[fossil-users] Fwd: Re: Fossil README symlink

More from Dragora about JavaScript. The part that's most interesting to me is they're not using Github. -- Forwarded message -- From: "Matias Fonzo" Date: Oct 18, 2017 13:26 Subject: Re: Fossil README symlink To: "Andy Goth" Cc: Hi

Re: [fossil-users] Fwd: Re: Fossil README symlink

On Wed, Oct 18, 2017 at 8:00 AM, wrote: > > Date: Tue, 17 Oct 2017 20:12:25 -0500 > From: Andy Goth > Subject: [fossil-users] Fwd: Re: Fossil README symlink > > Forwarded Message > Subject: Re: Fossil README

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On Oct 18, 2017, at 8:51 AM, Andy Goth wrote: > > style-$hash2.css where $hash2 is a hash (or prefix thereof) > of the contents of style.css, possibly combined with the Fossil checkin > prefix. If style.css is stored as a Fossil artifact, we get that for free. If it’s

Re: [fossil-users] enhanced-symlink branch

Andy Goth: > Does anyone know a good way to create *.lnk files from Tcl? There's an ancient SHORTCUT.EXE command line utility: https://ss64.com/nt/shortcut.html It even has an -s command line option to disable link tracking. I don't have the original. A few clones can be found in the web, but

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On 10/18/17 09:46, Warren Young wrote: On Oct 18, 2017, at 8:27 AM, Warren Young wrote: On Oct 18, 2017, at 7:04 AM, Richard Hipp wrote: I'll have to add a "/fossil.js” resource While you’re about it, I’d suggest shipping /fossil-$hash.js instead and

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On Oct 18, 2017, at 8:27 AM, Warren Young wrote: > > On Oct 18, 2017, at 7:04 AM, Richard Hipp wrote: >> I'll have to add a "/fossil.js” resource While you’re about it, I’d suggest shipping /fossil-$hash.js instead and setting a multi-year Expires header

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On 18 October 2017 at 15:32, Stephan Beal wrote: > LOL. Turing and his silly Test - that's why we can't have nice things. nitpicking: it's not about the test, but about the completeness (AKA the halting problem) -- Javier ___

Re: [fossil-users] enhanced-symlink branch

On 10/18/17 08:42, Florian Balmer wrote: Handling Windows Shell Links (*.lnk) can be tricky: Off-topic, but does anyone know a good way to create *.lnk files from Tcl? The only way I've found is to use DDE to create start menu shortcuts, then move those shortcut files to wherever I need

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On Wed, Oct 18, 2017 at 4:27 PM, Warren Young wrote: > If you have any Ajax calls back to the remote fossil executable and they > ship back

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On Oct 18, 2017, at 7:04 AM, Richard Hipp wrote: > > On 10/18/17, Warren Young wrote: >> On Oct 18, 2017, at 3:44 AM, Warren Young wrote: >>> >>> The more web apps that ship with stringent Content-Security-Policy >>> headers, the fewer

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On 10/18/17, Lonnie Abelbeck wrote: > > Doesn't HTTPS solve this problem ? > HTTPS solves a different problem. See https://content-security-policy.com/presentations/ for some presentations that describe the problem that CSP solves. -- D. Richard Hipp d...@sqlite.org

Re: [fossil-users] enhanced-symlink branch

Warren Young: > By that reckoning, I’d rank *.lnk above Cygwin symlinks in many > regards. Why wouldn’t that work? Handling Windows Shell Links (*.lnk) can be tricky: There's built-in logic to resolve links to missing targets (called "link tracking", can be disabled). That's why portability of

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On Oct 18, 2017, at 8:04 AM, Richard Hipp wrote: > On 10/18/17, Warren Young wrote: >> On Oct 18, 2017, at 3:44 AM, Warren Young wrote: >>> >>> The more web apps that ship with stringent Content-Security-Policy >>> headers, the fewer

Re: [fossil-users] Content-Security-Policy Was: Fossil README symlink

On Wed, Oct 18, 2017 at 3:04 PM, Richard Hipp wrote: > as

[fossil-users] Content-Security-Policy Was: Fossil README symlink

On 10/18/17, Warren Young wrote: > On Oct 18, 2017, at 3:44 AM, Warren Young wrote: >> >> The more web apps that ship with stringent Content-Security-Policy >> headers, the fewer arguments we’ll have for allowing JS on web pages. I'd never heard of

Re: [fossil-users] Fossil README symlink

On Oct 18, 2017, at 3:44 AM, Warren Young wrote: > > The more web apps that ship with stringent Content-Security-Policy headers, > the fewer arguments we’ll have for allowing JS on web pages. Wow…caffeine isn’t working yet, obviously. What I meant to say is that the more

Re: [fossil-users] Fossil README symlink

On Wed, Oct 18, 2017 at 11:44 AM, Warren Young wrote: > A great many of the old concerns about the security problems with > Javascript have gone away through various efforts, and atop that, the vast > majority of web sites and web apps now require JavaScript. > Including

Re: [fossil-users] Fossil README symlink

On Oct 17, 2017, at 7:12 PM, Andy Goth wrote: > > requiring JavaScript access has proven to be > fatal for his project's usage of Fossil. I noticed a complete lack of “me, too” in that thread. Usually when one of the other VCSes does something different from Fossil,