lianguan/gitea
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity
gitea/modules
History
zeripath 2e317d3f6e Prevent security failure due to bad APP_ID (#18678) (#18682) 
Backport #18678

WebAuthn may cause a security exception if the provided APP_ID is not allowed for the
current origin. Therefore we should reattempt authentication without the appid
extension.

Also we should allow [u2f] as-well as [U2F] sections.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-10 16:17:44 +01:00
..
activitypub
Create pub/priv keypair for federation (#17071)
2021-09-28 15:19:22 -04:00
analyze
Use git attributes to determine generated and vendored status for language stats and diffs (#16773)
2021-09-09 21:13:36 +01:00
appstate
Decouple unit test code from business code (#17623)
2021-11-12 22:36:47 +08:00
auth
Support webauthn (#17957)
2022-01-14 16:03:31 +01:00
avatar
Fix various typos (#18219)
2022-01-10 17:32:37 +08:00
base
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
cache
Test cache during init (#17852)
2021-12-06 00:24:57 +08:00
charset
Add warning for BIDI characters in page renders and in diffs (#17562)
2022-01-07 02:18:52 +01:00
context
If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
2022-02-07 09:25:05 +08:00
convert
Add MirrorUpdated field to Repository API type (#18267)
2022-01-18 13:18:30 +00:00
csv
Fix various typos (#18219)
2022-01-10 17:32:37 +08:00
doctor
Fix various typos (#18219)
2022-01-10 17:32:37 +08:00
emoji
Run processors on whole of text (#16155)
2021-06-17 11:35:05 +01:00
eventsource
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
generate
Support webauthn (#17957)
2022-01-14 16:03:31 +01:00
git
Stop logging an error when notes are not found (#18626) (#18635)
2022-02-06 09:43:15 +00:00
gitgraph
Collaborator trust model should trust collaborators (#18539) (#18557)
2022-02-03 11:20:37 -05:00
graceful
Make SSL cipher suite configurable (#17440)
2021-11-20 01:12:43 -05:00
hcaptcha
highlight
Add .gitattribute assisted language detection to blame, diff and render (#17590)
2021-11-17 20:37:00 +00:00
hostmatcher
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
httpcache
Use a variable but a function for IsProd because of a slight performance increment (#17368)
2021-10-20 16:37:19 +02:00
httplib
refactor: move from io/ioutil to io and os package (#17109)
2021-09-22 13:38:34 +08:00
indexer
Upgrade bleve from v2.0.6 to v2.3.0 (#18132)
2022-01-01 16:26:27 +08:00
json
Move repository model into models/repo (#17933)
2021-12-10 09:27:50 +08:00
lfs
Fix source typos (#18227)
2022-01-10 23:46:26 +08:00
log
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
markup
Prevent NPE on partial match of compare URL and allow short SHA1 compare URLs (#18472) (#18473)
2022-01-31 01:49:17 +02:00
metrics
Refactor auth package (#17962)
2022-01-02 21:12:35 +08:00
migration
Fix various typos (#18219)
2022-01-10 17:32:37 +08:00
nosql
Remove unnecessary variable assignments (#17695)
2021-11-18 09:33:06 +08:00
notification
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
options
Remove golang vendored directory (#18277)
2022-01-14 18:16:05 -05:00
password
Fixed assert statements. (#16089)
2021-06-07 07:27:09 +02:00
pprof
refactor: move from io/ioutil to io and os package (#17109)
2021-09-22 13:38:34 +08:00
private
Move keys to models/asymkey (#17917)
2021-12-10 16:14:24 +08:00
process
Fix various typos (#18219)
2022-01-10 17:32:37 +08:00
proxy
Return nil proxy function if proxy not enabled (#16742)
2021-08-19 16:41:20 -04:00
public
Fix mime-type detection for HTTP server (#18371)
2022-01-23 21:17:20 +08:00
queue
Restart zero worker if there is still work to do (#18658) (#18672)
2022-02-08 23:28:21 +02:00
recaptcha
refactor: move from io/ioutil to io and os package (#17109)
2021-09-22 13:38:34 +08:00
references
Add API to get issue/pull comments and events (timeline) (#17403)
2022-01-01 22:12:25 +08:00
repository
Add GetUserTeams (#18499) (#18531)
2022-02-02 08:40:04 +00:00
secret
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
session
Refactor auth package (#17962)
2022-01-02 21:12:35 +08:00
setting
Prevent security failure due to bad APP_ID (#18678) (#18682)
2022-02-10 16:17:44 +01:00
ssh
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
storage
refactor: move from io/ioutil to io and os package (#17109)
2021-09-22 13:38:34 +08:00
structs
Add MirrorUpdated field to Repository API type (#18267)
2022-01-18 13:18:30 +00:00
svg
refactor: move from io/ioutil to io and os package (#17109)
2021-09-22 13:38:34 +08:00
sync
templates
Remove golang vendored directory (#18277)
2022-01-14 18:16:05 -05:00
test
Unify and simplify TrN for i18n (#18141)
2022-01-02 04:33:57 +01:00
timeutil
Don't store assets modified time into generated files (#18193)
2022-01-06 21:33:17 -05:00
translation
Sort locales according to their names (#18211)
2022-01-08 12:18:39 +00:00
typesniffer
Read expected buffer size (#17409)
2021-10-24 22:12:43 +01:00
updatechecker
Fix various typos (#18219)
2022-01-10 17:32:37 +08:00
upload
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00
uri
Prevent NPE if gitea uploader fails to open url (#18080)
2021-12-23 16:27:33 +00:00
user
util
Increase Salt randomness (#18179)
2022-01-04 15:13:52 +00:00
validation
Upgrade chi to v5 (#17298)
2021-10-13 22:50:23 -04:00
web
Simplify parameter types (#18006)
2021-12-20 04:41:31 +00:00