All File Changes
v344_base to v345_preview (2017-01-30 to 2017-02-06) v345
Show details
- confs/hgwbeta.hg.conf
- lines changed 4, context: html, text, full: html, text
1c9062613484ff43807a144dc65f2bb9b9873752 Sun Feb 5 01:11:52 2017 -0800
Installing updated hg.conf files from UCSC servers
- src/hg/cartDump/cartDump.c
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/cirm/cdw/cdwWebBrowse/README_CSP
- lines changed 16, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/cirm/cdw/cdwWebBrowse/cdwFlowCharts.c
- lines changed 55, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/cirm/cdw/cdwWebBrowse/cdwNavBar.html
- lines changed 6, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/cirm/cdw/cdwWebBrowse/cdwWebBrowse.c
- lines changed 48, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/cirm/cdw/inc/cdwLib.h
- lines changed 4, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/encode/hgEncodeSubmit/public/javascripts/controls.js
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/encode/hgEncodeVocab/hgEncodeVocab.c
- lines changed 2, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/encode3/encodeDataWarehouse/edwWebDeprecate/edwWebDeprecate.c
- lines changed 1, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/hg/encode3/importEncode2/encode2GffDoctor/encode2GffDoctor.c
- lines changed 1, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/hg/hgApi/hgApi.c
- lines changed 8, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgBlat/hgBlat.c
- lines changed 7, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 1, context: html, text, full: html, text
0d6f83aa38e1a6ee04952a36ce1e03e8591199c5 Tue Jan 31 12:32:39 2017 -0800
turn on indel and query gap annotation for BLAT custom tracks
- src/hg/hgConvert/hgConvert.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgCustom/hgCustom.c
- lines changed 44, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgFileSearch/hgFileSearch.c
- lines changed 1, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- lines changed 16, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgGateway/hgGateway.c
- lines changed 19, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 1, context: html, text, full: html, text
722dfea3a5bfa3ac36d8234e6698495a2a7a6cac Tue Jan 31 12:36:01 2017 -0800
Both Hiram and Matt got stale hgGateway.js in their browser caches somehow -- we do still need to use the timestamped symlinks for JS files. :(
- src/hg/hgGene/domains.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgGenome/mainPage.c
- lines changed 36, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgHubConnect/hgHubConnect.c
- lines changed 92, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgIntegrator/hgIntegrator.c
- lines changed 8, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgLiftOver/hgLiftOver.c
- lines changed 6, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgLogin/hgLogin.c
- lines changed 47, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgPcr/hgPcr.c
- lines changed 16, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgPublicSessions/hgPublicSessions.c
- lines changed 15, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgSession/hgSession.c
- lines changed 47, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 1, context: html, text, full: html, text
3309b481df43c9044d0adb112547e75f943bd7a1 Wed Feb 1 13:04:48 2017 -0800
Increasing string buffer size for javascript that encodes DataTable state after I got an overflow error.
- lines changed 3, context: html, text, full: html, text
dab575f9c813b6e2d49e403fc438c0fa0f9307d8 Sat Feb 4 22:53:05 2017 -0800
make sure this js state never overflows.
- src/hg/hgTables/correlate.c
- lines changed 7, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/filterFields.c
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/genomeSpace.c
- lines changed 16, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/great.c
- lines changed 13, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/hgTables.c
- lines changed 7, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/hgTables.h
- lines changed 2, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/intersect.c
- lines changed 24, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTables/mainPage.c
- lines changed 51, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTrackUi/hgTrackUi.c
- lines changed 92, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 3, context: html, text, full: html, text
f8b16feaacf8742673d634e6584ddd37ca5caa2a Thu Feb 2 14:13:51 2017 -0800
Fixing missing ajax transfer in hgTracks popup hgTrackUi js. Note this should basically pick up the equivalent of inline event handlers like onclick= stuff.
