Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Changes In Branch regsub-command Excluding Merge-Ins
This is equivalent to a diff from a3a740ad51 to 9352328572
|
2019-03-06
| ||
| 20:47 | Use the -command argument to regexp to provide wapp-subst and wapp-trim that are fast and that avoid doing command substitution outside of quoted regions. (check-in: df36e56f70 user: drh tags: trunk) | |
|
2018-02-27
| ||
| 04:05 | Fix typos in the security.md document. (check-in: 3d9bec254b user: drh tags: trunk) | |
|
2018-02-19
| ||
| 12:32 | Attempt to reimplement wapp-subst and wapp-trim using the -command option to regsub. This prevents bracket-command evaluatation in unsubstituted script, but it does not handle backslash escapes quite right. (Closed-Leaf check-in: 9352328572 user: drh tags: regsub-command) | |
|
2018-02-18
| ||
| 23:45 | Allow "%html%(...)%" as an alternative to "%html(...)" for use in cases where the "..." contains one or more ")" characters. (check-in: a3a740ad51 user: drh tags: trunk) | |
|
2018-02-16
| ||
| 19:24 | In "local" and "server" modes, if a TCL error occurs in the page processing routine, write that error onto standard output in addition to sending it back as the reply to request. (check-in: 99b13e374c user: drh tags: trunk) | |
Changes to wapp.tcl.
| ︙ | ︙ | |||
68 69 70 71 72 73 74 | # In other words, use "%(...)%" instead of "(...)" to include the TCL string # to substitute. # # The %unsafe substitution should be avoided whenever possible, obviously. # In addition to the substitutions above, the text also does backslash # escapes. # | > > > > > | | > > > > > > > > > > > > > > > > > | | | | < < < < | | | | | | > | 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 |
# In other words, use "%(...)%" instead of "(...)" to include the TCL string
# to substitute.
#
# The %unsafe substitution should be avoided whenever possible, obviously.
# In addition to the substitutions above, the text also does backslash
# escapes.
#
# The wapp-trim proc works the same as wapp-subst except that it also removes
# whitespace from the left margin, so that the generated HTML/CSS/Javascript
# does not appear to be indented when delivered to the client web browser.
#
if {$tcl_version>=8.7} {
proc wapp-subst {txt} {
global wapp
regsub -all -command \
{%(html|url|qp|string|unsafe){1,1}?(|%)\((.+)\)\2} $txt wappInt-enc txt
dict append wapp .reply [subst -novariables -nocommand $txt]
}
proc wapp-trim {txt} {
global wapp
regsub -all {\n\s+} [string trim $txt] \n txt
regsub -all -command \
{%(html|url|qp|string|unsafe){1,1}?(|%)\((.+)\)\2} $txt wappInt-enc txt
dict append wapp .reply [subst -novariables -nocommand $txt]
}
proc wappInt-enc {all mode nu1 txt} {
return [uplevel 2 "wappInt-enc-$mode \"$txt\""]
}
} else {
proc wapp-subst {txt} {
global wapp
regsub -all {%(html|url|qp|string|unsafe){1,1}?(|%)\((.+)\)\2} $txt \
{[wappInt-enc-\1 "\3"]} txt
dict append wapp .reply [uplevel 1 [list subst -novariables $txt]]
}
proc wapp-trim {txt} {
global wapp
regsub -all {\n\s+} [string trim $txt] \n txt
regsub -all {%(html|url|qp|string|unsafe){1,1}?(|%)\((.+)\)\2} $txt \
{[wappInt-enc-\1 "\3"]} txt
dict append wapp .reply [uplevel 1 [list subst -novariables $txt]]
}
}
# There must be a wappInt-enc-NAME routine for each possible substitution
# in wapp-subst. Thus there are routines for "html", "url", "qp", and "unsafe".
#
# wappInt-enc-html Escape text so that it is safe to use in the
# body of an HTML document.
|
| ︙ | ︙ |