git724/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
forgejo/routers/web/repo
History
Gusted 0b17346cff
fix(sec): web route update and delete runner variables 
The web route to update and delete variables of runners did not check if
the ID that was given belonged to the context it was requested in, this
made it possible to update and delete every existing runner variable of
a instance for any authenticated user.

The code has been reworked to always take into account the context of
the request (owner and repository ID).
2025-02-08 07:21:14 +00:00
..
actions Fix bug on action list deleted branch (#32848) 2024-12-22 07:21:38 +01:00
badges Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
flags Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
setting fix(sec): web route update and delete runner variables 2025-02-08 07:21:14 +00:00
activity.go Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo 2024-11-06 08:57:43 +00:00
attachment.go Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
blame.go fix: disallow blame on directories (#6716) 2025-01-29 09:02:46 +00:00
branch.go Hide the "Details" link of commit status when the user cannot access actions (#30156) 2024-08-04 08:47:07 +02:00
card.go Change license of card.go 2024-12-29 12:19:48 +01:00
cherry_pick.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
code_frequency.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
commit.go Rewrite OpenGraph Header 2025-01-01 20:43:20 +01:00
compare.go Improve code 2025-01-01 08:08:12 +01:00
contributors.go Fix Activity Page Contributors dropdown (#31264) 2024-06-18 20:05:23 +02:00
download.go Use gitrepo.GetTreePathLatestCommit to get file lastest commit instead from latest commit cache (#32987) 2025-01-05 12:13:48 +00:00
editor.go fix: Preview picture not visible on Markdown file (#5781) 2024-11-23 15:00:18 +00:00
editor_test.go [TESTS] Fix usage of LoadRepoCommit 2024-08-26 08:03:48 +02:00
find.go Escape paths for find file correctly (#30026) 2024-03-26 19:04:27 +01:00
githttp.go fix: consider HEAD requests to be pulls (#6750) 2025-02-07 07:39:00 +00:00
githttp_test.go Fix http protocol auth (#27875) 2023-11-02 22:14:33 +08:00
helper.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
helper_test.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
issue.go fix(commenter roles): don't give system users roles (#6766) 2025-02-05 17:34:45 +00:00
issue_content_history.go [PORT] Refactor DateUtils and merge TimeSince (gitea#32409) 2024-11-10 22:23:27 +01:00
issue_dependency.go Use PostFormValue instead of PostForm.Get 2024-05-02 10:51:07 +02:00
issue_label.go [GITEA] Apply changes to archived labels 2024-04-01 17:46:02 +05:00
issue_label_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
issue_lock.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_pin.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_stopwatch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_test.go feat: combine review requests comments 2024-10-25 22:57:32 +02:00
issue_timetrack.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_watch.go Fix Issue watching / unwatching on the web ui 2024-05-01 11:04:54 +02:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
middlewares.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
migrate.go feat(i18n): allow different translations of creation links and titles (#4829) 2024-08-07 16:54:05 +00:00
milestone.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
packages.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
patch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
projects.go Use project's redirect url instead of composing url (#33058) 2025-01-05 13:46:19 +00:00
projects_test.go Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
pull.go improve performance of diffs (#32393) 2024-11-05 09:39:21 +01:00
pull_review.go Revert "Prevent allow/reject reviews on merged/closed PRs" 2024-08-12 12:24:52 +01:00
pull_review_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
recent_commits.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
release.go Update 2024-12-18 20:26:39 +01:00
release_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
render.go Refactor render (#30136) 2024-03-30 07:17:31 +01:00
repo.go Add github compatible tarball download API endpoints (#32572) 2024-12-03 10:19:22 +01:00
search.go fix(code search): empty mode dropdown when keyword is empty 2025-01-01 12:32:41 +00:00
topic.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
treelist.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
view.go Rewrite OpenGraph Header 2025-01-01 20:43:20 +01:00
view_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
wiki.go Rewrite OpenGraph Header 2025-01-01 20:43:20 +01:00
wiki_test.go chore: remove illegal git usage (#6488) 2025-01-07 17:28:42 +00:00