git724/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 4
forgejo/routers/web/repo
History
Gusted f359ebeea5
fix(sec): web route delete runner 
The web route to delete action runners did not check if the ID that was
given belonged to the context it was requested in, this made it possible
to delete every existing runner of a instance by a authenticated user.

The code was reworked to ensure that the caller of the delete
runner function retrieved the runner by ID and then checks if it belongs
to the context it was requested in, although this is not an optimal
solution it is consistent with the context checking of other code for
runners.
2025-02-08 07:21:14 +00:00
..
actions Fix bug on action list deleted branch (#32848) 2024-12-22 07:21:38 +01:00
badges Enable unparam linter (#31277) 2024-06-16 13:42:58 +02:00
flags Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
setting fix(sec): web route delete runner 2025-02-08 07:21:14 +00:00
activity.go Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo 2024-11-06 08:57:43 +00:00
attachment.go Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) 2024-11-05 09:33:15 +01:00
blame.go fix: disallow blame on directories (#6716) 2025-01-29 09:02:46 +00:00
branch.go Hide the "Details" link of commit status when the user cannot access actions (#30156) 2024-08-04 08:47:07 +02:00
card.go Change license of card.go 2024-12-29 12:19:48 +01:00
cherry_pick.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
code_frequency.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
commit.go Rewrite OpenGraph Header 2025-01-01 20:43:20 +01:00
compare.go Improve code 2025-01-01 08:08:12 +01:00
contributors.go Fix Activity Page Contributors dropdown (#31264) 2024-06-18 20:05:23 +02:00
download.go Use gitrepo.GetTreePathLatestCommit to get file lastest commit instead from latest commit cache (#32987) 2025-01-05 12:13:48 +00:00
editor.go fix: Preview picture not visible on Markdown file (#5781) 2024-11-23 15:00:18 +00:00
editor_test.go [TESTS] Fix usage of LoadRepoCommit 2024-08-26 08:03:48 +02:00
find.go Escape paths for find file correctly (#30026) 2024-03-26 19:04:27 +01:00
githttp.go fix: consider HEAD requests to be pulls (#6750) 2025-02-07 07:39:00 +00:00
githttp_test.go Fix http protocol auth (#27875) 2023-11-02 22:14:33 +08:00
helper.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
helper_test.go feat: avoid sorting for MakeSelfOnTop 2024-12-03 05:32:51 +01:00
issue.go fix(commenter roles): don't give system users roles (#6766) 2025-02-05 17:34:45 +00:00
issue_content_history.go [PORT] Refactor DateUtils and merge TimeSince (gitea#32409) 2024-11-10 22:23:27 +01:00
issue_dependency.go Use PostFormValue instead of PostForm.Get 2024-05-02 10:51:07 +02:00
issue_label.go [GITEA] Apply changes to archived labels 2024-04-01 17:46:02 +05:00
issue_label_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
issue_lock.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_pin.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_stopwatch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_test.go feat: combine review requests comments 2024-10-25 22:57:32 +02:00
issue_timetrack.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
issue_watch.go Fix Issue watching / unwatching on the web ui 2024-05-01 11:04:54 +02:00
main_test.go make writing main test easier (#27270) 2023-09-28 01:38:53 +00:00
middlewares.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
migrate.go feat(i18n): allow different translations of creation links and titles (#4829) 2024-08-07 16:54:05 +00:00
milestone.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
packages.go remove util.OptionalBool and related functions (#29513) 2024-03-06 12:10:46 +08:00
patch.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
projects.go Use project's redirect url instead of composing url (#33058) 2025-01-05 13:46:19 +00:00
projects_test.go Rename project board -> column to make the UI less confusing (#30170) 2024-06-02 09:42:39 +02:00
pull.go improve performance of diffs (#32393) 2024-11-05 09:39:21 +01:00
pull_review.go Revert "Prevent allow/reject reviews on merged/closed PRs" 2024-08-12 12:24:52 +01:00
pull_review_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
recent_commits.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
release.go Update 2024-12-18 20:26:39 +01:00
release_test.go Add testifylint to lint checks (#4535) 2024-07-30 19:41:10 +00:00
render.go Refactor render (#30136) 2024-03-30 07:17:31 +01:00
repo.go Add github compatible tarball download API endpoints (#32572) 2024-12-03 10:19:22 +01:00
search.go fix(code search): empty mode dropdown when keyword is empty 2025-01-01 12:32:41 +00:00
topic.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
treelist.go Move context from modules to services (#29440) 2024-03-06 12:10:43 +08:00
view.go Rewrite OpenGraph Header 2025-01-01 20:43:20 +01:00
view_test.go Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
wiki.go Rewrite OpenGraph Header 2025-01-01 20:43:20 +01:00
wiki_test.go chore: remove illegal git usage (#6488) 2025-01-07 17:28:42 +00:00