Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
27 events for the month beginning 2023-09-01 by user drh
Following month ↑|
2023-09-29
| ||
| 13:41 | • Edit [fb5d53ec1182eaf5|fb5d53ec11]: Cancel background color. ... (artifact: 63e6b210d7 user: drh) | |
| 13:41 | • Edit [d0f15a1b655b9a5f|d0f15a1b65]: Cancel background color. ... (artifact: 2f946b9976 user: drh) | |
| 12:53 | Fix self-registration bug created by the enhanced CSRF defense changes. ... (check-in: 6ae9941860 user: drh tags: trunk) | |
|
2023-09-28
| ||
| 14:15 | Update to the change log. ... (check-in: e3e28f43dc user: drh tags: trunk) | |
| 14:13 | Changing a setting to an empty string is now the same as unsetting that value, in most cases. Settings that are exceptions to the rule are marked with the "keep-empty" flag. Fix for the issue reported by [forum:/forumpost/a17b5fa51d607e3d|forum post a17b5fa51d607e3d]. ... (check-in: 1f6ae1efb4 user: drh tags: trunk) | |
| 14:08 | Minor tweaks to the hash color test page. ... (check-in: 19799565b7 user: drh tags: trunk) | |
| 13:51 | • Edit [fcb40ac9318d405d|fcb40ac931]: Cancel background color. ... (artifact: 103bc238fa user: drh) | |
| 13:51 | The "branch ls" command should flag private branches with -R. ... (check-in: 016f6c5ec5 user: drh tags: trunk) | |
| 13:44 | • Edit [f36e8886c0092f2c|f36e8886c0]: Cancel background color. ... (artifact: ee81bfe777 user: drh) | |
| 13:43 | Remove an unnecessary while() loop. ... (check-in: 225abb37df user: drh tags: trunk) | |
| 13:40 | • Edit [e042be53cf82b776|e042be53cf]: Cancel background color. ... (artifact: 85ee59c19e user: drh) | |
| 13:39 | • Edit [62ab3a1d80204590|62ab3a1d80]: Mark "Closed". ... (artifact: 41b06f5b52 user: drh) | |
| 13:38 | Mark closed leaves with an X on the timeline graph. ... (check-in: 57bea365a3 user: drh tags: trunk) | |
|
2023-09-25
| ||
| 15:47 | If the value of a setting is changed into an empty string, then unset it, except for the rare setting that has the new keep-empty property. ... (Closed-Leaf check-in: b9bbb8d7fd user: drh tags: unset-empty-settings) | |
|
2023-09-19
| ||
| 11:41 | Improvements to documentation for the "patch" command. ... (check-in: 14ebbe9d99 user: drh tags: trunk) | |
| 11:31 | Improvements to help-text HTML formatting. ... (check-in: ccc780f552 user: drh tags: trunk) | |
| 11:19 | Updates to the change log. ... (check-in: 5afa42e4ec user: drh tags: trunk) | |
| 10:42 | Fix a harmless compiler warning in SQLite. This is a direct edit to the imported sqlite3.c file, which will be overwritten the next time we update SQLite. But that's ok since the warning is fixed in the SQLite tree too. ... (check-in: ead5a95b47 user: drh tags: trunk) | |
|
2023-09-18
| ||
| 20:43 | Merge the CSRF-defense enhancements into trunk. ... (check-in: 920ace1739 user: drh tags: trunk) | |
| 17:13 | Omit the SameSite=strict specifier for the login cookie, since that prevents users from clicking a hyperlink on an email notification and then going directly to the relevant page and getting logged in. ... (Closed-Leaf check-in: fc5b49e990 user: drh tags: csrf-defense-enhancement) | |
| 15:36 | Set the "SameSite=strict" value on cookies (used for authentication) as a further defense-in-depth against CSRF attacks. ... (check-in: bc643c32f8 user: drh tags: csrf-defense-enhancement) | |
| 15:24 | Fix forum-post approval buttons so that they send the CSRF token. ... (check-in: bf9974cf8d user: drh tags: csrf-defense-enhancement) | |
| 15:10 | More intensive use of the Synchronizer Token Pattern for CSRF defense. ... (check-in: 0a66be2b75 user: drh tags: csrf-defense-enhancement) | |
| 14:32 | Strengthen CSRF requirements for the skin editor. ... (check-in: 6912636dc3 user: drh tags: csrf-defense-enhancement) | |
| 14:29 | Cleanup forms on the skin editor page. ... (check-in: 5feae3fd75 user: drh tags: csrf-defense-enhancement) | |
| 14:13 | Stronger CSRF token based on a SHA1 hash of the login cookie. ... (check-in: ff3746c4c2 user: drh tags: csrf-defense-enhancement) | |
| 13:18 | Try to simplify and rationalize the defenses against cross-site request forgery attacks. A hodgepodge of techniques have been used in the past. This changes attempts to make everything work more alike and to centralize CSRF defenses for easier auditing. ... (check-in: 88a402fe2a user: drh tags: csrf-defense-enhancement) | |