mirror of
1
Fork 0
forgejo/modules
Giteabot 7679f4d51a
Fix open redirect check for more cases () ()
Backport  by @lafriks

If redirect_to parameter has set value starting with `\\example.com`
redirect will be created with header `Location: /\\example.com` that
will redirect to example.com domain.

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-06-08 18:03:42 +02:00
..
actions Use the type RefName for all the needed places and fix pull mirror sync bugs () 2023-05-26 01:04:48 +00:00
activitypub
analyze
assetfs
auth
avatar
base
cache
charset
container
context Fix open redirect check for more cases () () 2023-06-08 18:03:42 +02:00
csv
doctor
emoji
eventsource
generate
git revert the removed method to fix tmpl break on graph page () 2023-05-30 21:36:58 +08:00
gitgraph
graceful Improve queue and logger context () 2023-05-26 07:31:55 +00:00
hcaptcha
highlight
hostmatcher
html
httpcache
httplib
indexer Improve queue and logger context () 2023-05-26 07:31:55 +00:00
issue/template
json
label
lfs
log Improve logger Pause handling () 2023-05-27 22:35:44 +02:00
markup
mcaptcha
metrics Use a separate admin page to show global stats, remove `actions` stat () 2023-06-03 22:03:41 +08:00
migration
mirror Improve queue and logger context () 2023-05-26 07:31:55 +00:00
nosql
notification Rename NotifyPullReviewRequest to NotifyPullRequestReviewRequest () 2023-05-31 15:54:46 +08:00
options
packages
paginator
pprof
private Use the type RefName for all the needed places and fix pull mirror sync bugs () 2023-05-26 01:04:48 +00:00
process Do not output "Trace" level logs from process manager by default () 2023-05-27 10:55:24 +00:00
proxy
proxyprotocol
public
queue Help to recover from corrupted levelqueue () 2023-05-29 10:52:32 +08:00
recaptcha
references
regexplru
repository Remove stars when repo goes private () 2023-06-05 13:25:43 +00:00
secret
session
setting Refactor INI package (first step) () 2023-06-02 17:27:30 +08:00
sitemap
ssh
storage
structs fix swagger documentation for multiple files API endpoint () 2023-06-07 23:49:58 +08:00
svg
sync
system
templates Remove the service worker () 2023-05-31 02:07:04 +00:00
test Fix admin config page error, use tests to cover the admin config and 500 error page () 2023-05-29 15:00:21 +00:00
testlogger
timeutil
translation Refactor INI package (first step) () 2023-06-02 17:27:30 +08:00
turnstile
typesniffer
updatechecker
upload
uri
user
util Add ability to set multiple redirect URIs in OAuth application UI () 2023-06-05 15:00:12 +08:00
validation
web
webhook