1
0
Fork 0
Beyond coding. We forge. https://codeberg.org/forgejo/forgejo
Find a file
Aleksandr Bulyshchenko ee878e3951 Support secure cookie for csrf-token (#3839)
* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>
2018-05-22 02:09:48 +03:00
.github Comment help text for issues (#2281) 2017-08-09 12:13:33 +08:00
assets Add task to generate images from SVG and change to new logo (#2194) 2017-07-28 13:51:20 +08:00
cmd Add cli commands to regen hooks & keys (#3979) 2018-05-17 09:35:07 +08:00
contrib Note about adding permisions to binary (#3936) 2018-05-10 16:32:01 +08:00
custom/conf Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
docker Allow Gitea to run as different USER in Docker (#3961) 2018-05-16 23:58:44 +08:00
docs Added doc for 'IMPORT_LOCAL_PATHS' (#3997) 2018-05-21 09:04:41 +08:00
integrations Refactor User Settings (#3900) 2018-05-15 13:07:32 +03:00
models fix #4003 (#4004) 2018-05-21 21:30:30 +08:00
modules Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
options remove collaborative repositories from search on user profiles (#3996) 2018-05-21 23:07:34 +03:00
public Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
routers Support secure cookie for csrf-token (#3839) 2018-05-22 02:09:48 +03:00
scripts Updating generate-licenses.go to fetch licenses from maintained repository. (#3484) 2018-02-12 20:20:30 +02:00
snap snap-packaging for gitea (#2568) 2018-05-09 22:52:51 +08:00
templates Add support for FIDO U2F (#3971) 2018-05-19 17:12:37 +03:00
vendor Support secure cookie for csrf-token (#3839) 2018-05-22 02:09:48 +03:00
.changelog.yml Add changelog config file for generate changelog (#2461) 2017-09-04 13:07:57 +03:00
.drone.yml Add LDAP integration tests (#3897) 2018-05-11 15:55:32 +08:00
.editorconfig switch gitter to discord for drone. (#1971) 2017-06-15 10:47:42 +08:00
.gitattributes ignore static files statstics for linguist 2016-12-27 16:49:25 +01:00
.gitignore snap-packaging for gitea (#2568) 2018-05-09 22:52:51 +08:00
.lgtm refactor: ignore LGTM from author of pull request. (#3283) 2018-01-02 06:13:49 -06:00
CHANGELOG.md Release 1.4.x changelog (#3894) 2018-05-04 21:23:39 +08:00
CONTRIBUTING.md [doc] Update vendor tool section to dep (#4008) 2018-05-21 14:10:35 -04:00
DCO
Dockerfile Docker multi-stage (#2927) 2018-03-12 11:59:13 +02:00
Gopkg.lock Support secure cookie for csrf-token (#3839) 2018-05-22 02:09:48 +03:00
Gopkg.toml Migrate to dep (#3972) 2018-05-21 15:34:20 +03:00
LICENSE Fix typo 2016-11-08 08:42:05 +01:00
main.go Implements generator cli for secrets (#3531) 2018-02-18 20:14:37 +02:00
MAINTAINERS Add myself to MAINTAINERS (#3680) 2018-03-16 21:49:03 +02:00
Makefile Provide compressed releases (#3991) 2018-05-21 14:50:39 -04:00
package-lock.json Update less.js to latest version (#3932) 2018-05-10 13:36:47 +08:00
package.json Update less.js to latest version (#3932) 2018-05-10 13:36:47 +08:00
README.md Activating Open Collective (#3821) 2018-05-11 13:53:23 +08:00
README_ZH.md Fix release tag on README (#3945) 2018-05-10 23:38:57 +03:00

简体中文

Gitea - Git with a cup of tea

Build Status Join the Discord chat at https://discord.gg/NsatcWJ codecov Go Report Card GoDoc GitHub release Help Contribute to Open Source Become a backer/sponsor of gitea

Dashboard Repository Commits History
Branches Issues Pull Request View
Releases Activity Wiki
Diff Organization Profile

Purpose

The goal of this project is to make the easiest, fastest, and most painless way of setting up a self-hosted Git service. Using Go, this can be done with an independent binary distribution across all platforms which Go supports, including Linux, macOS, and Windows on x86, amd64, ARM and PowerPC architectures. Want to try it before doing anything else? Do it with the online demo! This project has been forked from Gogs since 2016.11 but changed a lot.

Building

From the root of the source tree, run:

make generate all

More info: https://docs.gitea.io/en-us/install-from-source/

Using

./gitea web

NOTE: If you're interested in using our APIs, we have experimental support with documentation.

Contributing

Expected workflow is: Fork -> Patch -> Push -> Pull Request

NOTES:

  1. YOU MUST READ THE CONTRIBUTORS GUIDE BEFORE STARTING TO WORK ON A PULL REQUEST.
  2. If you have found a vulnerability in the project, please write privately to security@gitea.io. Thanks!

Further information

For more information and instructions about how to install Gitea, please look at our documentation. If you have questions that are not covered by the documentation, you can get in contact with us on our Discord server, or forum!

Authors

Backers

Thank you to all our backers! 🙏 [Become a backer]

Sponsors

Support this project by becoming a sponsor. Your logo will show up here with a link to your website. [Become a sponsor]

License

This project is licensed under the MIT License. See the LICENSE file for the full license text.