Differences From:

File src/setup.c part of check-in [0be54823ba] - Add defenses against cross-site request forgery attacks. by drh on 2008-10-18 12:55:44. [view]

To:

File src/setup.c part of check-in [0600b278c0] - Remove the unused inherit-anon configuration attribute. Fix the automatic redirect that follows a login operation. Fix "config push user" on the server side. by drh on 2008-10-26 21:30:23. [view]

@@ -619,21 +619,15 @@
   @ <form action="%s(g.zBaseURL)/setup_access" method="POST">
   login_insert_csrf_secret();
   @ <hr>
   onoff_attribute("Require password for local access",
-     "localauth", "localauth", 1);
+     "localauth", "localauth", 0);
   @ <p>When enabled, the password sign-in is required for
   @ web access coming from 127.0.0.1.  When disabled, web access
   @ from 127.0.0.1 is allows without any login - the user id is selected
   @ from the ~/.fossil database. Password login is always required
   @ for incoming web connections on internet addresses other than
   @ 127.0.0.1.</p></li>
-
-  @ <hr>
-  onoff_attribute("Inherit capabilities from anonymous user",
-     "inherit-anon", "inherit-anon", 0);
-  @ <p>When enabled, all web users inherit capabilities from
-  @ "anonymous", as well as from "nobody".</p></li>
 
   @ <hr>
   entry_attribute("Login expiration time", 6, "cookie-expire", "cex", "8766");
   @ <p>The number of hours for which a login is valid.  This must be a