Fossil SCM
Do not give unnecessary clues to user anonymous (which is the login used by most attack robots) that something has gone wrong inside of Fossil.
Commit
c66b038cae2a45d42b38cdd3e3a697999d1e0f7799ed088fecc644c981b6f53e
Parent
0971536165b064e…
1 file changed
+11
-3
+11
-3
| --- src/printf.c | ||
| +++ src/printf.c | ||
| @@ -1158,15 +1158,23 @@ | ||
| 1158 | 1158 | #endif |
| 1159 | 1159 | if( g.cgiOutput==1 && g.db ){ |
| 1160 | 1160 | g.cgiOutput = 2; |
| 1161 | 1161 | cgi_reset_content(); |
| 1162 | 1162 | cgi_set_content_type("text/html"); |
| 1163 | - style_set_current_feature("error"); | |
| 1163 | + if( g.zLogin!=0 ){ | |
| 1164 | + style_set_current_feature("error"); | |
| 1165 | + } | |
| 1164 | 1166 | style_header("Bad Request"); |
| 1165 | 1167 | etag_cancel(); |
| 1166 | - @ <p class="generalError">%h(z)</p> | |
| 1167 | - cgi_set_status(400, "Bad Request"); | |
| 1168 | + if( g.zLogin==0 ){ | |
| 1169 | + /* Do not give unnecessary clues about a malfunction to robots */ | |
| 1170 | + @ <p>Something did not work right.</p> | |
| 1171 | + @ <p>%h(z)</p> | |
| 1172 | + }else{ | |
| 1173 | + @ <p class="generalError">%h(z)</p> | |
| 1174 | + cgi_set_status(400, "Bad Request"); | |
| 1175 | + } | |
| 1168 | 1176 | style_finish_page(); |
| 1169 | 1177 | cgi_reply(); |
| 1170 | 1178 | }else if( !g.fQuiet ){ |
| 1171 | 1179 | fossil_force_newline(); |
| 1172 | 1180 | fossil_trace("%s\n", z); |
| 1173 | 1181 |
| --- src/printf.c | |
| +++ src/printf.c | |
| @@ -1158,15 +1158,23 @@ | |
| 1158 | #endif |
| 1159 | if( g.cgiOutput==1 && g.db ){ |
| 1160 | g.cgiOutput = 2; |
| 1161 | cgi_reset_content(); |
| 1162 | cgi_set_content_type("text/html"); |
| 1163 | style_set_current_feature("error"); |
| 1164 | style_header("Bad Request"); |
| 1165 | etag_cancel(); |
| 1166 | @ <p class="generalError">%h(z)</p> |
| 1167 | cgi_set_status(400, "Bad Request"); |
| 1168 | style_finish_page(); |
| 1169 | cgi_reply(); |
| 1170 | }else if( !g.fQuiet ){ |
| 1171 | fossil_force_newline(); |
| 1172 | fossil_trace("%s\n", z); |
| 1173 |
| --- src/printf.c | |
| +++ src/printf.c | |
| @@ -1158,15 +1158,23 @@ | |
| 1158 | #endif |
| 1159 | if( g.cgiOutput==1 && g.db ){ |
| 1160 | g.cgiOutput = 2; |
| 1161 | cgi_reset_content(); |
| 1162 | cgi_set_content_type("text/html"); |
| 1163 | if( g.zLogin!=0 ){ |
| 1164 | style_set_current_feature("error"); |
| 1165 | } |
| 1166 | style_header("Bad Request"); |
| 1167 | etag_cancel(); |
| 1168 | if( g.zLogin==0 ){ |
| 1169 | /* Do not give unnecessary clues about a malfunction to robots */ |
| 1170 | @ <p>Something did not work right.</p> |
| 1171 | @ <p>%h(z)</p> |
| 1172 | }else{ |
| 1173 | @ <p class="generalError">%h(z)</p> |
| 1174 | cgi_set_status(400, "Bad Request"); |
| 1175 | } |
| 1176 | style_finish_page(); |
| 1177 | cgi_reply(); |
| 1178 | }else if( !g.fQuiet ){ |
| 1179 | fossil_force_newline(); |
| 1180 | fossil_trace("%s\n", z); |
| 1181 |