Fossil SCM
Improvements to automatic hyperlink enabling and robot exclusion.
Commit
f014e1566042c3a802bdcc3f8a4b2d9af80dc040d51c216b45baeefeb1a69998
Parent
50844e5c6be4836…
1 file changed
+16
-19
+16
-19
| --- src/setup.c | ||
| +++ src/setup.c | ||
| @@ -1223,42 +1223,39 @@ | ||
| 1223 | 1223 | |
| 1224 | 1224 | @ <hr /> |
| 1225 | 1225 | onoff_attribute( |
| 1226 | 1226 | "Enable hyperlinks for \"nobody\" based on User-Agent and Javascript", |
| 1227 | 1227 | "auto-hyperlink", "autohyperlink", 1, 0); |
| 1228 | - @ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users | |
| 1229 | - @ including user "nobody", as long as (1) the User-Agent string in the | |
| 1228 | + @ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users, | |
| 1229 | + @ including user "nobody", as long as | |
| 1230 | + @ <ol><li>the User-Agent string in the | |
| 1230 | 1231 | @ HTTP header indicates that the request is coming from an actual human |
| 1231 | - @ being and not a robot or spider and (2) the user agent is able to | |
| 1232 | - @ run Javascript in order to set the href= attribute of hyperlinks. Bots | |
| 1233 | - @ and spiders can forge a User-Agent string that makes them seem to be a | |
| 1234 | - @ normal browser and they can run javascript just like browsers. But most | |
| 1235 | - @ bots do not go to that much trouble so this is normally an effective | |
| 1236 | - @ defense.<p> | |
| 1237 | - @ | |
| 1238 | - @ <p>You do not normally want a bot to walk your entire repository because | |
| 1232 | + @ being, and | |
| 1233 | + @ <li>the user agent is able to | |
| 1234 | + @ run Javascript in order to set the href= attribute of hyperlinks, and | |
| 1235 | + @ <li>mouse movement is detected (optional - see the checkbox below), and | |
| 1236 | + @ <li>a number of milliseconds have passed since the page loaded.</ol> | |
| 1237 | + @ | |
| 1238 | + @ <p>This setting is designed to give easy access to humans while | |
| 1239 | + @ keeping out robots and spiders. | |
| 1240 | + @ You do not normally want a robot to walk your entire repository because | |
| 1239 | 1241 | @ if it does, your server will end up computing diffs and annotations for |
| 1240 | 1242 | @ every historical version of every file and creating ZIPs and tarballs of |
| 1241 | 1243 | @ every historical check-in, which can use a lot of CPU and bandwidth |
| 1242 | 1244 | @ even for relatively small projects.</p> |
| 1243 | 1245 | @ |
| 1244 | 1246 | @ <p>Additional parameters that control this behavior:</p> |
| 1245 | 1247 | @ <blockquote> |
| 1246 | - onoff_attribute("Enable hyperlinks for humans as deduced from the UserAgent " | |
| 1247 | - "string", "auto-hyperlink-ishuman", "ahis", 0, 0); | |
| 1248 | - @ <br /> | |
| 1249 | 1248 | onoff_attribute("Require mouse movement before enabling hyperlinks", |
| 1250 | 1249 | "auto-hyperlink-mouseover", "ahmo", 0, 0); |
| 1251 | 1250 | @ <br /> |
| 1252 | 1251 | entry_attribute("Delay in milliseconds before enabling hyperlinks", 5, |
| 1253 | - "auto-hyperlink-delay", "ah-delay", "10", 0); | |
| 1252 | + "auto-hyperlink-delay", "ah-delay", "50", 0); | |
| 1254 | 1253 | @ </blockquote> |
| 1255 | - @ <p>Hyperlinks for user "nobody" are normally enabled as soon as the page | |
| 1256 | - @ finishes loading. But the first check-box below can be set to require mouse | |
| 1257 | - @ movement before enabling the links. One can also set a delay prior to enabling | |
| 1258 | - @ links by enter a positive number of milliseconds in the entry box above.</p> | |
| 1259 | - @ (Properties: "auto-hyperlink", "auto-hyperlink-ishuman", | |
| 1254 | + @ <p>For maximum robot defense, the "require mouse movement" should | |
| 1255 | + @ be turned on and the "Delay" should be at least 50 milliseconds.</p> | |
| 1256 | + @ (Properties: "auto-hyperlink", | |
| 1260 | 1257 | @ "auto-hyperlink-mouseover", and "auto-hyperlink-delay")</p> |
| 1261 | 1258 | |
| 1262 | 1259 | @ <hr /> |
| 1263 | 1260 | onoff_attribute("Require a CAPTCHA if not logged in", |
| 1264 | 1261 | "require-captcha", "reqcapt", 1, 0); |
| 1265 | 1262 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -1223,42 +1223,39 @@ | |
| 1223 | |
| 1224 | @ <hr /> |
| 1225 | onoff_attribute( |
| 1226 | "Enable hyperlinks for \"nobody\" based on User-Agent and Javascript", |
| 1227 | "auto-hyperlink", "autohyperlink", 1, 0); |
| 1228 | @ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users |
