- Require all requests to use a session path.
- Use a redirect file to avoid exposing the '/start' URL on the
command line, as it contains the cookie value.
Fix for CVE-2014-2914.
Closes#1438.
- Change fishd_path to std::string
- Warn, rather than exiting with an error, if the universal variable
server path is not available, and provide more useful advice.
- Export the new __fishd_runtime_dir variable.
- Use a secure path for sockets (some code used under license from
tmux).
- Provide the secure path in the environment as $__fish_runtime_dir.
- Link the new path to the old path to ease migration from earlier
versions.
Closes#1359.
After installing fish built from or after this commit, you MUST
terminate all running fishd processes (`killall fishd`, `pkill fishd`
or similar). Distributors are encouraged to do this from within their
packaging scripts. fishd will restart automatically, and no data should
be lost.
Addresses issue #1557 as well as fixing many typos, HTML errors and
inconsistencies. Also introduces automatic syntax colouring and enables
new documentation to be written in Markdown. TODO fix Tutorial.
Rework for Doxygen >1.8. Moved large parts of the documentation to a
simplified format, making use of Markdown enhancements and fixing bad
long options.
Currently fish doesn't recognize toor as special. However, it's likely
that on BSD systems, fish shell will be used on toor, not on root (toor
is an intentionally existing account to use more advanced shell on, like
shell).
This stops unconditionally setting values for HOME and USER,
if we find those values in the environment. It also saves about 16KB
on OS X, which getpwuid allocates.
When running `make test` we want to use the local function definitions,
not the ones installed on the system.
The system config.fish will still insert the system definitions at the
end, but at least ours will take precedence.
Enhance the `read` builtin to support creating an array with the --array
flag. With --array, only a single variable name is allowed and the
entire input is tokenized and placed into that variable as an array.
Also add custom behavior if IFS is empty or unset. In that event, split
the input on every character, instead of the previous behavior of doing
no splitting at all.
