Web UI nonces are now base64-encoded, and have a shorter key.

author Richard Kettlewell <rjk@greenend.org.uk>

Thu, 10 Jan 2008 21:11:02 +0000 (21:11 +0000)

committer Richard Kettlewell <rjk@greenend.org.uk>

Thu, 10 Jan 2008 21:11:02 +0000 (21:11 +0000)
author Richard Kettlewell <rjk@greenend.org.uk>
Thu, 10 Jan 2008 21:11:02 +0000 (21:11 +0000)
committer Richard Kettlewell <rjk@greenend.org.uk>
Thu, 10 Jan 2008 21:11:02 +0000 (21:11 +0000)
diff --git a/server/dcgi.c b/server/dcgi.c

index 81b6943aecbac6aeb7f40cd5277ec9234678609d..b7a8508a718d05f40d3c2c199640122c7cef7f66 100644 (file)
--- a/server/dcgi.c
+++ b/server/dcgi.c
@@ -57,6 +57,7 @@
  #include "url.h"
  #include "mime.h"
  #include "sendmail.h"
  #include "url.h"
  #include "mime.h"
  #include "sendmail.h"
+#include "base64.h"
  
  char *login_cookie;
  
  
  char *login_cookie;
  
@@ -73,15 +74,23 @@ struct entry {
    const char *display;
  };
  
    const char *display;
  };
  
+static const char nonce_base64_table[] =
+  "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-/*";
+
  static const char *nonce(void) {
  static const char *nonce(void) {
-  static unsigned long count;
-  char *s;
-
-  byte_xasprintf(&s, "%lx%lx%lx",
-          (unsigned long)time(0),
-          (unsigned long)getpid(),
-          count++);
-  return s;
+  static uint32_t count;
+
+  struct ndata {
+    uint16_t count;
+    uint16_t pid;
+    uint32_t when;
+  } nd;
+
+  nd.count = count++;
+  nd.pid = (uint32_t)getpid();
+  nd.when = (uint32_t)time(0);
+  return generic_to_base64((void *)&nd, sizeof nd,
+                          nonce_base64_table);
  }
  
  static int compare_entry(const void *a, const void *b) {
  }
  
  static int compare_entry(const void *a, const void *b) {
diff --git a/templates/choose.html b/templates/choose.html

index db8c257802321ab72d65615117510debf4ad838c..e466975ea7a8819f0bf118286081b6ebba6db41c 100644 (file)
--- a/templates/choose.html
+++ b/templates/choose.html
@@ -118,7 +118,7 @@ USA
     @if{@ne{@arg:directory@}{}@}{
     <p class=directoryname>@navigate{@arg:directory@}{/<a
     class=thisdirectory
     @if{@ne{@arg:directory@}{}@}{
     <p class=directoryname>@navigate{@arg:directory@}{/<a
     class=thisdirectory
-   href="@url@?action=choose&#38;directory=@urlquote{@fullname@}@&#38;nonce=@nonce@">@basename@</a>}@:</p>
+   href="@url@?action=choose&#38;directory=@urlquote{@fullname@}@&#38;n=@nonce@">@basename@</a>}@:</p>
     }@
  
