git724/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
forgejo/routers/web/repo
History
Gusted 77db7655e0
fix(sec): web route update and delete runner variables 
The web route to update and delete variables of runners did not check if
the ID that was given belonged to the context it was requested in, this
made it possible to update and delete every existing runner variable of
a instance for any authenticated user.

The code has been reworked to always take into account the context of
the request (owner and repository ID).
2025-02-08 06:04:14 +00:00
..
actions Fix bug on action list deleted branch (#32848) 2024-12-22 07:21:38 +01:00
badges Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
flags Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
setting fix(sec): web route update and delete runner variables 2025-02-08 06:04:14 +00:00
activity.go Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo 2024-11-06 08:57:43 +00:00
attachment.go Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
blame.go [v10.0/forgejo] fix: disallow blame on directories (#6720) 2025-01-29 09:34:03 +00:00
branch.go Hide the "Details" link of commit status when the user cannot access actions (#30156) 2024-08-04 08:47:07 +02:00
card.go [v10.0/forgejo] feat: Add summary card for repos and releases 2025-01-01 22:00:26 +01:00
cherry_pick.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
code_frequency.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
commit.go [FEAT]Allow changing git notes (#4753) 2024-11-18 22:56:17 +00:00
compare.go template: repo: compare: display a warning if the user is not logged in 2024-12-29 12:52:49 +00:00
contributors.go Fix Activity Page Contributors dropdown (#31264) 2024-06-18 20:05:23 +02:00
download.go Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
editor.go fix: Preview picture not visible on Markdown file (#5781) 2024-11-23 15:00:18 +00:00
editor_test.go [TESTS] Fix usage of LoadRepoCommit 2024-08-26 08:03:48 +02:00
find.go Escape paths for find file correctly (#30026) 2024-03-26 19:04:27 +01:00
githttp.go [PORT] Fix git error handling (gitea#32401) 2024-11-03 16:47:44 +01:00
githttp_test.go Fix http protocol auth (#27875) 2023-11-02 22:14:33 +08:00
helper.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
helper_test.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
issue.go [v10.0/forgejo] feat: Add summary card for repos and releases 2025-01-01 22:00:26 +01:00
issue_content_history.go [PORT] Refactor DateUtils and merge TimeSince (gitea#32409) 2024-11-10 22:23:27 +01:00
issue_dependency.go Use PostFormValue instead of PostForm.Get 2024-05-02 10:51:07 +02:00
issue_label.go [GITEA] Apply changes to archived labels 2024-04-01 17:46:02 +05:00
issue_label_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
issue_lock.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_pin.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_stopwatch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_test.go feat: combine review requests comments 2024-10-25 22:57:32 +02:00
issue_timetrack.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_watch.go Fix Issue watching / unwatching on the web ui 2024-05-01 11:04:54 +02:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
middlewares.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
migrate.go feat(i18n): allow different translations of creation links and titles (#4829) 2024-08-07 16:54:05 +00:00
milestone.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
packages.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
patch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
projects.go fix(project): add title to project view page (#32747) 2024-12-08 08:14:25 +01:00
projects_test.go Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
pull.go improve performance of diffs (#32393) 2024-11-05 09:39:21 +01:00
pull_review.go Revert "Prevent allow/reject reviews on merged/closed PRs" 2024-08-12 12:24:52 +01:00
pull_review_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
recent_commits.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
release.go [v10.0/forgejo] feat: Add summary card for repos and releases 2025-01-01 22:00:26 +01:00
release_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
render.go Refactor render (#30136) 2024-03-30 07:17:31 +01:00
repo.go Add github compatible tarball download API endpoints (#32572) 2024-12-03 10:19:22 +01:00
search.go fix(code search): empty mode dropdown when keyword is empty 2025-01-01 13:04:56 +00:00
topic.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
treelist.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
view.go feat: filepath filter for code search (#6143) 2024-12-22 12:24:29 +00:00
view_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
wiki.go Make wiki pages visit fast (#32732) 2024-12-08 08:06:01 +01:00
wiki_test.go [v10.0/forgejo] chore: remove illegal git usage (#6492) 2025-01-07 19:01:32 +00:00