git724/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
forgejo/routers/api/v1/user
History
Gusted 77db7655e0
fix(sec): web route update and delete runner variables 
The web route to update and delete variables of runners did not check if
the ID that was given belonged to the context it was requested in, this
made it possible to update and delete every existing runner variable of
a instance for any authenticated user.

The code has been reworked to always take into account the context of
the request (owner and repository ID).
2025-02-08 06:04:14 +00:00
..
action.go fix(sec): web route update and delete runner variables 2025-02-08 06:04:14 +00:00
app.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
avatar.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
email.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
follower.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
gpg_key.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
helper.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
hook.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
key.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
quota.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
repo.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
runners.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
settings.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
star.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
user.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00
watch.go Improve Swagger documentation for user endpoints 2024-11-23 10:33:55 +01:00