- src/hg/hgTracks/bedTrack.c
- lines changed 51, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- lines changed 6, context: html, text, full: html, text
13598ccea89fe2434ea2be5aa8b9077619ceabe4 Sat Feb 4 08:44:35 2017 -0800
fix some problems with big* labels
- src/hg/hgTracks/bigBedTrack.c
- lines changed 38, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- src/hg/hgTracks/config.c
- lines changed 25, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTracks/cytoBandTrack.c
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTracks/extTools.c
- lines changed 20, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTracks/hgTracks.c
- lines changed 94, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 3, context: html, text, full: html, text
431ca2b29dd35a0ebd83029e95bca9363022a037 Tue Jan 31 17:33:19 2017 -0800
fix some problems with long chrom names and the cyto band track
- src/hg/hgTracks/hgTracks.h
- lines changed 12, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- src/hg/hgTracks/imageV2.c
- lines changed 5, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTracks/menu.c
- lines changed 7, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTracks/searchTracks.c
- lines changed 86, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgTracks/simpleTracks.c
- lines changed 2, context: html, text, full: html, text
1ba22c3fff694d48c7a81e28030820694ec05a25 Tue Jan 31 15:20:35 2017 -0800
fix a bug with bigGenePred's not paying attention to itemRgb
- lines changed 1, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- src/hg/hgUserSuggestion/hgUserSuggestion.c
- lines changed 31, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgVai/hgVai.c
- lines changed 33, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgc/bigBedClick.c
- lines changed 9, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgc/hgc.c
- lines changed 6, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 4, context: html, text, full: html, text
534feaa0bd15fe67eafcc900ebecbd44ad0e74a7 Tue Jan 31 15:35:00 2017 -0800
with snakes, get other db name from otherSpecies, not from track name
- src/hg/hgc/lowelab.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgc/mafClick.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgc/pubs.c
- lines changed 4, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/hgc/transMapClick.c
- lines changed 5, context: html, text, full: html, text
1b7f07fe5eb75a017ecf0305de99e202e6156e3f Mon Jan 30 17:42:19 2017 -0800
fixed hgc crash on transMap V2 tracks
- src/hg/hgc/wikiTrack.c
- lines changed 5, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/htdocs/bigImage.html
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/htdocs/goldenPath/help/trackDb/trackDbDoc.js
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/htdocs/goldenPath/help/trackDb/trackDbHub.v2.html
- lines changed 22, context: html, text, full: html, text
970e80c7e8c82afd34071be3b5dda6cdb440691b Mon Jan 30 11:41:33 2017 -0800
add some doc about halSnake in trackDb
- lines changed 9, context: html, text, full: html, text
aafec239883e640f1587941d72e2204673366aa3 Fri Feb 3 16:05:28 2017 -0800
some doc for labelFields
- src/hg/htdocs/goldenPath/help/trackDb/trackDbLibrary.shtml
- lines changed 34, context: html, text, full: html, text
970e80c7e8c82afd34071be3b5dda6cdb440691b Mon Jan 30 11:41:33 2017 -0800
add some doc about halSnake in trackDb
- lines changed 6, context: html, text, full: html, text
aafec239883e640f1587941d72e2204673366aa3 Fri Feb 3 16:05:28 2017 -0800
some doc for labelFields
- src/hg/htdocs/inc/globalNavBar.inc
- lines changed 6, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 6, context: html, text, full: html, text
fb27495fe820777de19089a029ea5df9d4704a21 Wed Feb 1 11:08:49 2017 -0800
Adding back, until the next release is on the RR, the inline script that stores some params in Drupal.settings for later use by the nice-menus superfish jquery plugin (the script was removed in a53b9958f along with code changes for CSP2). The code on the RR and in the current release candidate still depends on this, and htdocs files are pushed from tip-of-tree not release, so this needs to support old code. refs #18686 note-25
- src/hg/htdocs/training/index.html
- lines changed 36, context: html, text, full: html, text
a1785054b6a220a66788999d1a1e0f48d93ae7c1 Wed Feb 1 10:06:28 2017 -0800
adding future workshops at HowardU and UVirginia, dropping PAGXXV, staging some other future stuff
- src/hg/inc/hPrint.h
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/inc/hui.h
- lines changed 6, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 4, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- src/hg/inc/jsHelper.h
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/inc/search.h
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/inc/trackDb.h
- lines changed 1, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- lines changed 1, context: html, text, full: html, text
d2698ab46be18b70983ab1bd3121d01cd818389a Fri Feb 3 14:53:49 2017 -0800
oops fixed a problem with bed scores
- src/hg/inc/web.h
- lines changed 45, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/alleles.js
- lines changed 18, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 15, context: html, text, full: html, text
87300988042f9b370f257fddf5a3ae0d21662851 Sat Feb 4 00:12:53 2017 -0800
Fixes for early warning during ajax callback; fixes for early warning in js. Changed to not only parse to but strip out the CSP header and js-with-nonce leaving cleaner html -- should create fewer "surprises" for existing screen-scraping code.
- src/hg/js/hgGateway.js
- lines changed 32, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/hgTracks.js
- lines changed 77, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 20, context: html, text, full: html, text
f8b16feaacf8742673d634e6584ddd37ca5caa2a Thu Feb 2 14:13:51 2017 -0800
Fixing missing ajax transfer in hgTracks popup hgTrackUi js. Note this should basically pick up the equivalent of inline event handlers like onclick= stuff.
- lines changed 63, context: html, text, full: html, text
1a0fe31189d4bbaeccc42b8f34fe12e876e189d7 Fri Feb 3 10:09:59 2017 -0800
removing debugging and old CSP1 stuff.
- lines changed 25, context: html, text, full: html, text
87300988042f9b370f257fddf5a3ae0d21662851 Sat Feb 4 00:12:53 2017 -0800
Fixes for early warning during ajax callback; fixes for early warning in js. Changed to not only parse to but strip out the CSP header and js-with-nonce leaving cleaner html -- should create fewer "surprises" for existing screen-scraping code.
- src/hg/js/jquery.contextmenu.js
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/jquery.jstore-all-min.js
- lines changed 56, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/jquery.jstore.js
- lines changed 56, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/jquery.plugins.js
- lines changed 7, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/lowetooltip.js
- lines changed 2, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/js/subCfg.js
- lines changed 5, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 20, context: html, text, full: html, text
97e8b7ff52a2f4fb0b62d7015aab593346bc3a65 Fri Feb 3 11:48:36 2017 -0800
stripJsEmbedded is probably obsolete.
- lines changed 20, context: html, text, full: html, text
87300988042f9b370f257fddf5a3ae0d21662851 Sat Feb 4 00:12:53 2017 -0800
Fixes for early warning during ajax callback; fixes for early warning in js. Changed to not only parse to but strip out the CSP header and js-with-nonce leaving cleaner html -- should create fewer "surprises" for existing screen-scraping code.
