• last updated 7 hours ago
Constraints: committers
Constraints: files
Constraints: dates
Fix proc and contract doc elements, so they are properly parsed by apidoc::api_*_documentation.

- @parameter -> @param

- @params -> @param

- Add missing @param

- @cvs -> @cvs-id

- @version -> @cvs-id

  1. … 12 more files in changeset.
reduce verbosity

switch back to previous code based on sec_generate_session_id_cookie to fix persistent logins

make code more robust, when connection is already closed


Re-enabling sec_change_user_auth_token as a mean to invalidate login for a user immediately on every connected client

For reference, see discussions in:

- https://openacs.org/forums/message-view?message_id=1691183

- https://openacs.org/forums/message-view?message_id=5392475

flag current request as being performed via aa_testing

modernize tcl

  1. … 1 more file in changeset.
white space changes

allow access via automated testing also via standard login interface

make spelling of names more consistent

  1. … 5 more files in changeset.
Revert massive replacement of empty list creation sentences. The use of '[list]' instead of '{}' adds semantics that could be used for performance improvements in the future, such as using a different internal representation. There is already work in this direction, avoiding the generation of the string representation during comparison of empty strings (huge thanks to Stefan Sobernig for the pointer: https://core.tcl.tk/tcl/info/44527c632ed609c2).

  1. … 475 more files in changeset.
improve CSP in accordance with Google's csp-evaluator.withgoogle.com

  1. … 1 more file in changeset.
Prefer '{}' to '[list]' when creating empty lists

  1. … 71 more files in changeset.
fix more typos

  1. … 5 more files in changeset.
revert escaped changes

  1. … 1 more file in changeset.
fix more typos

  1. … 4 more files in changeset.
Fix typos

  1. … 42 more files in changeset.
Factor out code for navisever and aolserver

  1. … 3 more files in changeset.
fix typo

  1. … 1 more file in changeset.
add comment

Add TODO item

- use "ad_try" instead of "with_catch"

- use "ad_try" instead of "with_finally"

  1. … 4 more files in changeset.
Bug fix: avoid confusion between command argument and option, when argument starts with "-"

  1. … 81 more files in changeset.
Bugfix ad_user_login

-expire flag for ad_set_signed_cookie (and therefore ad_set_cookie) was not specified by ad_user_login and set false per-default. This prevented parameters to set cookie expiration to have an effect, even when -max_age was correctly specified.

Now we set the -expire flag according to the -forever flag.

merged changes from the oacs-5-9 branch and resolved conflicts

  1. … 7834 more files in changeset.
- add [ad_conn behind_proxy_p] and [ad_conn behind_secure_proxy_p] to centralize logic

- use the new function fix [security::get_qualified_url] when running behind a proxy

  1. … 2 more files in changeset.
- Dont add host_node_id to query parameter when it is set to 0

Provide more infrastructure support for host-node-maps for more flexible domain handling

- add optional -cookie_domain parameter to the following functions




auth::issue_login (wrapper for ad_user_login)

if not specified, the functions are full backward compatible

- add optional parameter -host_node_id to auth::authenticate

which refers to the node_id in the host-node-map

- pass host_node_id from from/to register pages


1) probably, sec_generate_session_id_cookie picks up the wrong

session_id via [ad_conn session_id]

2) check interaction with CookieDomain (probably, we need

must not pass host_node_id wheren CookieDomain is non-empty)

  1. … 7 more files in changeset.
- fix bug for obtaining logout_url on host-node mapped subsites

- factor out security::get_register_subsite to streamline behavior of ad_get_login_url and ad_get_logout_url