     @if{@isdirectories@}{
     }@
  
     @if{@isdirectories@}{
@@ -129,7 +129,7 @@ USA
      @choose{directories}{
      <p class=directory>
       <a class=directory
      @choose{directories}{
      <p class=directory>
       <a class=directory
-     href="@url@?action=choose&#38;directory=@urlquote{@file@}@&#38;nonce=@nonce@"
+     href="@url@?action=choose&#38;directory=@urlquote{@file@}@&#38;n=@nonce@"
       title="@label:choose.directory@">
       <img class=button
        src="@image:directory@"
       title="@label:choose.directory@">
       <img class=button
        src="@image:directory@"
@@ -148,13 +148,13 @@ USA
      @choose{files}{
      <p class=file>
      @right{prefs}{<a class=imgprefs
      @choose{files}{
      <p class=file>
      @right{prefs}{<a class=imgprefs
-     href="@url@?action=prefs&#38;0_file=@urlquote{@resolve{@file@}@}@&#38;nonce=@nonce@"
+     href="@url@?action=prefs&#38;0_file=@urlquote{@resolve{@file@}@}@&#38;n=@nonce@"
       ><img class=button
        src="@image:edit@"
        title="@label:choose.prefsverbose@"
        alt="@label:choose.prefs@"></a>}@
       <a class=file
       ><img class=button
        src="@image:edit@"
        title="@label:choose.prefsverbose@"
        alt="@label:choose.prefs@"></a>}@
       <a class=file
-     href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;nonce=@nonce@"
+     href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;n=@nonce@"
       title="@label:choose.play@">@transform{@file@}{track}{display}@</a>
       @if{@eq{@trackstate{@file@}@}{playing}@}{[<b>playing</b>]}@
       @if{@eq{@trackstate{@file@}@}{queued}@}{[<b>queued</b>]}@
       title="@label:choose.play@">@transform{@file@}{track}{display}@</a>
       @if{@eq{@trackstate{@file@}@}{playing}@}{[<b>playing</b>]}@
       @if{@eq{@trackstate{@file@}@}{queued}@}{[<b>queued</b>]}@
@@ -162,12 +162,12 @@ USA
      }@
      <p class=allfiles>
       @right{prefs}{<a class=imgprefs
      }@
      <p class=allfiles>
       @right{prefs}{<a class=imgprefs
-     href="@url@?action=prefs&#38;directory=@urlquote{@arg:directory@}@&#38;nonce=@nonce@&#38;back=@urlquote{@thisurl@}@"
+     href="@url@?action=prefs&#38;directory=@urlquote{@arg:directory@}@&#38;n=@nonce@&#38;back=@urlquote{@thisurl@}@"
       ><img class=button 
        src="@image:edit@"
        title="@label:choose.allprefsverbose@"
        alt="@label:choose.allprefs@"></a>}@
       ><img class=button 
        src="@image:edit@"
        title="@label:choose.allprefsverbose@"
        alt="@label:choose.allprefs@"></a>}@
-     <a class=allfiles href="@url@?action=play&#38;directory=@urlquote{@arg:directory@}@&#38;nonce=@nonce@&#38;back=@urlquote{@thisurl@}@">
+     <a class=allfiles href="@url@?action=play&#38;directory=@urlquote{@arg:directory@}@&#38;n=@nonce@&#38;back=@urlquote{@thisurl@}@">
        @label:choose.playall@
       </a>
      </p>
        @label:choose.playall@
       </a>
      </p>
diff --git a/templates/help.html b/templates/help.html

index 53c6169a06d7e63211987176c91d714d0581c729..135c037e73962eb0d3cb8d0169e399e57d7e97f0 100644 (file)
--- a/templates/help.html
+++ b/templates/help.html
@@ -192,9 +192,9 @@ USA
      </table>
  
      <p>This screen has two forms: <a
      </table>
  
      <p>This screen has two forms: <a
-    href="@url@?action=choose&#38;nonce=@nonce@">choose</a>, which give
+    href="@url@?action=choose&#38;n=@nonce@">choose</a>, which give
      you all the top-level directories at once, and <a
      you all the top-level directories at once, and <a
-    href="@url@?action=choosealpha&#38;nonce=@nonce@">choosealpha</a>,
+    href="@url@?action=choosealpha&#38;n=@nonce@">choosealpha</a>,
      which breaks them down by initial letter.</p>
  
      <p>This screen will may not be available if you are not logged in
      which breaks them down by initial letter.</p>
  
      <p>This screen will may not be available if you are not logged in
diff --git a/templates/new.html b/templates/new.html