- src/hg/js/utils.js
- lines changed 165, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 1, context: html, text, full: html, text
1a0fe31189d4bbaeccc42b8f34fe12e876e189d7 Fri Feb 3 10:09:59 2017 -0800
removing debugging and old CSP1 stuff.
- lines changed 16, context: html, text, full: html, text
97e8b7ff52a2f4fb0b62d7015aab593346bc3a65 Fri Feb 3 11:48:36 2017 -0800
stripJsEmbedded is probably obsolete.
- lines changed 85, context: html, text, full: html, text
87300988042f9b370f257fddf5a3ae0d21662851 Sat Feb 4 00:12:53 2017 -0800
Fixes for early warning during ajax callback; fixes for early warning in js. Changed to not only parse to but strip out the CSP header and js-with-nonce leaving cleaner html -- should create fewer "surprises" for existing screen-scraping code.
- src/hg/lib/cart.c
- lines changed 5, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 1, context: html, text, full: html, text
87300988042f9b370f257fddf5a3ae0d21662851 Sat Feb 4 00:12:53 2017 -0800
Fixes for early warning during ajax callback; fixes for early warning in js. Changed to not only parse to but strip out the CSP header and js-with-nonce leaving cleaner html -- should create fewer "surprises" for existing screen-scraping code.
- src/hg/lib/ensGene.as
- lines changed 6, context: html, text, full: html, text
47d627a3ae7adefee58bf78255521416efcb470f Fri Feb 3 10:19:18 2017 -0800
Minor rewording based on CR, refs #18674
- src/hg/lib/fileUi.c
- lines changed 11, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/gbHeader.h
- lines changed 1, context: html, text, full: html, text
cfb1153618c1c3f959f2ffb551ad26d81ca3dfc8 Mon Jan 30 16:32:44 2017 -0800
oops fix CSP header inclusion, merge was a bit wonky.
- lines changed 1, context: html, text, full: html, text
dd1493178c354ea7170cd68c79d7d0a163768ed5 Mon Jan 30 16:37:38 2017 -0800
getting rid of unneeded newline
- src/hg/lib/genePred.as
- lines changed 6, context: html, text, full: html, text
47d627a3ae7adefee58bf78255521416efcb470f Fri Feb 3 10:19:18 2017 -0800
Minor rewording based on CR, refs #18674
- src/hg/lib/genePredExt.as
- lines changed 6, context: html, text, full: html, text
47d627a3ae7adefee58bf78255521416efcb470f Fri Feb 3 10:19:18 2017 -0800
Minor rewording based on CR, refs #18674
- src/hg/lib/googleAnalytics.c
- lines changed 4, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/gtexUi.c
- lines changed 6, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/hCommon.c
- lines changed 2, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/hCytoBand.c
- lines changed 4, context: html, text, full: html, text
431ca2b29dd35a0ebd83029e95bca9363022a037 Tue Jan 31 17:33:19 2017 -0800
fix some problems with long chrom names and the cyto band track
- src/hg/lib/hPrint.c
- lines changed 2, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/haplotypes.c
- lines changed 49, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/hgHgvs.c
- lines changed 2, context: html, text, full: html, text
dde2dc8383fa276b091e085197044a61be0ee6ac Mon Jan 30 10:44:42 2017 -0800
Fix for mapping HGVS to genome when both start and end are upstream of a transcript. Previously, both start and end were set to 0 so the transcript was 0-length and not mapped by pslTransMap. hgFixed fell through to display the whole transcript. Now it maps to the correct location. Example term: NM_016176.3:c.-562A>C
- src/hg/lib/hui.c
- lines changed 274, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 31, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- lines changed 5, context: html, text, full: html, text
d2698ab46be18b70983ab1bd3121d01cd818389a Fri Feb 3 14:53:49 2017 -0800
oops fixed a problem with bed scores
- lines changed 8, context: html, text, full: html, text
13598ccea89fe2434ea2be5aa8b9077619ceabe4 Sat Feb 4 08:44:35 2017 -0800
fix some problems with big* labels
- src/hg/lib/jWestBanner.html
- lines changed 2, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/jWestHeader.html
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/jsHelper.c
- lines changed 72, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/knownGene.as
- lines changed 6, context: html, text, full: html, text
47d627a3ae7adefee58bf78255521416efcb470f Fri Feb 3 10:19:18 2017 -0800
Minor rewording based on CR, refs #18674
- src/hg/lib/pal.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/refFlat.as
- lines changed 6, context: html, text, full: html, text
47d627a3ae7adefee58bf78255521416efcb470f Fri Feb 3 10:19:18 2017 -0800
Minor rewording based on CR, refs #18674
- src/hg/lib/sangerGene.as
- lines changed 6, context: html, text, full: html, text
47d627a3ae7adefee58bf78255521416efcb470f Fri Feb 3 10:19:18 2017 -0800
Minor rewording based on CR, refs #18674
- src/hg/lib/search.c
- lines changed 30, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/snakeUi.c
- lines changed 1, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/tablesTables.c
- lines changed 18, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/lib/trackDbCustom.c
- lines changed 2, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- lines changed 2, context: html, text, full: html, text
d2698ab46be18b70983ab1bd3121d01cd818389a Fri Feb 3 14:53:49 2017 -0800
oops fixed a problem with bed scores
- src/hg/lib/web.c
- lines changed 66, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 2, context: html, text, full: html, text
cfb1153618c1c3f959f2ffb551ad26d81ca3dfc8 Mon Jan 30 16:32:44 2017 -0800
oops fix CSP header inclusion, merge was a bit wonky.
