| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | about: path_info might not be valid | Jason A. Donenfeld | 2016-02-26 | 1 | -1/+2 |
| * | tabs: do not use target=_blank | Jason A. Donenfeld | 2016-02-23 | 1 | -1/+1 |
| * | css: fix indentation | Jason A. Donenfeld | 2016-02-23 | 1 | -4/+4 |
| * | css: use less blurry icon for external link•••Your mileage may vary, but for me the old icon looks blurry. The new
one is character 0xf08e from OTF font awsome in size 10.
The icon color is black, gray level is adjusted via opacity.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2016-02-23 | 1 | -1/+2 |
| * | md2html: Do syntax highlighting too | Jason A. Donenfeld | 2016-02-23 | 1 | -1/+5 |
| * | git: update to v2.7.2•••Update to git version v2.7.2, no changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2016-02-23 | 2 | -1/+1 |
| * | ui-plain: fix to show a repo's root directory listing in plain view•••This is to fix the case of accessing http://host.com/cgit.cgi/repo.git/plain/
There is code here to make this case work (match_baselen is set to -1
for top-of-the-tree views) but the unsigned to signed comparison was
always false in this case, causing an empty directory listing without
this fix.
Signed-off-by: Joe Anakata <jea-signup-github@anakata.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Joe Anakata | 2016-02-22 | 1 | -1/+1 |
| * | cmd: redirect empty about/ to homepage or summary•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2016-02-22 | 1 | -1/+10 |
| * | ui-shared: add homepage to tabs•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2016-02-22 | 7 | -5/+26 |
| * | ui-atom: avoid DATE_STRFTIME•••Git's DATE_STRFTIME ignores the timezone argument and just uses the
local timezone regardless of whether the "local" flag is set.
Since Atom accepts ISO8601 dates [1], we can use Git's
DATE_ISO8601_STRICT instead, which does get this right. Additionally,
we never use the local timezone here so we can use the
date_mode_from_type() wrapper to simplify the code a bit.
[1] https://tools.ietf.org/html/rfc4287#section-3.3
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 2 | -12/+4 |
| * | Avoid DATE_STRFTIME for long/short dates•••Git's DATE_STRFTIME ignores the timezone argument and just uses the
local timezone regardless of whether the "local" flag is set.
Since our existing FMT_LONGDATE and FMT_SHORTDATE are pretty-much
perfect matches to DATE_ISO8601 and DATE_SHORT, switch to taking a
date_mode_type directly in cgit_date_mode().
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 5 | -13/+10 |
| * | ui-stats: cast pointer before checking for zero•••We abuse the "void *util" field as a counter and recently started to
cast it to a uintptr_t to avoid risking nasal demons by performing
arithmetic on a void pointer.
However, compilers are also known to do "interesting" things if they
know that a pointer is or isn't NULL. Make this safer by checking if
the counter (after casting) is non-zero rather than checking if the
pointer is non-null.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 1 | -2/+2 |
| * | ui-stats: if we're going to abuse void*, do it safely | Jason A. Donenfeld | 2016-02-08 | 1 | -10/+7 |
| * | git: update to v2.7.1•••Update to git version v2.7.1, no changes required.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2016-02-08 | 2 | -1/+1 |
| * | ui-shared: remove cgit_print_date()•••There are no longer any users of this function.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 2 | -21/+0 |
| * | ui-atom: use show_date directly for atom dates•••This will allow us to remove cgit_print_date and use Git's show_date
consistently.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 1 | -2/+7 |
| * | ui-shared: use show_date for footer timestamp•••Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 1 | -1/+1 |
| * | ui: show ages in the originator's timezone•••This affects the tooltip showing the full time and the case when a date
is sufficiently old to be shown in full rather than as an offset.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 5 | -18/+18 |
| * | ui-{commit,tag}: show dates in originator's timezone•••This is done by switching to Git's show_date() function and the mode
given by cgit_date_mode().
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 2 | -3/+6 |
| * | ui-shared: add cgit_date_mode()•••This returns the correct mode value for use with Git's show_date() based
on the current CGit configuration and will be used in the following
patches.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 2 | -0/+10 |
| * | parsing: add timezone to ident structures•••This will allow us to mimic Git's behaviour of showing times in the
originator's timezone when displaying commits and tags.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 2 | -4/+9 |
| * | ui-shared: remove "format" from cgit_print_age()•••We never use any format other than FMT_SHORTDATE, so move that into the
function.
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-02-08 | 5 | -9/+9 |
| * | ui-tree: put reverse path in title | Jason A. Donenfeld | 2016-01-18 | 1 | -0/+34 |
| * | syntax-highlighting: always use utf-8 to avoid ascii codec issues | Jason A. Donenfeld | 2016-01-18 | 1 | -0/+3 |
| * | cache: don't check for match with no key•••We call open_slot() from cache_ls() without a key since we simply want
to read the path out of the header. Should the file happen to contain
an empty key then we end up calling memcmp() with NULL and a non-zero
length. Fix this by assigning slot->match only if a key is set, which
is always will be in the code paths where we use slot->match.
