Fossil SCM
Change the name of the robot-test cookie to fossil-client-ok. Decode that cookie's meaning on the /cookies page.
Commit
dc2232c6bd984e623b92236c748372c727a80ae1baf05544b889a2a43b0a9580
Parent
1bdda5d01d7f477…
2 files changed
+4
+13
-7
+4
| --- src/cookies.c | ||
| +++ src/cookies.c | ||
| @@ -282,10 +282,14 @@ | ||
| 282 | 282 | && hex_prefix_length(&zName[7])==16 |
| 283 | 283 | && hex_prefix_length(zValue)>24 |
| 284 | 284 | ){ |
| 285 | 285 | @ <p>This appears to be a login cookie for another Fossil repository |
| 286 | 286 | @ in the same website. |
| 287 | + }else | |
| 288 | + if( fossil_strcmp(zName, ROBOT_COOKIE)==0 ){ | |
| 289 | + @ <p>This cookie shows that your web-browser has been tested is | |
| 290 | + @ believed to be operated by a human, not a robot. | |
| 287 | 291 | } |
| 288 | 292 | else { |
| 289 | 293 | @ <p>This cookie was not generated by Fossil. It might be something |
| 290 | 294 | @ from another program on the same website. |
| 291 | 295 | } |
| 292 | 296 |
| --- src/cookies.c | |
| +++ src/cookies.c | |
| @@ -282,10 +282,14 @@ | |
| 282 | && hex_prefix_length(&zName[7])==16 |
| 283 | && hex_prefix_length(zValue)>24 |
| 284 | ){ |
| 285 | @ <p>This appears to be a login cookie for another Fossil repository |
| 286 | @ in the same website. |
| 287 | } |
| 288 | else { |
| 289 | @ <p>This cookie was not generated by Fossil. It might be something |
| 290 | @ from another program on the same website. |
| 291 | } |
| 292 |
| --- src/cookies.c | |
| +++ src/cookies.c | |
| @@ -282,10 +282,14 @@ | |
| 282 | && hex_prefix_length(&zName[7])==16 |
| 283 | && hex_prefix_length(zValue)>24 |
| 284 | ){ |
| 285 | @ <p>This appears to be a login cookie for another Fossil repository |
| 286 | @ in the same website. |
| 287 | }else |
| 288 | if( fossil_strcmp(zName, ROBOT_COOKIE)==0 ){ |
| 289 | @ <p>This cookie shows that your web-browser has been tested is |
| 290 | @ believed to be operated by a human, not a robot. |
| 291 | } |
| 292 | else { |
| 293 | @ <p>This cookie was not generated by Fossil. It might be something |
| 294 | @ from another program on the same website. |
| 295 | } |
| 296 |
+13
-7
| --- src/robot.c | ||
| +++ src/robot.c | ||
| @@ -22,11 +22,17 @@ | ||
| 22 | 22 | #include "config.h" |
| 23 | 23 | #include "robot.h" |
| 24 | 24 | #include <assert.h> |
| 25 | 25 | #include <time.h> |
| 26 | 26 | |
| 27 | -#define POW_COOKIE "fossil-proofofwork" | |
| 27 | +/* | |
| 28 | +** The name of the cookie used to demonstrate that the client has been | |
| 29 | +** tested and is believed to be operated by a human, not by a robot. | |
| 30 | +*/ | |
| 31 | +#if INTERFACE | |
| 32 | +#define ROBOT_COOKIE "fossil-client-ok" | |
| 33 | +#endif | |
| 28 | 34 | |
| 29 | 35 | /* |
| 30 | 36 | ** Rewrite the current page with a robot squelch captcha and return 1. |
| 31 | 37 | ** |
| 32 | 38 | ** Or, if valid proof-of-work is present as either a query parameter or |
| @@ -63,14 +69,14 @@ | ||
| 63 | 69 | h2 = (h2 % 900000000) + 100000000; |
| 64 | 70 | |
| 65 | 71 | /* If there is already a proof-of-work cookie with this value |
| 66 | 72 | ** that means that the user agent has already authenticated. |
| 67 | 73 | */ |
| 68 | - z = P(POW_COOKIE); | |
| 74 | + z = P(ROBOT_COOKIE); | |
| 69 | 75 | if( z |
| 70 | 76 | && (atoi(z)==h1 || atoi(z)==h2) |
| 71 | - && !cgi_is_qp(POW_COOKIE) ){ | |