- src/hg/makeDb/doc/bruMal1.txt
- lines changed 17, context: html, text, full: html, text
469444220a22cea814cb9e1d7cc29f36afad2ce3 Mon Jan 30 10:57:12 2017 -0800
adding liftOver to bruMal2 no redmine
- src/hg/makeDb/doc/caeSp111.txt
- lines changed 7, context: html, text, full: html, text
0afe5f67095669bdf079ffe8f45538d6885ac83c Mon Jan 30 10:58:08 2017 -0800
resetting common name no redmine
- src/hg/makeDb/doc/chlSab2/lastzRuns.txt
- lines changed 70, context: html, text, full: html, text
b7c4b27d9f96045813713fda5ef129584bad9595 Mon Jan 30 11:02:44 2017 -0800
document lastz/chain/net to rheMac2 no redmine
- src/hg/makeDb/doc/galGal5/lastzRuns.txt
- lines changed 17, context: html, text, full: html, text
aca00cf8f71fe9ee4ce9bf2964c4da670c425873 Mon Jan 30 11:08:26 2017 -0800
finish up lastz/chain/net runs for melGal5 to falPer1 and geoFor1 refs #18739
- src/hg/makeDb/doc/galGal5/variation.txt
- lines changed 93, context: html, text, full: html, text
e8a7d05183b241f1a833cf049d542c11e08e8c34 Fri Feb 3 15:21:48 2017 -0800
galGal5 snp147 release along with SNP pipeline fixes/changes, refs #16847, #18239
- src/hg/makeDb/doc/galVar1/initialBuild.txt
- lines changed 8, context: html, text, full: html, text
576128c6c0a2f0d7702b72290d8d5b602bf1cf02 Mon Jan 30 11:09:32 2017 -0800
reset default position to GULO refs #17180
- src/hg/makeDb/doc/hg38/hg38Patch9.txt
- lines changed 98, context: html, text, full: html, text
e987c33b20c6b1450b6c0829aff2d16e19b9f19d Mon Jan 30 11:11:33 2017 -0800
finish off patch9 refs #18274
- src/hg/makeDb/doc/hg38/patchDescr.pl
- lines changed 3, context: html, text, full: html, text
fefba1cf72903b09953370036f03347309df91e2 Mon Jan 30 11:11:51 2017 -0800
finish off patch9 refs #18274
- src/hg/makeDb/doc/melHap1.txt
- lines changed 5, context: html, text, full: html, text
f351dbb61024ffdccb21b52a40bc82970e8b39aa Mon Jan 30 11:43:43 2017 -0800
fixup common name no redmine
- src/hg/makeDb/doc/micOch1/initialBuild.txt
- lines changed 50, context: html, text, full: html, text
9d0dc96245478a27b3cb052677c4865e8f806dee Mon Jan 30 10:53:18 2017 -0800
catch up documentation for micOch1 build refs #9871
- src/hg/makeDb/doc/micOch1/lastzRuns.txt
- lines changed 78, context: html, text, full: html, text
9d0dc96245478a27b3cb052677c4865e8f806dee Mon Jan 30 10:53:18 2017 -0800
catch up documentation for micOch1 build refs #9871
- src/hg/makeDb/doc/monDom5.txt
- lines changed 4, context: html, text, full: html, text
c596180d1e3244635172a6623c89cff2c9bfdd82 Mon Jan 30 11:44:53 2017 -0800
finish off melGal5/monDom5 lastz/chain/net refs #18739
- src/hg/makeDb/doc/ornAna1.txt
- lines changed 15, context: html, text, full: html, text
1720e5b9586b7a4d269d0b667c6a5b2a81d55292 Mon Jan 30 11:46:11 2017 -0800
liftOver to ornAna2 refs #15098
- src/hg/makeDb/doc/panPan2/lastzRuns.txt
- lines changed 219, context: html, text, full: html, text
e561b8edf9f16bd8067e68c7140a67bac6b765e7 Mon Feb 6 09:21:25 2017 -0800
running up panTro4 and gorGor5 lastz runs refs #16036
- src/hg/makeDb/doc/rn6.txt
- lines changed 47, context: html, text, full: html, text
ded3da06b9daa8f2367666ef901d181923d48f01 Mon Jan 30 13:51:07 2017 -0800
script to work up composite chainNet trackDb from lists of species refs #18656
- lines changed 2, context: html, text, full: html, text
009d40b43ba265c71c19062b3058f0f8aa1e34e3 Tue Jan 31 13:30:40 2017 -0800
correct comments in 20 way headings refs #18656
- src/hg/makeDb/doc/taeGut2.txt
- lines changed 1, context: html, text, full: html, text
59a5a56f6270ee6538bdaec401080a5409c722a5 Mon Jan 30 11:47:14 2017 -0800
finish off taeGut2/melGal5 lastz/chain/net refs #18739
- src/hg/makeDb/doc/ucscGenes/mm10.ucscGenes16.csh
- lines changed 1, context: html, text, full: html, text
54c169c4625a0592c737853f2c7907b619cfe11d Mon Jan 30 11:43:28 2017 -0800
add note to mm10 ucsc genes doc to use new method to build Pfam tables
- src/hg/makeDb/genbank/etc/align.dbs
- lines changed 1, context: html, text, full: html, text
838df62dad1ec9e60a739a211277e5719c1e89c1 Wed Feb 1 15:53:24 2017 -0800
Added colAng1 - Angolan colobus - Colobus angolensis palliatus - refs #17545
- src/hg/makeDb/genbank/etc/hgwdev.dbs
- lines changed 1, context: html, text, full: html, text
838df62dad1ec9e60a739a211277e5719c1e89c1 Wed Feb 1 15:53:24 2017 -0800
Added colAng1 - Angolan colobus - Colobus angolensis palliatus - refs #17545
- src/hg/makeDb/schema/all.joiner
- lines changed 2, context: html, text, full: html, text