index 49746ce26ff81fd8f6e27ec11f16133ba1d7f21c..52bac0e6981ca734f611e2aa5ded387790c0b048 100644 (file)
--- a/templates/new.html
+++ b/templates/new.html
@@ -54,14 +54,14 @@ USA
         >@part{short}{album}@</span>}@</td>
       <td class=title>@right{play}{<a class=file
         title="@part{title}@"
         >@part{short}{album}@</span>}@</td>
       <td class=title>@right{play}{<a class=file
         title="@part{title}@"
-       href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;nonce=@nonce@"
+       href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;n=@nonce@"
         >@part{short}{title}@</a>}{<span class=file
         title="@part{title}@"
         >@part{short}{title}@</span>}@</td>
       <td class=length>@length@</td>
  @right{prefs}{
       <td class=imgbutton><a class=imgbutton
         >@part{short}{title}@</a>}{<span class=file
         title="@part{title}@"
         >@part{short}{title}@</span>}@</td>
       <td class=length>@length@</td>
  @right{prefs}{
       <td class=imgbutton><a class=imgbutton
-      href="@url@?action=prefs&#38;nonce=@nonce@&#38;0_file=@urlquote{@file@}@"><img
+      href="@url@?action=prefs&#38;n=@nonce@&#38;0_file=@urlquote{@file@}@"><img
         class=button src="@image:edit@"
         title="@label:choose.prefsverbose@"
         alt="@label:choose.prefs@"></a></td>
         class=button src="@image:edit@"
         title="@label:choose.prefsverbose@"
         alt="@label:choose.prefs@"></a></td>
diff --git a/templates/playing.html b/templates/playing.html

