Fossil SCM

Do not allow computation and download of SQL-archives by non-humans. For some reason, SQL-archives are like catnip for AI robots.

drh 2025-04-28 23:43 trunk
Commit b9a9e2b9af6ce2035c439839df4a1751d2f9c2e93582e0b286a1a6368be20f2d
Parent a884fbbd58ec9d6…
3 files changed +4 -2 +4 -2 +3
~ src/clone.c ~ src/info.c ~ src/zip.c
M src/clone.c
+4 -2
--- src/clone.c
+++ src/clone.c
@@ -430,12 +430,14 @@
430430
 const char *zNm = db_get("short-project-name","download");
431431
 char *zUrl = href("%R/zip/%t/%t.zip", zDLTag, zNm);
432432
 @ <p>ZIP Archive: %z(zUrl)%h(zNm).zip</a>
433433
 zUrl = href("%R/tarball/%t/%t.tar.gz", zDLTag, zNm);
434434
 @ <p>Tarball: %z(zUrl)%h(zNm).tar.gz</a>
435
- zUrl = href("%R/sqlar/%t/%t.sqlar", zDLTag, zNm);
436
- @ <p>SQLite Archive: %z(zUrl)%h(zNm).sqlar</a>
435
+ if( g.zLogin!=0 ){
436
+ zUrl = href("%R/sqlar/%t/%t.sqlar", zDLTag, zNm);
437
+ @ <p>SQLite Archive: %z(zUrl)%h(zNm).sqlar</a>
438
+ }
437439
 }
438440
 if( !g.perm.Clone ){
439441
 @ <p>You are not authorized to clone this repository.
440442
 if( g.zLogin==0 || g.zLogin[0]==0 ){
441443
 @ Maybe you would be able to clone if you
442444
--- src/clone.c
+++ src/clone.c
@@ -430,12 +430,14 @@
430 const char *zNm = db_get("short-project-name","download");
431 char *zUrl = href("%R/zip/%t/%t.zip", zDLTag, zNm);
432 @ <p>ZIP Archive: %z(zUrl)%h(zNm).zip</a>
433 zUrl = href("%R/tarball/%t/%t.tar.gz", zDLTag, zNm);
434 @ <p>Tarball: %z(zUrl)%h(zNm).tar.gz</a>
435 zUrl = href("%R/sqlar/%t/%t.sqlar", zDLTag, zNm);
436 @ <p>SQLite Archive: %z(zUrl)%h(zNm).sqlar</a>
 
 
437 }
438 if( !g.perm.Clone ){
439 @ <p>You are not authorized to clone this repository.
440 if( g.zLogin==0 || g.zLogin[0]==0 ){
441 @ Maybe you would be able to clone if you
442
--- src/clone.c
+++ src/clone.c
@@ -430,12 +430,14 @@
430 const char *zNm = db_get("short-project-name","download");
431 char *zUrl = href("%R/zip/%t/%t.zip", zDLTag, zNm);
432 @ <p>ZIP Archive: %z(zUrl)%h(zNm).zip</a>
433 zUrl = href("%R/tarball/%t/%t.tar.gz", zDLTag, zNm);
434 @ <p>Tarball: %z(zUrl)%h(zNm).tar.gz</a>
435 if( g.zLogin!=0 ){
436 zUrl = href("%R/sqlar/%t/%t.sqlar", zDLTag, zNm);
437 @ <p>SQLite Archive: %z(zUrl)%h(zNm).sqlar</a>
438 }
439 }
440 if( !g.perm.Clone ){
441 @ <p>You are not authorized to clone this repository.
442 if( g.zLogin==0 || g.zLogin[0]==0 ){
443 @ Maybe you would be able to clone if you
444
M src/info.c
+4 -2
--- src/info.c
+++ src/info.c
@@ -993,12 +993,14 @@
993993
 }
994994
 zUrl = mprintf("%R/tarball/%S/%t-%S.tar.gz", zUuid, zPJ, zUuid);
995995
 @ <tr><th>Downloads:</th><td>
996996
 @ %z(href("%s",zUrl))Tarball</a>
997997
 @ | %z(href("%R/zip/%S/%t-%S.zip",zUuid, zPJ,zUuid))ZIP archive</a>
998
- @ | %z(href("%R/sqlar/%S/%t-%S.sqlar",zUuid,zPJ,zUuid))\
999
- @ SQL archive</a></td></tr>
998
+ if( g.zLogin!=0 ){
999
+ @ | %z(href("%R/sqlar/%S/%t-%S.sqlar",zUuid,zPJ,zUuid))\
1000
+ @ SQL archive</a></td></tr>
1001
+ }
10001002
 fossil_free(zUrl);
10011003
 blob_reset(&projName);
10021004
 }
10031005
10041006
 @ <tr><th>Timelines:</th><td>
10051007
--- src/info.c
+++ src/info.c
@@ -993,12 +993,14 @@
993 }
994 zUrl = mprintf("%R/tarball/%S/%t-%S.tar.gz", zUuid, zPJ, zUuid);
995 @ <tr><th>Downloads:</th><td>
996 @ %z(href("%s",zUrl))Tarball</a>
997 @ | %z(href("%R/zip/%S/%t-%S.zip",zUuid, zPJ,zUuid))ZIP archive</a>
998 @ | %z(href("%R/sqlar/%S/%t-%S.sqlar",zUuid,zPJ,zUuid))\
999 @ SQL archive</a></td></tr>
 
