shaba/gitea
1
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-01-21 22:03:38 +03:00
Code Issues Projects Releases Wiki Activity
7,285 Commits 17 Branches 221 Tags
Commit Graph

15 Commits

Author SHA1 Message Date
mrsdizzie
6f2e1bd23a Don't Unescape redirect_to cookie value (#6399) 
redirect_to holds a value that we want to redirect back to after login.
This value can be a path with intentonally escaped values and we
should not unescape it.

Fixes #4475
 2019-03-20 22:06:16 -04:00
zeripath
2b36bdd490 Do not display the raw OpenID error in the UI (#5705) 
* Do not display the raw OpenID error in the UI

If there are no `WHITELIST_URIS` or `BLACKLIST_URIS` set in the openid
section of the app.ini, it is possible that gitea can leak sensitive
information about the local network through the error provided by the
UI. This PR hides the error information and logs it.

Fix #4973

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update auth_openid.go

Place error log within the `err != nil` branch.
 2019-01-12 14:24:47 -05:00
SagePtr
0449330dbc Make cookies HttpOnly and obey COOKIE_SECURE flag (#4706) 2018-08-14 23:16:37 +03:00
Fluf
f035dcd4f2 Add Recaptcha functionality to Gitea (#4044) 2018-07-05 00:13:05 -04:00
Lauris BH
7b2b900e13 Refactor and simplify redirect to url (#3674) 2018-03-15 22:13:34 +01:00
Codruț Constantin Gușoi
96c268c0fc Implements generator cli for secrets (#3531) 
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
 2018-02-18 20:14:37 +02:00
Morgan Bazalgette
65861900cd Handle refactor (#3339) 
* Replace all ctx.Handle with ctx.ServerError or ctx.NotFound

* Change Handle(403) to NotFound, avoid using macaron's NotFound
 2018-01-10 23:34:17 +02:00
Sandro Santilli
2c3a229a3c Add OpenID configuration in install page (#2276) 2017-08-19 17:34:49 +02:00
Lunny Xiao
f960e19c59 Only update needed columns when update user (#2296) 
* only update needed columns when update user

* fix missing update_unix column
 2017-08-12 22:18:44 +08:00
Lauris BH
32fc44aa83 Make time diff translatable (#2057) 2017-06-28 13:43:28 +08:00
Jonas Östanbäck
b93568cce4 xxx_active_code_live setting in printed in hours and minutes instead … (#1814) 
* xxx_active_code_live setting in printed in hours and minutes instead of just hours

* Update app.ini description of xxx_code_lives settings
 2017-05-29 02:35:47 -05:00
Sandro Santilli
129b0d6a4b Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION (#1369) 
* Allow ENABLE_OPENID_SIGNUP to depend on DISABLE_REGISTRATION

Omit the configuration variable (the default) to be dependent.
Fixes #1363

* Move OpenID settings under Service object

* Show OpenID SignUp and SignIn status in admin panel / configuration
 2017-03-29 18:57:43 +08:00
Sandro Santilli
f73e734411 Run "make fmt" with go-1.6 (#1333) 2017-03-21 08:55:00 +08:00
Sandro Santilli
97ee88975a Add captcha support to OpenID based signup 2017-03-20 08:58:00 +01:00
Sandro Santilli
71d16f69ff Login via OpenID-2.0 (#618) 2017-03-17 15:16:08 +01:00