Fossil

Timeline
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

About branch base-href-fix

The primary purpose of this branch is to fix a problem with #fragment hyperlinks. The problem is observed on webpages which satisfy all the following conditions:

  1. Contain #fragment links or relative links.

  2. Have more than one segment in their PATH_INFO or have non-empty QUERY_STRING (or both).

  3. Have <base> element in their <head> section that does not account for (2).

It turns out that some important pages are affected by this issue: /forumpost, /forumthread, /tktview, /timeline, /wiki and /wikiedit (and perhaps other). Notably the /doc pages are not affected unless QUERY_STRING is non-empty (which makes sense for the TH1-enabled pages).

This issue was discovered earlier under a custom skin and recently became a real obstacle for proper functioning of footnotes within Forum, Tickets and Wiki.

The solution proposed in this branch consists of changing the value of base href attribute so that it is consistent with the requested URI. It introduces style_set_base_href_suffix() function that may be called by a page's handler to override value in base href. If a particular handler does not call style_set_base_href_suffix() than a regular value (consistent with the REQUEST_URI) is emited into a page's header.

Thus the change is applied to almost all pages where it seems practical, with a noteworthy exception of /file pages (that are handled in src/info.c) and /fileedit pages.

It was chosen not to reuse $current_page variable as it may break deployments of some users.

Administrators of Fossil instances do not need to take special actions to benefit from this change, unless a custom header that overrides the <base> generation is used. In the later case administrator is advised to amend their code accordingly, unless the old semi-broken behavior is desired.

Apart from the primary goal this branch also fixes a subtle bug and introduces (but does not document) auxiliary TH1 variable and the corresponding class on the <body>.

14 check-ins related to "base-href-fix"
2022-02-19
01:59
Fix hyperlinks on the /winfo page. These were broken when a page was accessed through /info/HASH or /winfo/HASH aliases. ... (check-in: 356a4845 user: george tags: trunk)
2022-02-15
21:35
FIXME-comments in the code did not indicate issues and are now rephrased to be mere reminders. ... (Leaf check-in: d253ece0 user: george tags: base-href-fix)
02:26
Do not override base href for wiki pages. This needs testing. ... (check-in: 89dd3451 user: george tags: base-href-fix)
00:58
When setting $webpagename pass the value of g.zPath though escape_quotes(). This is unclear how g.zPath can contain quotes but let this strange case be handled in a safe way. ... (check-in: 288fe34c user: george tags: base-href-fix)
00:14
Move <meta charset="UTF-8"> to the begining of the default header. Supply BODY element with a class that derives from $webpagename. ... (check-in: 6d135904 user: george tags: base-href-fix)
2022-02-14
23:06
Do not export g.zRelReqURI to TH1 interpreter because getParameter proc can retrieve PATH_INFO and QUERY_STRING. Instead export g.zPath (as $webpagename) since that is typically needed in the TH1 headers/footers of custom skins. ... (check-in: ff4c7ed6 user: george tags: base-href-fix)
22:43
Make style_set_base_href_suffix() safe for misuse: if the resulting suffix contains unescaped quotes then escape them. $base_href_suffix is intended for interpolation inside of the quoted href attribute. This check-in should address the case when a user of malfunctioning browser (which mishandles quoting) is tricked by an adversary to visit a specially crafted hyperlink. ... (check-in: d97752f3 user: george tags: base-href-fix)
2022-02-13
17:54
Rename variable g.zUrlSuffix to g.zRelReqURI (Relative Request URI). Provide it to TH1 interpreter as $relrequri. ... (check-in: 05e3fa76 user: george tags: base-href-fix)
16:00
Fix hyperlinks on the /winfo page. These were broken when a page was rendered through /info/HASH of /winfo/HASH aliases. ... (check-in: 5ce372ce user: george tags: base-href-fix)
01:35
Cherry-pick from branch 'cgi-compliance' (and thus back out [5bb921dd0893a548]). Adapt the computation of g.zUrlSuffix in set_base_url() accordingly. ... (check-in: 5c649c7e user: george tags: base-href-fix)
00:26
Back out [5bb921dd0893a548]. It turns out that REQUEST_URI should have the query string appended. Make other changes to cgi.c to bring it into "compliance". "Compliance" is in quotes because rfc3875 does not define REQUEST_URI. That variable is really just by conveniention. But Apache and Nginx both append the query string, so we should too. ... (check-in: fd1c9b09 user: drh tags: cgi-compliance)
2022-02-12
21:51
Add an overlooked call to style_set_base_href_suffix() in src/info.c and add a comment of why not to do so for /ext ... (check-in: 87fba731 user: george tags: base-href-fix)
19:53
An attepmt to fix the <base href="..."> element of webpages so that the value of href attribute matches the URL being served. This should fix "#fragment" hyperlinks on all pages where these were broken (all except /doc). The values for /wiki and /info were left unchanged (it's yet unclear if they should also be changed). ... (check-in: 03b39f1d user: george tags: base-href-fix)
13:55
Do not require mouse events for auto-hyperlink if the UserAgent string includes "Android". Describe the Safari visited/unvisited link limitation on the auto-hyperlink setting. ... (check-in: cef15ed3 user: drh tags: trunk)