| 1229 | @ including user "nobody", as long as (1) the User-Agent string in the |
| 1230 | @ HTTP header indicates that the request is coming from an actual human |
| 1231 | @ being and not a robot or spider and (2) the user agent is able to |
| 1232 | @ run Javascript in order to set the href= attribute of hyperlinks. Bots |
| 1233 | @ and spiders can forge a User-Agent string that makes them seem to be a |
| 1234 | @ normal browser and they can run javascript just like browsers. But most |
| 1235 | @ bots do not go to that much trouble so this is normally an effective |
| 1236 | @ defense.<p> |
| 1237 | @ |
| 1238 | @ <p>You do not normally want a bot to walk your entire repository because |
| 1239 | @ if it does, your server will end up computing diffs and annotations for |
| 1240 | @ every historical version of every file and creating ZIPs and tarballs of |
| 1241 | @ every historical check-in, which can use a lot of CPU and bandwidth |
| 1242 | @ even for relatively small projects.</p> |
| 1243 | @ |
| 1244 | @ <p>Additional parameters that control this behavior:</p> |
| 1245 | @ <blockquote> |
| 1246 | onoff_attribute("Enable hyperlinks for humans as deduced from the UserAgent " |
| 1247 | "string", "auto-hyperlink-ishuman", "ahis", 0, 0); |
| 1248 | @ <br /> |
| 1249 | onoff_attribute("Require mouse movement before enabling hyperlinks", |
| 1250 | "auto-hyperlink-mouseover", "ahmo", 0, 0); |
| 1251 | @ <br /> |
| 1252 | entry_attribute("Delay in milliseconds before enabling hyperlinks", 5, |
| 1253 | "auto-hyperlink-delay", "ah-delay", "10", 0); |
| 1254 | @ </blockquote> |
| 1255 | @ <p>Hyperlinks for user "nobody" are normally enabled as soon as the page |
| 1256 | @ finishes loading. But the first check-box below can be set to require mouse |
| 1257 | @ movement before enabling the links. One can also set a delay prior to enabling |
| 1258 | @ links by enter a positive number of milliseconds in the entry box above.</p> |
| 1259 | @ (Properties: "auto-hyperlink", "auto-hyperlink-ishuman", |
| 1260 | @ "auto-hyperlink-mouseover", and "auto-hyperlink-delay")</p> |
| 1261 | |
| 1262 | @ <hr /> |
| 1263 | onoff_attribute("Require a CAPTCHA if not logged in", |
| 1264 | "require-captcha", "reqcapt", 1, 0); |
| 1265 |
| --- src/setup.c | |
| +++ src/setup.c | |
| @@ -1223,42 +1223,39 @@ | |
| 1223 | |
| 1224 | @ <hr /> |
| 1225 | onoff_attribute( |
| 1226 | "Enable hyperlinks for \"nobody\" based on User-Agent and Javascript", |
| 1227 | "auto-hyperlink", "autohyperlink", 1, 0); |
| 1228 | @ <p>Enable hyperlinks (the equivalent of the "h" permission) for all users, |
| 1229 | @ including user "nobody", as long as |
| 1230 | @ <ol><li>the User-Agent string in the |
| 1231 | @ HTTP header indicates that the request is coming from an actual human |
| 1232 | @ being, and |
| 1233 | @ <li>the user agent is able to |
| 1234 | @ run Javascript in order to set the href= attribute of hyperlinks, and |
| 1235 | @ <li>mouse movement is detected (optional - see the checkbox below), and |
| 1236 | @ <li>a number of milliseconds have passed since the page loaded.</ol> |
| 1237 | @ |
| 1238 | @ <p>This setting is designed to give easy access to humans while |
| 1239 | @ keeping out robots and spiders. |
| 1240 | @ You do not normally want a robot to walk your entire repository because |
| 1241 | @ if it does, your server will end up computing diffs and annotations for |
| 1242 | @ every historical version of every file and creating ZIPs and tarballs of |
| 1243 | @ every historical check-in, which can use a lot of CPU and bandwidth |
| 1244 | @ even for relatively small projects.</p> |
| 1245 | @ |
| 1246 | @ <p>Additional parameters that control this behavior:</p> |
| 1247 | @ <blockquote> |
| 1248 | onoff_attribute("Require mouse movement before enabling hyperlinks", |
| 1249 | "auto-hyperlink-mouseover", "ahmo", 0, 0); |
| 1250 | @ <br /> |
| 1251 | entry_attribute("Delay in milliseconds before enabling hyperlinks", 5, |
| 1252 | "auto-hyperlink-delay", "ah-delay", "50", 0); |
| 1253 | @ </blockquote> |
| 1254 | @ <p>For maximum robot defense, the "require mouse movement" should |
| 1255 | @ be turned on and the "Delay" should be at least 50 milliseconds.</p> |
| 1256 | @ (Properties: "auto-hyperlink", |
| 1257 | @ "auto-hyperlink-mouseover", and "auto-hyperlink-delay")</p> |
| 1258 | |
| 1259 | @ <hr /> |
| 1260 | onoff_attribute("Require a CAPTCHA if not logged in", |
| 1261 | "require-captcha", "reqcapt", 1, 0); |
| 1262 |