| 77 | + && !cgi_is_qp(ROBOT_COOKIE) ){ | |
| 72 | 78 | return 0; |
| 73 | 79 | } |
| 74 | 80 | |
| 75 | 81 | /* Check for a proof query parameter. If found, that means that |
| 76 | 82 | ** the captcha has just now passed, so set the proof-of-work cookie |
| @@ -78,11 +84,11 @@ | ||
| 78 | 84 | */ |
| 79 | 85 | z = P("proof"); |
| 80 | 86 | if( z |
| 81 | 87 | && (atoi(z)==h1 || atoi(z)==h2) |
| 82 | 88 | ){ |
| 83 | - cgi_set_cookie(POW_COOKIE,z,"/",900); | |
| 89 | + cgi_set_cookie(ROBOT_COOKIE,z,"/",900); | |
| 84 | 90 | return 0; |
| 85 | 91 | } |
| 86 | 92 | cgi_tag_query_parameter("proof"); |
| 87 | 93 | |
| 88 | 94 | /* Ask the client to present proof-of-work */ |
| @@ -193,11 +199,11 @@ | ||
| 193 | 199 | ** page will reset the cookie and restart the verification. |
| 194 | 200 | */ |
| 195 | 201 | void robot_restrict_test_page(void){ |
| 196 | 202 | const char *zName = P("name"); |
| 197 | 203 | const char *zP1 = P("proof"); |
| 198 | - const char *zP2 = P(POW_COOKIE); | |
| 204 | + const char *zP2 = P(ROBOT_COOKIE); | |
| 199 | 205 | const char *z; |
| 200 | 206 | if( zName==0 || zName[0]==0 ) zName = g.zPath; |
| 201 | 207 | login_check_credentials(); |
| 202 | 208 | if( g.zLogin==0 ){ login_needed(1); return; } |
| 203 | 209 | g.zLogin = 0; |
| @@ -209,16 +215,16 @@ | ||
| 209 | 215 | @ <p> |
| 210 | 216 | if( zP1 && zP1[0] ){ |
| 211 | 217 | @ proof=%h(zP1)<br> |
| 212 | 218 | } |
| 213 | 219 | if( zP2 && zP2[0] ){ |
| 214 | - @ fossil_proofofwork=%h(zP2)<br> | |
| 215 | - cgi_set_cookie(POW_COOKIE,"",0,-1); | |
| 220 | + @ %h(ROBOT_COOKIE)=%h(zP2)<br> | |
| 221 | + cgi_set_cookie(ROBOT_COOKIE,"",0,-1); | |
| 216 | 222 | } |
| 217 | 223 | z = db_get("robot-restrict",robot_restrict_default()); |
| 218 | 224 | if( z && z[0] ){ |
| 219 | 225 | @ robot-restrict=%h(z)</br> |
| 220 | 226 | } |
| 221 | 227 | @ </p> |
| 222 | 228 | @ <p><a href="%R/test-robotck/%h(zName)">Retry</a> |
| 223 | 229 | style_finish_page(); |
| 224 | 230 | } |
| 225 | 231 |
| --- src/robot.c | |
| +++ src/robot.c | |
| @@ -22,11 +22,17 @@ | |
| 22 | #include "config.h" |
| 23 | #include "robot.h" |
| 24 | #include <assert.h> |
| 25 | #include <time.h> |
| 26 | |
| 27 | #define POW_COOKIE "fossil-proofofwork" |
| 28 | |
| 29 | /* |
| 30 | ** Rewrite the current page with a robot squelch captcha and return 1. |
| 31 | ** |
| 32 | ** Or, if valid proof-of-work is present as either a query parameter or |
| @@ -63,14 +69,14 @@ | |
| 63 | h2 = (h2 % 900000000) + 100000000; |
| 64 | |
| 65 | /* If there is already a proof-of-work cookie with this value |
| 66 | ** that means that the user agent has already authenticated. |
| 67 | */ |
| 68 | z = P(POW_COOKIE); |
| 69 | if( z |
| 70 | && (atoi(z)==h1 || atoi(z)==h2) |
| 71 | && !cgi_is_qp(POW_COOKIE) ){ |
| 72 | return 0; |
| 73 | } |
| 74 | |
| 75 | /* Check for a proof query parameter. If found, that means that |
| 76 | ** the captcha has just now passed, so set the proof-of-work cookie |
| @@ -78,11 +84,11 @@ | |
| 78 | */ |
| 79 | z = P("proof"); |
| 80 | if( z |
| 81 | && (atoi(z)==h1 || atoi(z)==h2) |
| 82 | ){ |
| 83 | cgi_set_cookie(POW_COOKIE,z,"/",900); |
| 84 | return 0; |
| 85 | } |
| 86 | cgi_tag_query_parameter("proof"); |
| 87 | |
| 88 | /* Ask the client to present proof-of-work */ |
| @@ -193,11 +199,11 @@ | |
| 193 | ** page will reset the cookie and restart the verification. |
| 194 | */ |
