Differences From:

File src/main.c part of check-in [21326fb6f7] - Fix enforcement of access restrictions on reports. Do not allow reports to show the content of fields whose names begin with "private_" unless the "e" permission is enabled. by drh on 2008-07-19 15:12:34. [view]

To:

File src/main.c part of check-in [5fb14b9a0f] - Include non-sym- tags in tagview web page. Also merge mainline into tagview branch. by eric on 2008-08-21 20:59:01. Also file src/main.c part of check-in [fa6e993017] - New Zip permission. This permission allow someone to download a zipped artifact via the wiki's /zip URL. It can given the user nobody to allow automatic package builder to download the sources they know from fossil-scm.org or other servers without any intervening login necessary.

As the /zip page do not expose anything, a spider should have a hard time to crawl thru the project using this URL. So IMO it does not open a break-in hole for spiders.

by cle on 2008-08-12 03:27:54. [view]

@@ -118,8 +118,9 @@
   int okApndTkt;          /* c: append to tickets via the web */
   int okWrTkt;            /* w: make changes to tickets via web */
   int okTktFmt;           /* t: create new ticket report formats */
   int okRdAddr;           /* e: read email addresses or other private data */
+  int okZip;              /* z: download zipped artifact via /zip URL */
 
   FILE *fDebug;           /* Write debug information here, if the file exists */
 
   /* Storage for the aux() and/or option() SQL function arguments */