1c99dc9ac1e66b1ec169f25f3e9f8d24b9165410 Wed Feb 1 15:34:52 2017 -0800
Demoting keggPathway.kgID in identifier knownGeneId because it covers only about a quarter of kgIDs, but was picked preferentially to knownToLocusLink because it appeared first. refs #18586
- src/hg/makeDb/trackDb/augustusGene.html
- lines changed 1, context: html, text, full: html, text
4968194715b339f298921cd4d1360ddbcb5cf599 Mon Feb 6 08:15:17 2017 -0800
Updating the Stanke Lab URL since they migrated their website.
- src/hg/makeDb/trackDb/baboon/papAnu2/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/baboon/papHam1/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/bonobo/panPan1/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/cat/felCat4/trackDb.ra
- lines changed 14, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/cat/felCat5/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/chicken/galGal4/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/chicken/snp147.html
- lines changed 23, context: html, text, full: html, text
251fd0c1eafb68785015a450cf2f36fccab54d52 Fri Feb 3 15:55:45 2017 -0800
galGal5 snp147 needs html pages badly, refs #16847
- src/hg/makeDb/trackDb/chicken/snp147.shared.html
- lines changed 425, context: html, text, full: html, text
251fd0c1eafb68785015a450cf2f36fccab54d52 Fri Feb 3 15:55:45 2017 -0800
galGal5 snp147 needs html pages badly, refs #16847
- src/hg/makeDb/trackDb/chicken/snp147Common.html
- lines changed 28, context: html, text, full: html, text
251fd0c1eafb68785015a450cf2f36fccab54d52 Fri Feb 3 15:55:45 2017 -0800
galGal5 snp147 needs html pages badly, refs #16847
- src/hg/makeDb/trackDb/chicken/snp147Flagged.html
- lines changed 29, context: html, text, full: html, text
251fd0c1eafb68785015a450cf2f36fccab54d52 Fri Feb 3 15:55:45 2017 -0800
galGal5 snp147 needs html pages badly, refs #16847
- src/hg/makeDb/trackDb/chicken/snp147Mult.html
- lines changed 25, context: html, text, full: html, text
251fd0c1eafb68785015a450cf2f36fccab54d52 Fri Feb 3 15:55:45 2017 -0800
galGal5 snp147 needs html pages badly, refs #16847
- src/hg/makeDb/trackDb/chimp/panTro1/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/chimp/panTro2/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/chimp/panTro3/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/chimp/panTro4/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/drosophila/dm2/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/drosophila/dm6/trackDb.ra
- lines changed 14, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/guineaPig/cavPor3/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/horse/trackDb.ra
- lines changed 14, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/human/hg16/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/human/hg17/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/human/hg18/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/human/hg19/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/human/hg19/exac.html
- lines changed 16, context: html, text, full: html, text
256579fbe29703bb1b69507f8f46efe8a621771a Fri Jan 13 11:13:41 2017 -0800
Adding data access sections to ExAc and tgpPhase3Accessibility tracks for hg19, refs #18639
- lines changed 10, context: html, text, full: html, text
b518ca995f185b6749521cd9d523740c58eac162 Fri Jan 13 11:17:54 2017 -0800
Commiting again since it appears my latest changes didn't get added with my last commit, refs #18639
- lines changed 3, context: html, text, full: html, text
7f5a850e6b74bb8d8434e2df3e698a60b3eb2510 Thu Feb 2 11:46:35 2017 -0800
Forgot to remove the mention of hgVai from the ExAc data access section.
- src/hg/makeDb/trackDb/human/hg19/tgpPhase3Accessibility.html
- lines changed 17, context: html, text, full: html, text
256579fbe29703bb1b69507f8f46efe8a621771a Fri Jan 13 11:13:41 2017 -0800
Adding data access sections to ExAc and tgpPhase3Accessibility tracks for hg19, refs #18639
- lines changed 7, context: html, text, full: html, text
b518ca995f185b6749521cd9d523740c58eac162 Fri Jan 13 11:17:54 2017 -0800
Commiting again since it appears my latest changes didn't get added with my last commit, refs #18639
- lines changed 3, context: html, text, full: html, text
f653e7c19065d120531ff3f7c462fbd033c87578 Thu Feb 2 11:08:51 2017 -0800
Removing mention of hgVai from Data Access sections since they are irrelevant for these tracks. I also noticed that I never added a data access section to spAnnot.html, so I have added it as well.