index b53c2c02492145d25ade4bd895a7ef0629f3103c..c75a7d65bb783c8094918bf55d778a035e4db7fa 100644 (file)
--- a/templates/playing.html
+++ b/templates/playing.html
@@ -35,7 +35,7 @@ USA
      <!-- paused -->
      <span class=button>
      <a class=button
      <!-- paused -->
      <span class=button>
      <a class=button
-    href="@url@?action=resume&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=resume&#38;n=@nonce@&#38;mgmt=true"
       title="@label:playing.resumeverbose@">@label:playing.pause@</a>
      </a>
      </span>
       title="@label:playing.resumeverbose@">@label:playing.pause@</a>
      </a>
      </span>
@@ -44,7 +44,7 @@ USA
      <!-- not paused -->
      <span class=button>
      <a class=button
      <!-- not paused -->
      <span class=button>
      <a class=button
-    href="@url@?action=pause&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=pause&#38;n=@nonce@&#38;mgmt=true"
       title="@label:playing.pauseverbose@">@label:playing.pause@</a>
      </a>
      </span>
       title="@label:playing.pauseverbose@">@label:playing.pause@</a>
      </a>
      </span>
@@ -54,7 +54,7 @@ USA
      <!-- random played enabled -->
      <span class=button>
      <a class=button
      <!-- random played enabled -->
      <span class=button>
      <a class=button
-    href="@url@?action=random-disable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=random-disable&#38;n=@nonce@&#38;mgmt=true"
       title="@label:playing.randomdisableverbose@">@label:playing.random@</a>
      </a>
      </span>
       title="@label:playing.randomdisableverbose@">@label:playing.random@</a>
      </a>
      </span>
@@ -63,7 +63,7 @@ USA
      <!-- random played disabled -->
      <span class=button>
      <a class=button
      <!-- random played disabled -->
      <span class=button>
      <a class=button
-    href="@url@?action=random-enable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=random-enable&#38;n=@nonce@&#38;mgmt=true"
       title="@label:playing.randomenableverbose@">@label:playing.random@</a>
      </a>
      </span>
       title="@label:playing.randomenableverbose@">@label:playing.random@</a>
      </a>
      </span>
@@ -73,7 +73,7 @@ USA
      <!-- playing enabled -->
      <span class=button>
      <a class=button
      <!-- playing enabled -->
      <span class=button>
      <a class=button
-    href="@url@?action=disable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=disable&#38;n=@nonce@&#38;mgmt=true"
       title="@label:playing.disableverbose@">@label:playing.playing@</a>
      </a>
      </span>
       title="@label:playing.disableverbose@">@label:playing.playing@</a>
      </a>
      </span>
@@ -82,7 +82,7 @@ USA
      <!-- playing disabled -->
      <span class=button>
      <a class=button
      <!-- playing disabled -->
      <span class=button>
      <a class=button
-    href="@url@?action=enable&#38;nonce=@nonce@&#38;mgmt=true"
+    href="@url@?action=enable&#38;n=@nonce@&#38;mgmt=true"
       title="@label:playing.enableverbose@">@label:playing.playing@</a>
      </a>
      </span>
       title="@label:playing.enableverbose@">@label:playing.playing@</a>
      </a>
      </span>
@@ -157,7 +157,7 @@ USA
         title="@part{title}@">@part{short}{title}@</span></td>
        <td class=length>@length@</td>
        <td class=imgbutton>@if{@scratchable@}{<a class=imgbutton
         title="@part{title}@">@part{short}{title}@</span></td>
        <td class=length>@length@</td>
        <td class=imgbutton>@if{@scratchable@}{<a class=imgbutton
-       href="@url@?action=scratch&#38;nonce=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
+       href="@url@?action=scratch&#38;n=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
         class=button src="@image:scratch@"
         title="@label:playing.scratchverbose@"
         alt="@label:playing.scratch@"></a>}{<img
         class=button src="@image:scratch@"
         title="@label:playing.scratchverbose@"
         alt="@label:playing.scratch@"></a>}{<img
@@ -196,7 +196,7 @@ USA
         title="@part{title}@">@part{short}{title}@</span></td>
        <td class=length>@length@</td>
        <td class=imgbutton>@if{@removable@}{<a class=imgbutton
         title="@part{title}@">@part{short}{title}@</span></td>
        <td class=length>@length@</td>
        <td class=imgbutton>@if{@removable@}{<a class=imgbutton
-       href="@url@?action=remove&#38;nonce=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
+       href="@url@?action=remove&#38;n=@nonce@&#38;id=@id@&#38;mgmt=@arg:mgmt@"><img
         class=button src="@image:scratch@"
         title="@label:playing.removeverbose@" 
         alt="@label:playing.remove@"></a>}{<img
         class=button src="@image:scratch@"
         title="@label:playing.removeverbose@" 
         alt="@label:playing.remove@"></a>}{<img
@@ -220,13 +220,13 @@ USA
       <!-- can move up -->
       <td class=imgbutton>
        <a class=imgbutton
       <!-- can move up -->
       <td class=imgbutton>
        <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=2147483647&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=2147483647&#38;mgmt=true"><img
         class=button src="@image:upall@"
         title="@label:playing.upallverbose@"
         alt="@label:playing.upall@"></a>
       <td class=imgbutton>
       <a class=imgbutton
         class=button src="@image:upall@"
         title="@label:playing.upallverbose@"
         alt="@label:playing.upall@"></a>
       <td class=imgbutton>
       <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=1&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=1&#38;mgmt=true"><img
         class=button src="@image:up@"
         title="@label:playing.upverbose@" alt="@label:playing.up@"></a>
           }@
         class=button src="@image:up@"
         title="@label:playing.upverbose@" alt="@label:playing.up@"></a>
           }@
@@ -246,13 +246,13 @@ USA
       <!-- can move down -->
       <td class=imgbutton>
        <a class=imgbutton
       <!-- can move down -->
       <td class=imgbutton>
        <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=-2147483647&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=-2147483647&#38;mgmt=true"><img
         class=button src="@image:downall@"
         title="@label:playing.downallverbose@"
         alt="@label:playing.downall@"></a>
       <td class=imgbutton>
       <a class=imgbutton
         class=button src="@image:downall@"
         title="@label:playing.downallverbose@"
         alt="@label:playing.downall@"></a>
       <td class=imgbutton>
       <a class=imgbutton
-        href="@url@?action=move&#38;nonce=@nonce@&#38;id=@id@&#38;delta=-1&#38;mgmt=true"><img
+        href="@url@?action=move&#38;n=@nonce@&#38;id=@id@&#38;delta=-1&#38;mgmt=true"><img
         class=button src="@image:down@"
         title="@label:playing.downverbose@" alt="@label:playing.down@"></a>
           }@
         class=button src="@image:down@"
         title="@label:playing.downverbose@" alt="@label:playing.down@"></a>
           }@
diff --git a/templates/recent.html b/templates/recent.html

