Fossil SCM
Allow /xfer to service anonymous clones if they have any of the Clone, Zip, or Read permissions. This is a temporary measure, as described in the code's comments.
Commit
f9547c7c846d79d9debebf9a7f8181a4232533b24d017a020f4b2eb3add71c41
Parent
b8731485b028989…
1 file changed
+11
+11
| --- src/xfer.c | ||
| +++ src/xfer.c | ||
| @@ -1297,10 +1297,21 @@ | ||
| 1297 | 1297 | } |
| 1298 | 1298 | g.zLogin = "anonymous"; |
| 1299 | 1299 | login_set_anon_nobody_capabilities(); |
| 1300 | 1300 | login_check_credentials(); |
| 1301 | 1301 | cgi_check_for_malice(); |
| 1302 | +#if 1 | |
| 1303 | + /* | |
| 1304 | + ** 2025-08-15: temporary measure for | |
| 1305 | + ** https://sqlite.org/forum/forumpost/7d3eb059f81ff694 | |
| 1306 | + ** specifically the response at | |
| 1307 | + ** https://sqlite.org/forum/forumpost/e735c8c142. | |
| 1308 | + */ | |
| 1309 | + if( g.perm.Clone || g.perm.Read || g.perm.Zip ){ | |
| 1310 | + g.perm.Read = g.perm.Clone = 1; | |
| 1311 | + } | |
| 1312 | +#endif | |
| 1302 | 1313 | memset(&xfer, 0, sizeof(xfer)); |
| 1303 | 1314 | blobarray_zero(xfer.aToken, count(xfer.aToken)); |
| 1304 | 1315 | cgi_set_content_type(g.zContentType); |
| 1305 | 1316 | cgi_reset_content(); |
| 1306 | 1317 | if( db_schema_is_outofdate() ){ |
| 1307 | 1318 |
| --- src/xfer.c | |
| +++ src/xfer.c | |
| @@ -1297,10 +1297,21 @@ | |
| 1297 | } |
| 1298 | g.zLogin = "anonymous"; |
| 1299 | login_set_anon_nobody_capabilities(); |
| 1300 | login_check_credentials(); |
| 1301 | cgi_check_for_malice(); |
| 1302 | memset(&xfer, 0, sizeof(xfer)); |
| 1303 | blobarray_zero(xfer.aToken, count(xfer.aToken)); |
| 1304 | cgi_set_content_type(g.zContentType); |
| 1305 | cgi_reset_content(); |
| 1306 | if( db_schema_is_outofdate() ){ |
| 1307 |
| --- src/xfer.c | |
| +++ src/xfer.c | |
| @@ -1297,10 +1297,21 @@ | |
| 1297 | } |
| 1298 | g.zLogin = "anonymous"; |
| 1299 | login_set_anon_nobody_capabilities(); |
| 1300 | login_check_credentials(); |
| 1301 | cgi_check_for_malice(); |
| 1302 | #if 1 |
| 1303 | /* |
| 1304 | ** 2025-08-15: temporary measure for |
| 1305 | ** https://sqlite.org/forum/forumpost/7d3eb059f81ff694 |
| 1306 | ** specifically the response at |
| 1307 | ** https://sqlite.org/forum/forumpost/e735c8c142. |
| 1308 | */ |
| 1309 | if( g.perm.Clone || g.perm.Read || g.perm.Zip ){ |
| 1310 | g.perm.Read = g.perm.Clone = 1; |
| 1311 | } |
| 1312 | #endif |
| 1313 | memset(&xfer, 0, sizeof(xfer)); |
| 1314 | blobarray_zero(xfer.aToken, count(xfer.aToken)); |
| 1315 | cgi_set_content_type(g.zContentType); |
| 1316 | cgi_reset_content(); |
| 1317 | if( db_schema_is_outofdate() ){ |
| 1318 |