Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Fix documentation typos. |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA3-256: |
04b1d555cf767bccd20525d2e9d7f17c |
| User & Date: | drh 2019-10-15 14:54:09 |
Context
|
2020-02-28
| ||
| 21:30 | Add the external content demo script. Leaf check-in: bd84938961 user: drh tags: trunk | |
|
2019-10-15
| ||
| 14:54 | Fix documentation typos. check-in: 04b1d555cf user: drh tags: trunk | |
|
2019-08-01
| ||
| 23:40 | Adjust the makefile to use SQLITE_ENABLE_DESERIALIZE. check-in: 6b66ed109d user: drh tags: trunk | |
Changes
Changes to docs/commands.md.
1 2 3 4 5 6 7 8 9 10 11 |
Wapp Commands
=============
Wapp really just a collection of TCL procs. All procs are in a single file
named "wapp.tcl".
The procs that form the public interface for Wapp begin with "wapp-". The
implementation uses various private procedures that have names beginning
with "wappInt-". Applications should use the public interface only.
The most important Wapp interfaces are:
|
| |
1 2 3 4 5 6 7 8 9 10 11 |
Wapp Commands
=============
Wapp is really just a collection of TCL procs. All procs are in a single file
named "wapp.tcl".
The procs that form the public interface for Wapp begin with "wapp-". The
implementation uses various private procedures that have names beginning
with "wappInt-". Applications should use the public interface only.
The most important Wapp interfaces are:
|
Changes to docs/intro.md.
165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 |
<pre>%html([wapp-debug-env])</pre>
}
}
wapp-start $argv
Many Wapp applications contain an /env page for debugging and
trouble-shooting purpose. Examples:
<https://sqlite.org/checklists/env> and
<https://sqlite.org/search?env=1>
2.1 Binary Resources
--------------------
Here is another variation on the same "hello, world" program that adds an
|
| |
165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 |
<pre>%html([wapp-debug-env])</pre>
}
}
wapp-start $argv
Many Wapp applications contain an /env page for debugging and
trouble-shooting purpose. Examples:
<https://sqlite.org/src/ext/checklist/top/env> and
<https://sqlite.org/search?env=1>
2.1 Binary Resources
--------------------
Here is another variation on the same "hello, world" program that adds an
|
Changes to docs/params.md.
299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 |
http://example.com/cgi-bin/script/method/extra/path?q1=5
\______________________________________/ \________/
| |
SELF_URL PATH_TAIL
### 3.2 Undefined Parameters When Using SCGI on Nginx
Some of the CGI parameters are undefined by default when using CGI mode
with Nginx. If these CGI parameters are needed by the application, then
values must be assigned in the Nginx configuration file. For example:
>
location /scgi/ {
include scgi_params;
scgi_pass localhost:9000;
scgi_param SCRIPT_NAME "/scgi";
scgi_param SCRIPT_FILENAME "/home/www/scgi/script1.tcl";
}
|
| |
299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 |
http://example.com/cgi-bin/script/method/extra/path?q1=5
\______________________________________/ \________/
| |
SELF_URL PATH_TAIL
### 3.2 Undefined Parameters When Using SCGI on Nginx
Some of the CGI parameters are undefined by default when using SCGI mode
with Nginx. If these CGI parameters are needed by the application, then
values must be assigned in the Nginx configuration file. For example:
>
location /scgi/ {
include scgi_params;
scgi_pass localhost:9000;
scgi_param SCRIPT_NAME "/scgi";
scgi_param SCRIPT_FILENAME "/home/www/scgi/script1.tcl";
}
|
Changes to docs/security.md.
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
features on an as-needed basis, but the default setting for security
features is always "on".
Security features in Wapp include:
1. The default
[Content Security Policy](https://en.wikipedia.org/wiki/Content_Security_Policy)
of "CSP"
for all Wapp applications is _default-src 'self'_. In that mode,
resources must all be loaded from the same origin, the use of
eval() and similar commands in javascript is prohibited, and
no in-line javascript or CSS is allowed. These limitations help
keep applications safe from
[XSS attacks](https://en.wikipedia.org/wiki/Cross-site_scripting)
attacks, even in the face of application coding errors. If these
restrictions are too severe for an application, the CSP can be
relaxed or disabled using the
"[wapp-content-security-policy](commands.md#csp)" command.
2. Access to GET query parameters and POST parameters is prohibited
unless the origin of the request is the application itself, as
determined by the Referrer field in the HTTP header. This feature
|
| | | |
5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 |
features on an as-needed basis, but the default setting for security
features is always "on".
Security features in Wapp include:
1. The default
[Content Security Policy](https://en.wikipedia.org/wiki/Content_Security_Policy)
("CSP")
for all Wapp applications is _default-src 'self'_. In that mode,
resources must all be loaded from the same origin, the use of
eval() and similar commands in javascript is prohibited, and
no in-line javascript or CSS is allowed. These limitations help
keep applications safe from
[XSS attacks](https://en.wikipedia.org/wiki/Cross-site_scripting),
even in the face of application coding errors. If these
restrictions are too severe for an application, the CSP can be
relaxed or disabled using the
"[wapp-content-security-policy](commands.md#csp)" command.
2. Access to GET query parameters and POST parameters is prohibited
unless the origin of the request is the application itself, as
determined by the Referrer field in the HTTP header. This feature
|