On Dec 31, 2009, at 10:28 AM, Jeremy Cowgar wrote: > For those who do not follow the commit logs, I just made a change to > the way security works in the timeline. I wanted to make everyone > aware of the change. > > Here is the commit log entry (with an additional note for clarity): > > ---- > > Changed security for timeline. To view the timeline, you must now > have History access (previously you needed Check-out access). The > timeline will then display only items which you have access to. > "o" (Check-out) is required for source history, "j" (Read-Wiki) is > required for Wiki history and "r" (Read-Tkt) is required for Ticket > history.
This change makes it so that it is impossible to see the timeline without first logging in as anonymous. I consider that unacceptable. The purpose of the "history" capability is to turn off hyperlinks - nothing more. The idea is that for user "nobody" (which is the user that all spiders will have) none of the hyperlinks will be visible and so msnbot and Googlebot won't burn through gigabytes of bandwidth downloading diffs of every historical version of a project. User "nobody" should be able to see the timeline. They just shouldn't have any hyperlinks on the timeline page. D. Richard Hipp d...@hwaci.com _______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
