Diff
Not logged in
HomeFilesLeavesTimelineBranchesTagsTicketsWikiLogin

Differences From:

File src/zip.c part of check-in [1ce0ac53ef] - fixed a string memleak in baseline_zip_page() by stephan on 2008-02-12 00:31:48. Also file src/zip.c part of check-in [588bb7cd73] - Merged to ed26056bb5. by aku on 2008-02-24 18:50:35. [view]

To:

File src/zip.c part of check-in [fa6e993017] - New Zip permission. This permission allow someone to download a zipped artifact via the wiki's /zip URL. It can given the user nobody to allow automatic package builder to download the sources they know from fossil-scm.org or other servers without any intervening login necessary.

As the /zip page do not expose anything, a spider should have a hard time to crawl thru the project using this URL. So IMO it does not open a break-in hole for spiders.

by cle on 2008-08-12 03:27:54. [view] 
@@ -357,9 +357,9 @@
   int nName;
   Blob zip;
 
   login_check_credentials();
-  if( !g.okRead || !g.okHistory ){ login_needed(); return; }
+  if( !g.okZip && (!g.okRead || !g.okHistory) ){ login_needed(); return; }
   zName = mprintf("%s", PD("name",""));
   nName = strlen(zName);
   for(nName=strlen(zName)-1; nName>5; nName--){
     if( zName[nName]=='.' ){

Fossil version [c0211010a1] 2009-12-13 01:31:36