On Fri, May 13, 2016 at 11:45 AM, Warren Young <w...@etr-usa.com> wrote:
> On May 12, 2016, at 5:38 PM, Ron W <ronw.m...@gmail.com> wrote: > > The update would be to the same repo as the commit, so the URL would be " > http://localhost:8080/tktedit"; so credentials would not be needed. > > Credential lookup is cookie-based. If I make an HTTP query through TH1 > back to the same server, will Fossil provide that cookie? If not, then the > remote Fossil will reject the request since it’s effectively coming in as > anonymous. > > Without that cookie, fossil server doesn’t know that fossil client is > logged in. When the Fossil server is started with "fossil ui path/to/repo &", Fossil (a) accepts only connections from localhost, and (b) assumes the user who started the server is the is the user making the ticket update (or other web UI operation). (This behavior of Fossil can be disabled, but is the "out of the box" default.)
_______________________________________________ fossil-users mailing list fossil-users@lists.fossil-scm.org http://lists.fossil-scm.org:8080/cgi-bin/mailman/listinfo/fossil-users
