File Changes for galt

v339_preview to v339_preview2 (2016-09-12 to 2016-09-19) v339

• src/hg/hgTables/identifiers.c
  • lines changed 1, context: html, text, full: html, text
    396071902267c1654f7eafaf60962aad935a9558 Thu Sep 15 17:08:36 2016 -0700
    Changing htmlSafef to use %s|none| instead of %-s because %-s has some legitimate uses in html output which means left-justifying the text. Jim uses it in hgBlat. This will make it more general, although it is longer to read and write. For sqlSafef, there was no legitimate expected need to have left-justified output in the production of a SQL statement.
    
• src/hg/js/ajax.js
  • lines changed 0, context: html, text, full: html, text
    73f3cdf57c975b34070a5c6a93c82565aa3b8c6f Wed Sep 14 14:35:48 2016 -0700
    fixing tabs
    
• src/hg/js/autocomplete.js
  • lines changed 0, context: html, text, full: html, text
    73f3cdf57c975b34070a5c6a93c82565aa3b8c6f Wed Sep 14 14:35:48 2016 -0700
    fixing tabs
    
• src/hg/js/hgTracks.js
  • lines changed 2, context: html, text, full: html, text
    37b585ad1c4f5bfa5598fa987485d56120ef6d9e Wed Sep 14 14:18:05 2016 -0700
    Fixes #18702. Uses async=false flag with cart.setVarsObj to prevent network error in Firefox and Safari while saving the state of the hidden highlight popup. It needs to wait for the ajax update to finish before submitting the form.
    
  • lines changed 0, context: html, text, full: html, text
    73f3cdf57c975b34070a5c6a93c82565aa3b8c6f Wed Sep 14 14:35:48 2016 -0700
    fixing tabs
    
• src/hg/js/utils.js
  • lines changed 0, context: html, text, full: html, text
    73f3cdf57c975b34070a5c6a93c82565aa3b8c6f Wed Sep 14 14:35:48 2016 -0700
    fixing tabs
    
• src/hg/lib/jksql.c
  • lines changed 1, context: html, text, full: html, text
    8d22a576e16342266ce80501318803e7b0fa466b Fri Sep 16 11:48:02 2016 -0700
    redundant va_end called is not needed. now it follows the standard. va_end was getting called twice incorrectly even though we saw no errors from it.
    
• src/inc/cheapcgi.h
  • lines changed 2, context: html, text, full: html, text
    b8023f3df3e17b6f60875f88935e60c232d64d16 Fri Sep 16 22:40:13 2016 -0700
    refs #177282. fixes textarea xss vulnerability in cheapcgi.c visible in hgVai. Added functions to allow outputs of large but indeterminate size such as dyString and file streams like fprintf.
    
• src/inc/htmshell.h
  • lines changed 39, context: html, text, full: html, text
    b8023f3df3e17b6f60875f88935e60c232d64d16 Fri Sep 16 22:40:13 2016 -0700
    refs #177282. fixes textarea xss vulnerability in cheapcgi.c visible in hgVai. Added functions to allow outputs of large but indeterminate size such as dyString and file streams like fprintf.
    
• src/lib/cheapcgi.c
  • lines changed 1, context: html, text, full: html, text
    c8202d99df0aa4ac3b592b5557822a65253214a4 Mon Sep 12 14:13:31 2016 -0700
    fixed typo
    
  • lines changed 2, context: html, text, full: html, text
    b8023f3df3e17b6f60875f88935e60c232d64d16 Fri Sep 16 22:40:13 2016 -0700
    refs #177282. fixes textarea xss vulnerability in cheapcgi.c visible in hgVai. Added functions to allow outputs of large but indeterminate size such as dyString and file streams like fprintf.
    
• src/lib/htmshell.c
  • lines changed 15, context: html, text, full: html, text
    396071902267c1654f7eafaf60962aad935a9558 Thu Sep 15 17:08:36 2016 -0700
    Changing htmlSafef to use %s|none| instead of %-s because %-s has some legitimate uses in html output which means left-justifying the text. Jim uses it in hgBlat. This will make it more general, although it is longer to read and write. For sqlSafef, there was no legitimate expected need to have left-justified output in the production of a SQL statement.
    
  • lines changed 97, context: html, text, full: html, text
    b8023f3df3e17b6f60875f88935e60c232d64d16 Fri Sep 16 22:40:13 2016 -0700
    refs #177282. fixes textarea xss vulnerability in cheapcgi.c visible in hgVai. Added functions to allow outputs of large but indeterminate size such as dyString and file streams like fprintf.