git724/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
forgejo/routers/web/repo
History
Gusted c324910c31
fix(sec): web route delete runner 
The web route to delete action runners did not check if the ID that was
given belonged to the context it was requested in, this made it possible
to delete every existing runner of a instance by a authenticated user.

The code was reworked to ensure that the caller of the delete
runner function retrieved the runner by ID and then checks if it belongs
to the context it was requested in, although this is not an optimal
solution it is consistent with the context checking of other code for
runners.
2025-02-08 06:04:14 +00:00
..
actions Fix bug on action list deleted branch (#32848) 2024-12-22 07:21:38 +01:00
badges Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
flags Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
setting fix(sec): web route delete runner 2025-02-08 06:04:14 +00:00
activity.go Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo 2024-11-06 08:57:43 +00:00
attachment.go Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
blame.go [v10.0/forgejo] fix: disallow blame on directories (#6720) 2025-01-29 09:34:03 +00:00
branch.go Hide the "Details" link of commit status when the user cannot access actions (#30156) 2024-08-04 08:47:07 +02:00
card.go [v10.0/forgejo] feat: Add summary card for repos and releases 2025-01-01 22:00:26 +01:00
cherry_pick.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
code_frequency.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
commit.go [FEAT]Allow changing git notes (#4753) 2024-11-18 22:56:17 +00:00
compare.go template: repo: compare: display a warning if the user is not logged in 2024-12-29 12:52:49 +00:00
contributors.go Fix Activity Page Contributors dropdown (#31264) 2024-06-18 20:05:23 +02:00
download.go Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
editor.go fix: Preview picture not visible on Markdown file (#5781) 2024-11-23 15:00:18 +00:00
editor_test.go [TESTS] Fix usage of LoadRepoCommit 2024-08-26 08:03:48 +02:00
find.go Escape paths for find file correctly (#30026) 2024-03-26 19:04:27 +01:00
githttp.go [PORT] Fix git error handling (gitea#32401) 2024-11-03 16:47:44 +01:00
githttp_test.go Fix http protocol auth (#27875) 2023-11-02 22:14:33 +08:00
helper.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
helper_test.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
issue.go [v10.0/forgejo] feat: Add summary card for repos and releases 2025-01-01 22:00:26 +01:00
issue_content_history.go [PORT] Refactor DateUtils and merge TimeSince (gitea#32409) 2024-11-10 22:23:27 +01:00
issue_dependency.go Use PostFormValue instead of PostForm.Get 2024-05-02 10:51:07 +02:00
issue_label.go [GITEA] Apply changes to archived labels 2024-04-01 17:46:02 +05:00
issue_label_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
issue_lock.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_pin.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_stopwatch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_test.go feat: combine review requests comments 2024-10-25 22:57:32 +02:00
issue_timetrack.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_watch.go Fix Issue watching / unwatching on the web ui 2024-05-01 11:04:54 +02:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
middlewares.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
migrate.go feat(i18n): allow different translations of creation links and titles (#4829) 2024-08-07 16:54:05 +00:00
milestone.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
packages.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
patch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
projects.go fix(project): add title to project view page (#32747) 2024-12-08 08:14:25 +01:00
projects_test.go Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
pull.go improve performance of diffs (#32393) 2024-11-05 09:39:21 +01:00
pull_review.go Revert "Prevent allow/reject reviews on merged/closed PRs" 2024-08-12 12:24:52 +01:00
pull_review_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
recent_commits.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
release.go [v10.0/forgejo] feat: Add summary card for repos and releases 2025-01-01 22:00:26 +01:00
release_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
render.go Refactor render (#30136) 2024-03-30 07:17:31 +01:00
repo.go Add github compatible tarball download API endpoints (#32572) 2024-12-03 10:19:22 +01:00
search.go fix(code search): empty mode dropdown when keyword is empty 2025-01-01 13:04:56 +00:00
topic.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
treelist.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
view.go feat: filepath filter for code search (#6143) 2024-12-22 12:24:29 +00:00
view_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
wiki.go Make wiki pages visit fast (#32732) 2024-12-08 08:06:01 +01:00
wiki_test.go [v10.0/forgejo] chore: remove illegal git usage (#6492) 2025-01-07 19:01:32 +00:00