- src/hg/makeDb/trackDb/human/hg38/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/human/hg38/trackDb.ra
- lines changed 2, context: html, text, full: html, text
21ab52f6d620cb279174122ba52d887c754ef31c Mon Jan 30 14:18:53 2017 -0800
Moving new RefSeq composite into its own separate .ra file. Adding include to hg/track.ra file. Adding new html page for composite track. refs #13673
- lines changed 20, context: html, text, full: html, text
965dbf5fabf2bbf041fe65f449a475704e54067e Tue Jan 31 15:27:22 2017 -0800
adding Curated and Predicted search rules for ncbiRefSeq refs #13673
- lines changed 10, context: html, text, full: html, text
7a77be9376f2f9c7829be5acb659eb32c6cbbd2b Wed Feb 1 16:11:46 2017 -0800
fixup search rule for ncbiRefSeqMrna refs #13673
- src/hg/makeDb/trackDb/marmoset/calJac1/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/marmoset/calJac3/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/micOch/micOch1/trackDb.ra
- lines changed 5, context: html, text, full: html, text
d3526be1b8da33f949cced0dc28b411ee3e47b26 Mon Jan 30 10:55:19 2017 -0800
setup gold table search rule refs #9871
- src/hg/makeDb/trackDb/mouse/mm10/defaultPriority.ra
- lines changed 12, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/mouse/mm10/trackDb.ra
- lines changed 2, context: html, text, full: html, text
ecc502fef5fa82716bb0f609484a2b39469d9c07 Tue Jan 31 13:19:56 2017 -0800
Forgot to commit rn4 defaultPriority change with rest of files yesterday. Forgot to commit mm10 changes with hg38 change yesterday, refs #13673
- src/hg/makeDb/trackDb/mouse/mm7/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/mouse/mm8/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/mouse/mm9/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/oldWorldMonkeys/colAng1/trackDb.ra
- lines changed 5, context: html, text, full: html, text
afdcf49ed2769a475e844e0f6fe465ff53236686 Wed Feb 1 15:57:34 2017 -0800
adding search rule for gold table refs #17545
- src/hg/makeDb/trackDb/orangutan/ponAbe2/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/pig/susScr3/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/rabbit/oryCun2/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/rat/rn3/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/rat/rn4/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
ecc502fef5fa82716bb0f609484a2b39469d9c07 Tue Jan 31 13:19:56 2017 -0800
Forgot to commit rn4 defaultPriority change with rest of files yesterday. Forgot to commit mm10 changes with hg38 change yesterday, refs #13673
- src/hg/makeDb/trackDb/rat/rn5/defaultPriority.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/rat/rn6/cons20way.html
- lines changed 7, context: html, text, full: html, text
46771e0f81b4ba0f12a56d168ae72fbd4cf5c19d Tue Jan 31 10:56:56 2017 -0800
Replacing the quote character " with the html name, refs #18656
- lines changed 24, context: html, text, full: html, text
72fdcf84bb94c249c591d585d86ca3af19c9bec2 Tue Jan 31 11:12:07 2017 -0800
Editing errors in References section of the track description, refs #18656
- src/hg/makeDb/trackDb/rat/rn6/defaultPriority.ra
- lines changed 12, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/rat/rn6/trackDb.20way.ra
- lines changed 1, context: html, text, full: html, text
f2200d727986b1b640daa1d85efc0c07aa2c5196 Thu Feb 2 14:31:16 2017 -0800
Reordering organisms in the Multiz Alignment configuration box to match the correct phylogenetic order, refs #18656
- src/hg/makeDb/trackDb/rat/trackDb.ra
- lines changed 12, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/refSeqComposite.html
- lines changed 147, context: html, text, full: html, text
21ab52f6d620cb279174122ba52d887c754ef31c Mon Jan 30 14:18:53 2017 -0800
Moving new RefSeq composite into its own separate .ra file. Adding include to hg/track.ra file. Adding new html page for composite track. refs #13673
- src/hg/makeDb/trackDb/refSeqComposite.ra
- lines changed 136, context: html, text, full: html, text
21ab52f6d620cb279174122ba52d887c754ef31c Mon Jan 30 14:18:53 2017 -0800
Moving new RefSeq composite into its own separate .ra file. Adding include to hg/track.ra file. Adding new html page for composite track. refs #13673
- lines changed 10, context: html, text, full: html, text
7a77be9376f2f9c7829be5acb659eb32c6cbbd2b Wed Feb 1 16:11:46 2017 -0800
fixup search rule for ncbiRefSeqMrna refs #13673
- src/hg/makeDb/trackDb/rhesus/rheMac2/defaultPriority.ra
- lines changed 14, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/rhesus/rheMac3/defaultPriority.ra
- lines changed 14, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/spAnnot.html
- lines changed 25, context: html, text, full: html, text
f653e7c19065d120531ff3f7c462fbd033c87578 Thu Feb 2 11:08:51 2017 -0800
Removing mention of hgVai from Data Access sections since they are irrelevant for these tracks. I also noticed that I never added a data access section to spAnnot.html, so I have added it as well.
