From PVS Studio:
V814
Decreased performance. The 'strlen' function was called multiple times inside the body of a loop.
https://www.viva64.com/en/w/V814/print
Signed-off-by: Vitalii Koshura <lestat.de.lionkur@gmail.com>
VS lets you choose the compiler warning level, 0 to 4.
Higher is good because compiler warnings often indicate bugs.
However, some warnings are noise, and having a lot of them is bad
because they conceal the important ones.
As an example, a recent update to VS2010 causes it to spew warnings of the form
"function _strdup() is deprecated; use _strdup() instead.
So the new policy is:
- everything compiles with warning level 4
- in boinc_win.h we use #pragmas to suppress 3 specific warnings
that occur a lot in our code, and are not bugs:
- the _function names as described above
- constant conditional expression (like while(1))
- conversion from int to char
And the goal is to build everything with zero warnings
except from outside code like zip.
We're pretty close to that.
The project files for other VS versions should be modified
to also use level 4 everywhere.
All that should be required for new platforms is to implement a 'run' function that creates a window that hosts an HTML control and queries determine_state_url() and determine_exit_state() once a second.
* Custom IE Javascript interface is gone, it was replaced with a cross-browser Web RPC.
In the HTML doc you can add:
<script type='text/javascript' src='/api/static/boinc.js'></script>
In the JavaScript code you can:
var boinc = new BOINC();
From there you can get the username like:
var userName = boinc.getUserName();
* Default resources are embedded within the executable in much the same way XPM images are embedded in the manager.
/api/static/index.html
/api/static/boinc.png
/api/static/boinc.js
Using the formal HTTP authentication scheme was too cumbersome and I couldn't pre-fill out that information as part of the request. IE11 emulation ignores any credentials as part of the URI. The web browser control insists on displaying a credentials dialog when challenged.
So for now, look for a 'secret' header which just contains a thread identifier.
Authentication is skipped if the app was started with the --debug command line argument. You'll be able to attach and debug your HTML application via the port number written in the Window title.
* Implement a mini HTTP server to service file requests from the slot
directory. Have the browser control download the file(s) via the
HTTP protocol instead of the FILE protocol.
TODO: Lock down the authentication mechanism so that it is reasonably
protected even though it is only bound to the loopback adapter.
* Configure the browser emulation level for the executable to
Internet Explorer 11.
lfield