gitlab-org--gitlab-foss/lib/api
Jörg Thalheim 9f089ac48c use constant-time string compare for internal api authentication
Ruby str_equal uses memcmp internally to compare String.
Memcmp is vunerable to timing attacks because it returns early
on mismatch (on most x32 platforms memcmp uses a bytewise comparision).
Devise.secure_compare implements a constant time comparision instead.
2015-03-06 20:06:26 +01:00
..
api.rb Rubocop enabled for: Use spaces inside hash literal braces 2015-02-02 20:36:54 -08:00
api_guard.rb Rubocop: Style/CaseIndentation enabled 2015-02-02 21:26:40 -08:00
branches.rb Update branch api not found messages to 'Branch not found'. 2014-12-30 13:37:14 +01:00
commits.rb Add a message when unable to save an object through api. 2015-01-07 10:46:00 +01:00
deploy_keys.rb Fix failing tests due to updates on the return messages. 2015-01-07 11:39:20 +01:00
entities.rb Enable ParenthesesAsGroupedExpression rule 2015-03-02 18:45:28 -08:00
files.rb Improve error messages when file editing fails 2015-02-22 16:01:49 -07:00
group_members.rb Edit group members via API 2015-02-11 18:53:07 -07:00
groups.rb Remove Group#owner_id from API since it is not used any more 2015-02-17 16:23:44 -08:00
helpers.rb use constant-time string compare for internal api authentication 2015-03-06 20:06:26 +01:00
internal.rb Don't leak information about private project existence via Git-over-SSH/HTTP. 2015-03-02 17:52:48 +01:00
issues.rb Refactor and improve sorting objects in API for projects, issues and merge requests 2015-02-05 22:00:54 -08:00
labels.rb Fix failing tests due to updates on the return messages. 2015-01-07 11:39:20 +01:00
merge_requests.rb Refactor and improve sorting objects in API for projects, issues and merge requests 2015-02-05 22:00:54 -08:00
milestones.rb Fix the test and add documentation for the "per-milestone issues API call" 2015-01-22 12:14:53 +01:00
namespaces.rb Avoid using {...} for multi-line blocks 2015-02-02 21:22:57 -08:00
notes.rb Add a message when unable to save an object through api. 2015-01-07 10:46:00 +01:00
project_hooks.rb Forward the messages in api response. 2014-12-30 15:17:46 +01:00
project_members.rb Edit group members via API 2015-02-11 18:53:07 -07:00
project_snippets.rb Improve error reporting on users API 2014-09-16 01:25:24 +02:00
projects.rb Refactor and improve sorting objects in API for projects, issues and merge requests 2015-02-05 22:00:54 -08:00
repositories.rb Handle errors on API when a project does not have a repository (Closes #6289) 2015-01-19 14:13:30 +01:00
services.rb Add Hipchat services API 2014-10-14 19:07:34 +02:00
session.rb Add LDAP support to /api/session 2013-07-16 11:28:19 +03:00
system_hooks.rb Avoid using {...} for multi-line blocks 2015-02-02 21:22:57 -08:00
users.rb Merge branch 'master' into mmonaco/gitlab-ce-api-user-noconfirm 2015-02-27 13:01:57 -08:00