- src/hg/makeDb/trackDb/spMut.html
- lines changed 14, context: html, text, full: html, text
00b134aad50a102e8a137ebb87e9576a2e7a4b62 Fri Jan 13 12:43:11 2017 -0800
Updating Data access section of Uniprot tracks to be consistant with the snp tracks, refs #18639
- lines changed 1, context: html, text, full: html, text
ff1e93064be21c6ddf797fdf4202e7d26eabc51e Fri Jan 13 12:48:04 2017 -0800
Changing 'our download server' to 'the download server', refs #18639
- lines changed 3, context: html, text, full: html, text
f653e7c19065d120531ff3f7c462fbd033c87578 Thu Feb 2 11:08:51 2017 -0800
Removing mention of hgVai from Data Access sections since they are irrelevant for these tracks. I also noticed that I never added a data access section to spAnnot.html, so I have added it as well.
- src/hg/makeDb/trackDb/spUniprot.html
- lines changed 20, context: html, text, full: html, text
00b134aad50a102e8a137ebb87e9576a2e7a4b62 Fri Jan 13 12:43:11 2017 -0800
Updating Data access section of Uniprot tracks to be consistant with the snp tracks, refs #18639
- lines changed 1, context: html, text, full: html, text
ff1e93064be21c6ddf797fdf4202e7d26eabc51e Fri Jan 13 12:48:04 2017 -0800
Changing 'our download server' to 'the download server', refs #18639
- lines changed 4, context: html, text, full: html, text
f653e7c19065d120531ff3f7c462fbd033c87578 Thu Feb 2 11:08:51 2017 -0800
Removing mention of hgVai from Data Access sections since they are irrelevant for these tracks. I also noticed that I never added a data access section to spAnnot.html, so I have added it as well.
- src/hg/makeDb/trackDb/squirt/ci1/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/squirt/ci2/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/squirt/cioSav2/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/tagTypes.tab
- lines changed 1, context: html, text, full: html, text
aafec239883e640f1587941d72e2204673366aa3 Fri Feb 3 16:05:28 2017 -0800
some doc for labelFields
- src/hg/makeDb/trackDb/trackDb.genbank.ra
- lines changed 1, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/trackDb.ra
- lines changed 161, context: html, text, full: html, text
21ab52f6d620cb279174122ba52d887c754ef31c Mon Jan 30 14:18:53 2017 -0800
Moving new RefSeq composite into its own separate .ra file. Adding include to hg/track.ra file. Adding new html page for composite track. refs #13673
- lines changed 90, context: html, text, full: html, text
e8a7d05183b241f1a833cf049d542c11e08e8c34 Fri Feb 3 15:21:48 2017 -0800
galGal5 snp147 release along with SNP pipeline fixes/changes, refs #16847, #18239
- src/hg/makeDb/trackDb/worm/ce11/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/worm/ce4/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/makeDb/trackDb/zebrafish/danRer10/trackDb.ra
- lines changed 13, context: html, text, full: html, text
8261e9a4bc3e3cd53d26afeefd0a8e2d95b1719f Mon Jan 30 14:20:17 2017 -0800
Removing overrides now that refSeqComposite stuff is in its own separate ra file, refs #13673
- src/hg/near/hgNear/hgNear.c
- lines changed 19, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/near/hgNear/userSettings.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/oneShot/freen/freen.c
- lines changed 26, context: html, text, full: html, text
e48c96b0879062b9cf58a000511f47a35ef8c99d Fri Jan 27 11:58:42 2017 -0800
Freen helps fix a tagStorm issue.
- lines changed 39, context: html, text, full: html, text
a7e2311553eb5a53cd705a87246fe3879451b9a8 Sat Jan 28 09:38:26 2017 -0800
Freen explores max/min values of various integer types.
- src/hg/protein/lib/domains.c
- lines changed 3, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/qaPushQ/qaPushQ.c
- lines changed 8, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/hg/snp/snpLoad/snpNcbiToUcsc.c
- lines changed 6, context: html, text, full: html, text
e8a7d05183b241f1a833cf049d542c11e08e8c34 Fri Feb 3 15:21:48 2017 -0800
galGal5 snp147 release along with SNP pipeline fixes/changes, refs #16847, #18239
- src/hg/utils/automation/doDbSnp.pl
- lines changed 69, context: html, text, full: html, text
e8a7d05183b241f1a833cf049d542c11e08e8c34 Fri Feb 3 15:21:48 2017 -0800
galGal5 snp147 release along with SNP pipeline fixes/changes, refs #16847, #18239
- src/hg/utils/phyloTrees/chainNetCompositeTrackDb.pl
- lines changed 164, context: html, text, full: html, text
ded3da06b9daa8f2367666ef901d181923d48f01 Mon Jan 30 13:51:07 2017 -0800
script to work up composite chainNet trackDb from lists of species refs #18656
- src/hg/visiGene/hgVisiGene/hgVisiGene.c
- lines changed 17, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/inc/basicBed.h
- lines changed 1, context: html, text, full: html, text
5be304c4bdd41bd4452a4b9f1b8fcf37930079e4 Fri Feb 3 11:09:59 2017 -0800
allow arbitrary fields with a bigBed file to be used for labels. #18782
- src/inc/cheapcgi.h
- lines changed 41, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/inc/common.h
- lines changed 9, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/inc/htmshell.h
- lines changed 9, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/inc/obscure.h
- lines changed 4, context: html, text, full: html, text
512bdb5be1e4939ebe0b8161e8810fae28ee57f6 Sat Jan 28 15:51:41 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/lib/cheapcgi.c
- lines changed 334, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- src/lib/common.c
- lines changed 60, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/lib/htmshell.c
- lines changed 260, context: html, text, full: html, text
a53b9958fa734f73aeffb9ddfe2fbad1ca65f90c Mon Jan 30 16:18:41 2017 -0800
Check-in of CSP2 Content-Security-Policy work. All C-language CGIs should now support CSP2 in browser to stop major forms of XSS javascript injection. Javascript on pages is gathered together, and then emitted in a single script block at the end with a nonce that tells the browser, this is js that we generated instead of being injected by a hacker. Both inline script from script blocks and inline js event handlers had to be pulled out and separated. You will not see js sprinkled through-out the page now. Older browsers that support CSP1 or that do not understand CSP at all will still work, just without protection. External js libraries loaded at runtime need to be added to the CSP policy header in src/lib/htmshell.c.
