Zeger-Jan van de Weg
9a2869ab46
Branded login page also in CE
...
The only major difference with the EE version is the change from a light and dark logo to only a header logo
The dark logo wasn't used anyway, so it seemed to make sense to me to rename the field to the actual function of it
2016-02-26 15:50:51 +01:00
Valery Sizov
8346dde052
Only render 404 page from /public
2015-10-13 20:12:34 +03:00
Douwe Maan
783b286ac0
Don't symbolize params.
2015-05-11 11:55:02 +02:00
Jeroen van Baarsen
5a4ebfb47a
Fixed the Rails/ActionFilter cop
...
Signed-off-by: Jeroen van Baarsen <jeroenvanbaarsen@gmail.com>
2015-04-20 15:39:37 +02:00
Douwe Maan
f5e42f602f
Reject access to group/project avatar if the user doesn't have access.
2015-03-10 17:13:02 +01:00
Dmitriy Zaporozhets
16e899ca8b
Add brakeman rake task and improve code security
2015-03-02 18:11:50 -08:00
Douwe Maan
0283fff591
Merge branch 'master' into extend_markdown_upload
...
# Conflicts:
# app/views/projects/issues/_form.html.haml
# app/views/projects/merge_requests/_form.html.haml
# app/views/projects/merge_requests/_new_submit.html.haml
# app/views/projects/milestones/_form.html.haml
# app/views/projects/notes/_form.html.haml
# app/views/projects/wikis/_form.html.haml
# config/routes.rb
# spec/controllers/projects_controller_spec.rb
2015-02-24 14:54:39 +01:00
Dmitriy Zaporozhets
897a2de54c
Allow non authenticated access to avatars
2015-02-23 19:35:42 -08:00
Douwe Maan
218283b368
Merge branch 'extend_markdown_upload' into generic-uploads
...
# Conflicts:
# app/controllers/files_controller.rb
# app/controllers/projects/uploads_controller.rb
# app/uploaders/attachment_uploader.rb
2015-02-20 15:37:37 +01:00
Douwe Maan
00ca490259
Use controllers to serve uploads, with XSS prevention and access control.
2015-02-20 13:13:48 +01:00
