = 1;
221	223	@ <form method="POST" data-action='%s(zLink)' action='%R/login' \
222	224	@ %s(zOtherArgs)>
223	225

	--- src/style.c
	+++ src/style.c
	@@ -212,11 +212,13 @@
212	va_list ap;
213	if( zOtherArgs==0 ) zOtherArgs = "";
214	va_start(ap, zAction);
215	zLink = vmprintf(zAction, ap);
216	va_end(ap);
217	if( g.perm.Hyperlink && !g.javascriptHyperlink ){


218	@ <form method="POST" action="%z(zLink)" %s(zOtherArgs)>
219	}else{
220	needHrefJs = 1;
221	@ <form method="POST" data-action='%s(zLink)' action='%R/login' \
222	@ %s(zOtherArgs)>
223

	--- src/style.c
	+++ src/style.c
	@@ -212,11 +212,13 @@
212	va_list ap;
213	if( zOtherArgs==0 ) zOtherArgs = "";
214	va_start(ap, zAction);
215	zLink = vmprintf(zAction, ap);
216	va_end(ap);
217	if( fossil_strcmp(zLink,"/register")==0
218	\|\| (g.perm.Hyperlink && !g.javascriptHyperlink)
219	){
220	@ <form method="POST" action="%z(zLink)" %s(zOtherArgs)>
221	}else{
222	needHrefJs = 1;
223	@ <form method="POST" data-action='%s(zLink)' action='%R/login' \
224	@ %s(zOtherArgs)>
225

Fossil SCM

Keyboard Shortcuts