1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-11-26 09:09:36 -05:00
forgejo/routers
Aleksandr Bulyshchenko ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
..
admin Add option to use paged LDAP search when synchronizing users (#3895) 2018-05-05 17:30:47 +03:00
api/v1 Fix some webhooks bugs (#3981) 2018-05-21 10:28:29 +08:00
dev Make time diff translatable (#2057) 2017-06-28 13:43:28 +08:00
org Splitted the user settings code into several files to be more maintainable (#3968) 2018-05-17 12:05:00 +08:00
private improve protected branch to add whitelist support (#2451) 2017-09-14 16:16:22 +08:00
repo Fix some webhooks bugs (#3981) 2018-05-21 10:28:29 +08:00
routes Support secure cookie for csrf-token (#3839) 2018-05-22 02:09:48 +03:00
user remove collaborative repositories from search on user profiles (#3996) 2018-05-21 23:07:34 +03:00
utils Allow adding collaborators with (fullname) (#3103) 2017-12-07 15:00:09 +08:00
home.go Global code search support (#3664) 2018-03-16 22:04:33 +08:00
init.go Store OAuth2 session data in database (#3660) 2018-04-29 09:09:24 +03:00
install.go issue-2768: added new option allow_only_external_registration (#3910) 2018-05-13 15:51:16 +08:00