50 events occurring on or before 2016-11-08 06:18:54.
More ↑
2016-11-08
| ||
06:18 | Added escape of \n \r as option to session:apply-type-preference Leaf check-in: 7592869969 user: matt tags: crypt | |
2016-10-21
| ||
04:29 | • Edit [1b5a5d3a6e]: Move to branch crypt... artifact: 1fe5668150 user: matt | |
04:28 | • Edit [1241e8996c]: Marked "Closed". artifact: 243edaa898 user: matt | |
2016-10-20
| ||
17:53 |
Replace external openssl call with "crypt" egg.
The OpenSSL call was using the old UNIX crypt DES password hashing, which is very weak. Crypt will default to a more sensible mechanism (Blowfish, but in the future could transparently switch). Old passwords will continue to work, because the crypt egg detects DES salts and happily hashes them. When creating new passwords, they will be hashed using the modern algorithm. The OpenSSL call passed the password to the shell, so an onlooker on the server could see it in plaintext. It also neglected to escape the password for the shell, resulting in a command injection vulnerability. check-in: 1b5a5d3a6e user: sjamaan tags: crypt | |
17:50 | Create new branch named "crypt" Closed-Leaf check-in: 1241e8996c user: sjamaan tags: crypt | |
2016-09-25
| ||
17:10 | Added conversion to s:session-var-get. WARNING: Need to use 'raw in many cases check-in: 445ea184ae user: matt tags: trunk | |
2016-09-24
| ||
07:07 | Added recovery from bad form. but it is broken and I don't know why. Still seems rare ... check-in: 44c407806c user: matt tags: trunk | |
2016-09-22
| ||
06:28 | Added safe handling for params check-in: 4bccacb50f user: matt tags: trunk | |
2016-09-21
| ||
04:34 | Oops. Use the string result. check-in: 8c0e13bea5 user: matt tags: trunk | |
04:31 | Trim \n sillyness from escaped strings check-in: 8b94f6cb84 user: matt tags: trunk | |
2016-09-19
| ||
06:05 | Oops. missed setup.scm check-in: 4b5ced8c71 user: matt tags: trunk | |
05:55 | Add filtering to s:get-input. Switch to dbi. check-in: e78a65d865 user: matt tags: trunk | |
2016-07-28
| ||
06:46 | emit limited debug info to the user if not in debug mode. Give name of log file check-in: bd6f7bf73b user: matt tags: trunk | |
06:36 | emit limited debug info to the user if not in debug mode. Give name of log file check-in: e9e91f635f user: matt tags: trunk | |
2016-07-10
| ||
04:53 | Fixed fork again check-in: 77503f3f5c user: kiatoaco tags: trunk | |
2016-05-14
| ||
19:44 | Merged fork check-in: f3b21cf7d2 user: matt tags: trunk | |
19:42 | Added comment on fPIC and added clean target check-in: 3b621651c1 user: matt tags: trunk | |
16:40 | Added hint regarding fPIC to INSTALL file check-in: 5f818de536 user: matt tags: trunk | |
2015-12-28
| ||
03:35 | • Changes to wiki page stml artifact: 452f5a4b24 user: matt | |
03:34 | • Changes to wiki page stml artifact: 3a0ff84f76 user: matt | |
03:34 | Added snip of stml code from Kiatoa project check-in: 7c85b0da59 user: matt tags: trunk | |
03:33 | • Changes to wiki page stml artifact: 2da6bb4f0c user: matt | |
03:17 | • Changes to wiki page stml artifact: b526a1c6d5 user: matt | |
03:12 | • Changes to wiki page stml artifact: 4e47a8e5e4 user: matt | |
2015-12-22
| ||
06:12 | Return empty string if stuff to output isn't recognised check-in: 4c0940a61f user: matt tags: trunk | |
03:27 | Merged selfcontained back to trunk check-in: f276a48081 user: matt tags: trunk | |
2015-11-15
| ||
02:20 | deal somewhat gracefully with improper %num escaped char in URL Leaf check-in: 332033f93f user: matt tags: selfcontained | |
2015-10-28
| ||
06:17 | Corrected get-path-params from get-page-params check-in: 460f848f5f user: matt tags: selfcontained | |
2015-10-27
| ||
03:54 | Added s:button check-in: 6fc4c3e74b user: matt tags: selfcontained | |
2015-09-27
| ||
06:05 | Added s:hd check-in: f0e4b568c0 user: matt tags: selfcontained | |
2015-04-14
| ||
04:45 | Merged selfcontained back to trunk check-in: d3fdfad50d user: matt tags: trunk | |
2015-01-27
| ||
05:02 | Tweaked config file locating. Added thead and tbody. check-in: f4a40c5778 user: matt tags: selfcontained | |
2015-01-25
| ||
21:20 | Little bit done on documentation check-in: 36a29ccc0a user: matt tags: selfcontained | |
2014-09-03
| ||
06:14 | Added message to Makefile to hint that fpic is needed check-in: 15ba418938 user: kiatoaco tags: selfcontained | |
05:46 | Converted to using openssl for crypt. Added type checks to password compare to fix empty password compare failing check-in: 1936d7e2b4 user: matt tags: selfcontained | |
2014-06-09
| ||
04:02 | Borked repo. Put on branch Leaf check-in: a29c1867df user: matt tags: wacked | |
2014-04-17
| ||
06:26 | Added method to get all input keys. Made get from forms be liberal and take either string or symbol check-in: a7378b56d4 user: matt tags: selfcontained | |
2013-11-18
| ||
06:24 | Added note to makefile on compiling on bluehost check-in: 6dcf12e9a9 user: kiatoaco tags: selfcontained | |
2013-10-26
| ||
04:26 | Added some sugar; a default to s:shared-get and s:label check-in: 53f9eeed61 user: matt tags: selfcontained | |
2013-09-22
| ||
17:35 | Reworked howto. Added s:shared-hash, added s:if to sugar.scm check-in: 9cde8a89e8 user: matt tags: selfcontained | |
05:25 | Added some document snippets. Improved page handling/loading logic to provide message if page not found and option to not compile pages check-in: 886293086d user: matt tags: selfcontained | |
03:21 | • Changes to wiki page stml artifact: 2fd055dff2 user: matt | |
03:20 | • Changes to wiki page stml artifact: 6592680fe8 user: matt | |
03:18 | • Changes to wiki page Howto artifact: f0a6adeb65 user: matt | |
03:17 | • Changes to wiki page stml artifact: c814265d40 user: matt | |
2013-08-03
| ||
17:47 | Commented out postgreql in requirements.scm.template check-in: bd41580f94 user: matt tags: v0.901, selfcontained | |
17:33 | • Edit [6497bed82c]: Add tag "v0.9". artifact: 76f023ff9f user: matt | |
2013-06-05
| ||
07:13 | Added s:h3 and s:h4 check-in: 6497bed82c user: matt tags: v0.9, selfcontained | |
2013-05-24
| ||
21:38 | Removed unnecessary output messages. check-in: e9a3ddb76a user: matt tags: selfcontained | |
2013-05-21
| ||
08:25 | bit messed up but converging on modularized and single-exe check-in: 320ab4e791 user: matt tags: selfcontained | |