index c9e1674ebbd6651954a49d6dce1995011bde6aef..9b46d788887c33a036399932b5c57c8105099bd7 100644 (file)
--- a/templates/recent.html
+++ b/templates/recent.html
@@ -61,7 +61,7 @@ USA
       <td class=length>@length@</td>
  @right{prefs}{
       <td class=imgbutton><a class=imgbutton
       <td class=length>@length@</td>
  @right{prefs}{
       <td class=imgbutton><a class=imgbutton
-      href="@url@?action=prefs&#38;nonce=@nonce@&#38;0_file=@urlquote{@file@}@"><img
+      href="@url@?action=prefs&#38;n=@nonce@&#38;0_file=@urlquote{@file@}@"><img
         class=button src="@image:edit@"
         title="@label:choose.prefsverbose@"
         alt="@label:choose.prefs@"></a></td>
         class=button src="@image:edit@"
         title="@label:choose.prefsverbose@"
         alt="@label:choose.prefs@"></a></td>
diff --git a/templates/search.html b/templates/search.html

index b534591e6d001ddc38a65de8eacaf3364252db83..ea7a63223f990b2d482c7e5eec73187794487116 100644 (file)
--- a/templates/search.html
+++ b/templates/search.html
@@ -52,7 +52,7 @@ USA
        @search{title}{
        <div class="search_title">
         <p class="search_title">Title:
        @search{title}{
        <div class="search_title">
         <p class="search_title">Title:
-       <a href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;nonce=@nonce@">@part:title@</a>
+       <a href="@url@?action=play&#38;file=@urlquote{@file@}@&#38;back=@urlquote{@thisurl@}@&#38;n=@nonce@">@part:title@</a>
         @if{@eq{@trackstate{@file@}@}{playing}@}{[<b>playing</b>]}@
         @if{@eq{@trackstate{@file@}@}{queued}@}{[<b>queued</b>]}@
         </p>
         @if{@eq{@trackstate{@file@}@}{playing}@}{[<b>playing</b>]}@
         @if{@eq{@trackstate{@file@}@}{queued}@}{[<b>queued</b>]}@
         </p>
diff --git a/templates/topbar.html b/templates/topbar.html

