K 10 svn:author V 3 knu K 8 svn:date V 27 2002-05-22T08:31:06.000000Z K 7 svn:log V 2255 Merge from FreeBSD-cvsweb 2.0.3. 2002-05-22 Akinori MUSHA * cvsweb.cgi: Read configuration files with `do' instead of `require' to unbreak mod_perl support. [Submitted by: "Khachaturov, Vassilii" ] * cvsweb.cgi: Cosmetic fixes. Use and/or rather than &&/|| to connect sentences. * cvsweb.cgi: Exit with -1 if exec() fails. * cvsweb.cgi: Do not print a redundant `Diff' for rev.1.1. [Submitted by: Ville Skytt,Ad(B ] * cvsweb.cgi: Prevent cross-site scripting. [Submitted by: Motoyuki Konno (modified)] * cvsweb.cgi: Skip a possible `locked by' clause and extract a revision number out of a log entry properly. [Submitted by: "Khachaturov, Vassilii" ] * cvsweb.cgi: Apply some HTML cleanups and use CSS instead of ancient HTML 3/4 tags and attributes. [Submitted by: Ville Skytt,Ad(B ] * cvsweb.cgi: Pass `use' features to import to make it more memory efficient. [Submitted by: Ville Skytt,Ad(B ] * cvsweb.cgi: Add new configuration variables: $allow_log_extra, $allow_dir_extra, and $allow_source_extra. [Submitted by: "Khachaturov, Vassilii" ] * cvsweb.cgi: Release as FreeBSD-cvsweb 2.0.2. * cvsweb.cgi: Previous fixes against cross-site scripting vulnerabilities were insufficient and buggy (error messages were messed up). Revamp fatal() to HTML-quote automatically and fix error message output. * cvsweb.cgi: Release as FreeBSD-cvsweb 2.0.3. 2002-05-11 Akinori MUSHA * cvsweb.cgi: There are no spaces at EOL in modern rlog output. [Submitted by: "Khachaturov, Vassilii" ] 2002-05-08 Motoyuki Konno * cvsweb.cgi: Fix a cross-site scripting vulnerablity. 2002-05-07 Akinori MUSHA * cvsweb.conf-netbsd, cvsweb.conf-openbsd: NetBSD and OpenBSD don't use $CVSHeader$ but $Id$. [Submitted by: motoyuki@FreeBSD.org] * cvsweb.cgi: Work around a bug of cvs -p; expand symlinks in a cvsroot. [Submitted by: motoyuki@FreeBSD.org] * cvsweb.cgi: Fix parsing in 'tags' state. [Submitted by: "Khachaturov, Vassilii" ] END