Coverity-id: 13807
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-01-17 | 1 | -2/+3 |
| * | cache: use size_t for string lengths•••Avoid integer truncation on 64-bit systems.
Coverity-id: 13864
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-01-17 | 1 | -2/+2 |
| * | ui-log: handle parse_commit() errors•••If parse_commit() fails, none of the fields in the commit structure will
have been populated so we will dereference NULL when accessing
item->tree.
There isn't much we can do about the error at this point, but if we
return true then we'll try parsing the commit again from print_commit()
and we can report an error to the user at that point.
Coverity-id: 13801
Signed-off-by: John Keeping <john@keeping.me.uk>
| John Keeping | 2016-01-17 | 1 | -1/+3 |
| * | Bump version | Jason A. Donenfeld | 2016-01-14 | 1 | -1/+1 |
| * | ui-plain: add enable-html-serving flag•••Unrestricts plain/ to contents likely to be executed by browser.
| Jason A. Donenfeld | 2016-01-14 | 5 | -0/+29 |
| * | ui-blob: set CSP just in case | Jason A. Donenfeld | 2016-01-14 | 1 | -0/+3 |
| * | ui-blob: always use generic mimetypes | Jason A. Donenfeld | 2016-01-14 | 1 | -6/+4 |
| * | ui-blob: Do not accept mimetype from user | Jason A. Donenfeld | 2016-01-14 | 3 | -4/+0 |
| * | ui-shared: prevent malicious filename from injecting headers | Jason A. Donenfeld | 2016-01-14 | 3 | -3/+32 |
| * | ui-shared: Avoid new line injection into redirect header | Jason A. Donenfeld | 2016-01-14 | 1 | -1/+3 |
| * | Fix missing prototype declarations•••Signed-off-by: Peter Colberg <peter@colberg.org>
| Peter Colberg | 2016-01-14 | 6 | -15/+15 |
| * | ui-repolist: return HTTP 404 if no repositories found•••Return HTTP status code 404 Not found when querying a non-existent
repository, which signals to search engines that a repository no
longer exists. Further, some webservers such as nginx permit
logging requests to different files depending on the HTTP code.
Signed-off-by: Peter Colberg <peter@colberg.org>
| Peter Colberg | 2016-01-13 | 1 | -3/+17 |
| * | ui-repolist: extract repo visibility criteria to separate function•••Signed-off-by: Peter Colberg <peter@colberg.org>
| Peter Colberg | 2016-01-13 | 1 | -3/+10 |
| * | Fix segmentation fault in hc()•••The ctx.qry.page variable might be unset at this point, e.g. when an
invalid command is passed and cgit_print_pageheader() is called to show
an error message.
Signed-off-by: Lukas Fleischer <lfleischer@lfos.de>
| Lukas Fleischer | 2016-01-13 | 1 | -0/+3 |
| * | git: update to v2.7.0•••Update to git version v2.7.0.
* Upstream commit ed1c9977cb1b63e4270ad8bdf967a2d02580aa08 (Remove
get_object_hash.) changed API:
Convert all instances of get_object_hash to use an appropriate
reference to the hash member of the oid member of struct object.
This provides no functional change, as it is essentially a macro
substitution.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2016-01-13 | 13 | -26/+26 |
| * | ui-repolist: initialize char *buf to NULL•••readfile() can fail if the agefile is not readable. Make sure free()
does not free an ininitialized string.
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2016-01-13 | 1 | -1/+1 |
| * | filter: avoid integer overflow in authenticate_post•••ctx.env.content_length is an unsigned int, coming from the
CONTENT_LENGTH environment variable, which is parsed by strtoul. The
HTTP/1.1 spec says that "any Content-Length greater than or equal to
zero is a valid value." By storing this into an int, we potentially
overflow it, resulting in the following bounding check failing, leading
to a buffer overflow.
Reported-by: Erik Cabetas <Erik@cabetas.com>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2015-11-24 | 1 | -1/+1 |
| * | about-formatting.sh: comment text out of date | Jason A. Donenfeld | 2015-11-12 | 1 | -1/+1 |
| * | filters: port syntax-highlighting.py to python 3.x•••Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2015-10-12 | 1 | -10/+9 |
| * | md2html: the default of stdin works fine•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2015-10-12 | 1 | -2/+1 |
| * | filters: misc cleanups•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2015-10-12 | 2 | -2/+1 |
| * | md2html: use pure python•••Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
| Jason A. Donenfeld | 2015-10-12 | 1 | -6/+9 |
| * | cache: fix resource leak: close file handle before return•••Coverity-id: 13910
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2015-10-10 | 1 | -3/+9 |
| * | ui-atom: fix resource leak: free allocation from cgit_pageurl•••Coverity-id: 13945
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2015-10-10 | 1 | -1/+4 |
| * | ui-atom: fix resource leak: free before return•••Coverity-id: 13946
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2015-10-10 | 1 | -1/+2 |
| * | ui-atom: fix resource leak: free allocation from cgit_repourl•••Coverity-id: 13947
Signed-off-by: Christian Hesse <mail@eworm.de>
| Christian Hesse | 2015-10-10 | 1 | -1/+3 |