index 5c6c51513a4086b239ec05a65f4b51d3930e44ae..f7019b17be0c46eeb52ee973ebc4329e6d443338 100644 (file)
--- a/templates/topbar.html
+++ b/templates/topbar.html
@@ -3,29 +3,29 @@
   href="@url@"
   title="@label:sidebar.playingverbose@">@label:sidebar.playing@</a>
    <a class=@if{@eq{@action@}{recent}@}{activemenu}{inactivemenu}@
   href="@url@"
   title="@label:sidebar.playingverbose@">@label:sidebar.playing@</a>
    <a class=@if{@eq{@action@}{recent}@}{activemenu}{inactivemenu}@
- href="@url@?action=recent&amp;nonce=@nonce@"
+ href="@url@?action=recent&amp;n=@nonce@"
   title="@label:sidebar.recentverbose@">@label:sidebar.recent@</a>
    <a class=@if{@eq{@action@}{new}@}{activemenu}{inactivemenu}@
   title="@label:sidebar.recentverbose@">@label:sidebar.recent@</a>
    <a class=@if{@eq{@action@}{new}@}{activemenu}{inactivemenu}@
- href="@url@?action=new&amp;nonce=@nonce@"
+ href="@url@?action=new&amp;n=@nonce@"
   title="@label:sidebar.newverbose@">@label:sidebar.new@</a>
  @right{play}{
    <a class=@if{@or{@eq{@action@}{choose}@}
                    {@eq{@action@}{choosealpha}@}@}
                {activemenu}
                {inactivemenu}@
   title="@label:sidebar.newverbose@">@label:sidebar.new@</a>
  @right{play}{
    <a class=@if{@or{@eq{@action@}{choose}@}
                    {@eq{@action@}{choosealpha}@}@}
                {activemenu}
                {inactivemenu}@
- href="@url@?action=@label:sidebar.choosewhich@&amp;nonce=@nonce@"
+ href="@url@?action=@label:sidebar.choosewhich@&amp;n=@nonce@"
   title="@label:sidebar.chooseverbose@">@label:sidebar.choose@</a>}{
    <span class=invalidmenu
     title="@label:sidebar.chooseverbose@">@label:sidebar.choose@</span>}@
  @right{play}{
    <a class=@if{@eq{@action@}{search}@}{activemenu}{inactivemenu}@
   title="@label:sidebar.chooseverbose@">@label:sidebar.choose@</a>}{
    <span class=invalidmenu
     title="@label:sidebar.chooseverbose@">@label:sidebar.choose@</span>}@
  @right{play}{
    <a class=@if{@eq{@action@}{search}@}{activemenu}{inactivemenu}@
- href="@url@?action=search&amp;nonce=@nonce@"
+ href="@url@?action=search&amp;n=@nonce@"
   title="@label:sidebar.searchverbose@">@label:sidebar.search@</a>}{
    <span class=invalidmenu
     title="@label:sidebar.searchverbose@">@label:sidebar.search@</span>}@
  <!-- disabled by default since now available from 'manage'
    <a class=@if{@eq{@action@}{volume}@}{activemenu}{inactivemenu}@
   title="@label:sidebar.searchverbose@">@label:sidebar.search@</a>}{
    <span class=invalidmenu
     title="@label:sidebar.searchverbose@">@label:sidebar.search@</span>}@
  <!-- disabled by default since now available from 'manage'
    <a class=@if{@eq{@action@}{volume}@}{activemenu}{inactivemenu}@
- href="@url@?action=volume&amp;nonce=@nonce@"
+ href="@url@?action=volume&amp;n=@nonce@"
   title="@label:sidebar.volumeverbose@">@label:sidebar.volume@</a>
  -->
    <a class=@if{@eq{@action@}{manage}@}{activemenu}{inactivemenu}@
   title="@label:sidebar.volumeverbose@">@label:sidebar.volume@</a>
  -->
    <a class=@if{@eq{@action@}{manage}@}{activemenu}{inactivemenu}@
@@ -36,13 +36,13 @@
                    {@eq{@action@}{register}@}
                    {@eq{@action@}{reminder}@}
                    {@eq{@action@}{edituser}@}@}{activemenu}{inactivemenu}@
                    {@eq{@action@}{register}@}
                    {@eq{@action@}{reminder}@}
                    {@eq{@action@}{edituser}@}@}{activemenu}{inactivemenu}@
- href="@url@?action=login&amp;nonce=@nonce@"
+ href="@url@?action=login&amp;n=@nonce@"
   title="@label:sidebar.loginverbose@">@label:sidebar.login@</a>
    <a class=@if{@eq{@action@}{help}@}{activemenu}{inactivemenu}@
   title="@label:sidebar.loginverbose@">@label:sidebar.login@</a>
    <a class=@if{@eq{@action@}{help}@}{activemenu}{inactivemenu}@
- href="@url@?action=help&amp;nonce=@nonce@"
+ href="@url@?action=help&amp;n=@nonce@"
   title="@label:sidebar.helpverbose@">@label:sidebar.help@</a>
    <a class=@if{@eq{@action@}{about}@}{activemenu}{inactivemenu}@
   title="@label:sidebar.helpverbose@">@label:sidebar.help@</a>
    <a class=@if{@eq{@action@}{about}@}{activemenu}{inactivemenu}@
- href="@url@?action=about&amp;nonce=@nonce@"
+ href="@url@?action=about&amp;n=@nonce@"
   title="@label:sidebar.aboutverbose@">@label:sidebar.about@</a>
  </p>
  <hr>
   title="@label:sidebar.aboutverbose@">@label:sidebar.about@</a>
  </p>
  <hr>
author	Richard Kettlewell <rjk@greenend.org.uk>
	Thu, 10 Jan 2008 21:11:02 +0000 (21:11 +0000)
committer	Richard Kettlewell <rjk@greenend.org.uk>
	Thu, 10 Jan 2008 21:11:02 +0000 (21:11 +0000)
server/dcgi.c		patch \| blob \| blame \| history
templates/choose.html		patch \| blob \| blame \| history
templates/help.html		patch \| blob \| blame \| history
templates/new.html		patch \| blob \| blame \| history
templates/playing.html		patch \| blob \| blame \| history
templates/recent.html		patch \| blob \| blame \| history
templates/search.html		patch \| blob \| blame \| history
templates/topbar.html		patch \| blob \| blame \| history