Mirrors/gitea
0
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2025-12-25 13:35:07 +01:00
Code Issues Activity
gitea/routers/common
History
silverwind 42d294941c
Replace CSRF cookie with CrossOriginProtection (#36183) 
Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection)
which relies purely on HTTP headers.

Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107

TODOs:

- [x] Fix tests
- [ ] Ideally add tests to validates the protection

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-12-25 12:33:34 +02:00
..
actions.go
Fix bug on downloading job logs (#34041)
2025-03-27 17:20:56 -07:00
auth.go
Replace CSRF cookie with CrossOriginProtection (#36183)
2025-12-25 12:33:34 +02:00
blockexpensive_test.go
Add a config option to block "expensive" pages for anonymous users (#34024)
2025-03-30 05:26:19 +00:00
blockexpensive.go
add more routes to the "expensive" list (#35547)
2025-09-29 17:33:28 +08:00
codesearch.go
Improve issue & code search (#33860)
2025-03-13 11:07:48 +08:00
compare.go
Fix bug when creating pull request (#36166)
2025-12-17 21:21:04 +00:00
db.go
Enable addtional linters (#34085)
2025-04-01 10:14:01 +00:00
deadline.go
errpage_test.go
Use test context in tests and new loop system in benchmarks (#33648)
2025-02-20 09:57:40 +00:00
errpage.go
Support selecting theme on the footer (#35741)
2025-10-28 18:25:00 +08:00
issue_filter.go
refactor: extract helper functions from SearchIssues (#36158)
2025-12-20 17:57:41 -08:00
lfs.go
Fix LFS route mock, realm, middleware names (#32488)
2024-11-13 16:58:09 +08:00
markup.go
Fix footnote jump behavior on the issue page. (#34621)
2025-06-09 17:18:11 +00:00
middleware.go
Make Golang correctly delete temp files during uploading (#36128)
2025-12-11 19:59:42 +01:00
pagetmpl.go
Refactor head navbar icons (#34922)
2025-07-04 13:03:22 +02:00
qos_test.go
Add middleware for request prioritization (#33951)
2025-04-14 16:25:48 +02:00
qos.go
Support selecting theme on the footer (#35741)
2025-10-28 18:25:00 +08:00
redirect.go
serve.go
Refactor cache-control (#33861)
2025-03-13 07:04:50 +08:00