gitea

mirrors/gitea

Fork 0

mirror of https://github.com/go-gitea/gitea.git synced 2025-12-25 15:49:03 +00:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
silverwind	42d294941c	Replace CSRF cookie with `CrossOriginProtection` (#36183 ) Removes the CSRF cookie in favor of [`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection) which relies purely on HTTP headers. Fixes: https://github.com/go-gitea/gitea/issues/11188 Fixes: https://github.com/go-gitea/gitea/issues/30333 Helps: https://github.com/go-gitea/gitea/issues/35107 TODOs: - [x] Fix tests - [ ] Ideally add tests to validates the protection --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-12-25 12:33:34 +02:00
Lunny Xiao	17c8aa6587	Add rebase push display wrong comments bug (#35560 ) Fix #35518 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-10-03 15:16:17 -07:00

silverwind

42d294941c

Replace CSRF cookie with CrossOriginProtection (#36183 )

Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection)
which relies purely on HTTP headers.

Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107

TODOs:

- [x] Fix tests
- [ ] Ideally add tests to validates the protection

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

2025-12-25 12:33:34 +02:00

Lunny Xiao

17c8aa6587

Add rebase push display wrong comments bug (#35560 )

Fix #35518

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

2025-10-03 15:16:17 -07:00

2 Commits