| 195 | void robot_restrict_test_page(void){ |
| 196 | const char *zName = P("name"); |
| 197 | const char *zP1 = P("proof"); |
| 198 | const char *zP2 = P(POW_COOKIE); |
| 199 | const char *z; |
| 200 | if( zName==0 || zName[0]==0 ) zName = g.zPath; |
| 201 | login_check_credentials(); |
| 202 | if( g.zLogin==0 ){ login_needed(1); return; } |
| 203 | g.zLogin = 0; |
| @@ -209,16 +215,16 @@ | |
| 209 | @ <p> |
| 210 | if( zP1 && zP1[0] ){ |
| 211 | @ proof=%h(zP1)<br> |
| 212 | } |
| 213 | if( zP2 && zP2[0] ){ |
| 214 | @ fossil_proofofwork=%h(zP2)<br> |
| 215 | cgi_set_cookie(POW_COOKIE,"",0,-1); |
| 216 | } |
| 217 | z = db_get("robot-restrict",robot_restrict_default()); |
| 218 | if( z && z[0] ){ |
| 219 | @ robot-restrict=%h(z)</br> |
| 220 | } |
| 221 | @ </p> |
| 222 | @ <p><a href="%R/test-robotck/%h(zName)">Retry</a> |
| 223 | style_finish_page(); |
| 224 | } |
| 225 |
| --- src/robot.c | |
| +++ src/robot.c | |
| @@ -22,11 +22,17 @@ | |
| 22 | #include "config.h" |
| 23 | #include "robot.h" |
| 24 | #include <assert.h> |
| 25 | #include <time.h> |
| 26 | |
| 27 | /* |
| 28 | ** The name of the cookie used to demonstrate that the client has been |
| 29 | ** tested and is believed to be operated by a human, not by a robot. |
| 30 | */ |
| 31 | #if INTERFACE |
| 32 | #define ROBOT_COOKIE "fossil-client-ok" |
| 33 | #endif |
| 34 | |
| 35 | /* |
| 36 | ** Rewrite the current page with a robot squelch captcha and return 1. |
| 37 | ** |
| 38 | ** Or, if valid proof-of-work is present as either a query parameter or |
| @@ -63,14 +69,14 @@ | |
| 69 | h2 = (h2 % 900000000) + 100000000; |
| 70 | |
| 71 | /* If there is already a proof-of-work cookie with this value |
| 72 | ** that means that the user agent has already authenticated. |
| 73 | */ |
| 74 | z = P(ROBOT_COOKIE); |
| 75 | if( z |
| 76 | && (atoi(z)==h1 || atoi(z)==h2) |
| 77 | && !cgi_is_qp(ROBOT_COOKIE) ){ |
| 78 | return 0; |
| 79 | } |
| 80 | |
| 81 | /* Check for a proof query parameter. If found, that means that |
| 82 | ** the captcha has just now passed, so set the proof-of-work cookie |
| @@ -78,11 +84,11 @@ | |
| 84 | */ |
| 85 | z = P("proof"); |
| 86 | if( z |
| 87 | && (atoi(z)==h1 || atoi(z)==h2) |
| 88 | ){ |
| 89 | cgi_set_cookie(ROBOT_COOKIE,z,"/",900); |
| 90 | return 0; |
| 91 | } |
| 92 | cgi_tag_query_parameter("proof"); |
| 93 | |
| 94 | /* Ask the client to present proof-of-work */ |
| @@ -193,11 +199,11 @@ | |
| 199 | ** page will reset the cookie and restart the verification. |
| 200 | */ |
| 201 | void robot_restrict_test_page(void){ |
| 202 | const char *zName = P("name"); |
| 203 | const char *zP1 = P("proof"); |
| 204 | const char *zP2 = P(ROBOT_COOKIE); |
| 205 | const char *z; |
| 206 | if( zName==0 || zName[0]==0 ) zName = g.zPath; |
| 207 | login_check_credentials(); |
| 208 | if( g.zLogin==0 ){ login_needed(1); return; } |
| 209 | g.zLogin = 0; |
| @@ -209,16 +215,16 @@ | |
| 215 | @ <p> |
| 216 | if( zP1 && zP1[0] ){ |
| 217 | @ proof=%h(zP1)<br> |
| 218 | } |
| 219 | if( zP2 && zP2[0] ){ |
| 220 | @ %h(ROBOT_COOKIE)=%h(zP2)<br> |
| 221 | cgi_set_cookie(ROBOT_COOKIE,"",0,-1); |
| 222 | } |
| 223 | z = db_get("robot-restrict",robot_restrict_default()); |
| 224 | if( z && z[0] ){ |
| 225 | @ robot-restrict=%h(z)</br> |
| 226 | } |
| 227 | @ </p> |
| 228 | @ <p><a href="%R/test-robotck/%h(zName)">Retry</a> |
| 229 | style_finish_page(); |
| 230 | } |
| 231 |