 
1000 fossil_free(zUrl);
1001 blob_reset(&projName);
1002 }
1003
1004 @ <tr><th>Timelines:</th><td>
1005
--- src/info.c
+++ src/info.c
@@ -993,12 +993,14 @@
993 }
994 zUrl = mprintf("%R/tarball/%S/%t-%S.tar.gz", zUuid, zPJ, zUuid);
995 @ <tr><th>Downloads:</th><td>
996 @ %z(href("%s",zUrl))Tarball</a>
997 @ | %z(href("%R/zip/%S/%t-%S.zip",zUuid, zPJ,zUuid))ZIP archive</a>
998 if( g.zLogin!=0 ){
999 @ | %z(href("%R/sqlar/%S/%t-%S.sqlar",zUuid,zPJ,zUuid))\
1000 @ SQL archive</a></td></tr>
1001 }
1002 fossil_free(zUrl);
1003 blob_reset(&projName);
1004 }
1005
1006 @ <tr><th>Timelines:</th><td>
1007
M src/zip.c
+3
--- src/zip.c
+++ src/zip.c
@@ -927,10 +927,13 @@
927927
 login_check_credentials();
928928
 if( !g.perm.Zip ){ login_needed(g.anon.Zip); return; }
929929
 if( fossil_strcmp(g.zPath, "sqlar")==0 ){
930930
 eType = ARCHIVE_SQLAR;
931931
 zType = "SQL";
932
+ /* For some reason, SQL-archives are like catnip for robots. So
933
+ ** don't allow them to be downloaded by user "nobody" */
934
+ if( g.zLogin==0 ){ login_needed(g.anon.Zip); return; }
932935
 }else{
933936
 eType = ARCHIVE_ZIP;
934937
 zType = "ZIP";
935938
 }
936939
 fossil_nice_default();
937940
--- src/zip.c
+++ src/zip.c
@@ -927,10 +927,13 @@
927 login_check_credentials();
928 if( !g.perm.Zip ){ login_needed(g.anon.Zip); return; }
929 if( fossil_strcmp(g.zPath, "sqlar")==0 ){
930 eType = ARCHIVE_SQLAR;
931 zType = "SQL";
 
 
 
932 }else{
933 eType = ARCHIVE_ZIP;
934 zType = "ZIP";
935 }
936 fossil_nice_default();
937
--- src/zip.c
+++ src/zip.c
@@ -927,10 +927,13 @@
927 login_check_credentials();
928 if( !g.perm.Zip ){ login_needed(g.anon.Zip); return; }
929 if( fossil_strcmp(g.zPath, "sqlar")==0 ){
930 eType = ARCHIVE_SQLAR;
931 zType = "SQL";
932 /* For some reason, SQL-archives are like catnip for robots. So
933 ** don't allow them to be downloaded by user "nobody" */
934 if( g.zLogin==0 ){ login_needed(g.anon.Zip); return; }
935 }else{
936 eType = ARCHIVE_ZIP;
937 zType = "ZIP";
938 }
939 fossil_nice_default();
940

Keyboard Shortcuts

Open search /
Next entry (timeline) j
Previous entry (timeline) k
Open focused entry Enter
Show this help ?
Toggle theme Top nav button