- lines changed 1, context: html, text, full: html, text
f8b16feaacf8742673d634e6584ddd37ca5caa2a Thu Feb 2 14:13:51 2017 -0800
Fixing missing ajax transfer in hgTracks popup hgTrackUi js. Note this should basically pick up the equivalent of inline event handlers like onclick= stuff.
- lines changed 22, context: html, text, full: html, text
39c1c15163cf86529fdcb102535f639da0bd89f5 Sun Feb 5 00:04:41 2017 -0800
Dealing with warnings messages that overflow the 1024 limit buffer. Fullsize warning message still appears in the error log.
- src/lib/obscure.c
- lines changed 21, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/product/minimal.hg.conf
- lines changed 6, context: html, text, full: html, text
a492898900b4ed6ce4a85311e60ded54f44c5e3d Wed Feb 1 13:49:50 2017 -0800
Adding info to minimal hg.conf example file after Cath ran into problems on a mirror, refs #18734
- src/tagStorm/tagStormCheck/tagStormCheck.c
- lines changed 17, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/tagStorm/tagStormFromTab/tagStormFromTab.c
- lines changed 8, context: html, text, full: html, text
963173bfa54e6242b5374081e8180cc074b6f0d1 Sat Jan 28 09:37:31 2017 -0800
Making tagTypeInfoAdd only be called for non-null data (which previously was preventing some fields from being classified as numeric.)
- lines changed 13, context: html, text, full: html, text
7d04ab16e6ff96c31b47092f57e775d4df25bf14 Mon Jan 30 10:46:57 2017 -0800
Improving comment.
- src/tagStorm/tagStormHoist/expected.out
- lines changed 49, context: html, text, full: html, text
ac2b9da7720179461d6090d79c45a5edebac1327 Tue Jan 24 10:36:14 2017 -0800
Updating test set
- src/tagStorm/tagStormHoist/test.in
- lines changed 1, context: html, text, full: html, text
ac2b9da7720179461d6090d79c45a5edebac1327 Tue Jan 24 10:36:14 2017 -0800
Updating test set
- src/tagStorm/tagStormInfo/tagStormInfo.c
- lines changed 12, context: html, text, full: html, text
26ba96b7f67ea72bbc737211e5a7a475ece5754e Sat Jan 28 15:51:13 2017 -0800
Removing the kind of inconvenient and flaky-about-escapes function nextWordRespectingQuotes in common.h and replacing it with calls to the easier less flaky (and older) function nextQuotedWord in obscure.h. This fixed a bug in tagStormCheck which didn't deal with escapes in quoted strings right. Also added BIGLONGLONG to common.h for use similar to BIGNUM. Thought I'd need it in tagStormInfo to fix a bug in schema, but it turned out to be floating point rounding instead.
- src/utils/makefile
- lines changed 1, context: html, text, full: html, text
e389eb50196642451dddefc590269dcc61ba5bc8 Thu Jan 26 15:11:49 2017 -0800
Making a little tab-separated-file RQL query utility.
- src/utils/qa/getPubHubContact.sh
- lines changed 20, context: html, text, full: html, text
607f1da495428c8c0dff8245428cacb9ede44671 Thu Feb 2 10:09:50 2017 -0800
Add new check so that old contact file won't get deleted when it and the new contact file are different by more than 5 lines. Will throw an error if this is the case. refs #18316
- lines changed 1, context: html, text, full: html, text
92a5d7bbd9c296362f89607d37df5ae238c28825 Thu Feb 2 10:11:24 2017 -0800
accidentally commented out set line in previous commit, no redmine
- src/utils/tabQuery/makefile
- lines changed 3, context: html, text, full: html, text
c3ae1343e5d17d6b9d4b07b65782dce3b7f6afe7 Thu Jan 26 15:11:14 2017 -0800
Making a little tab-separated-file RQL query utility.
- src/utils/tabQuery/tabQuery.c
- lines changed 141, context: html, text, full: html, text
c3ae1343e5d17d6b9d4b07b65782dce3b7f6afe7 Thu Jan 26 15:11:14 2017 -0800
Making a little tab-separated-file RQL query utility.
- lines changed: 6630
- files changed: 264