22 Commits

Author	SHA1	Message	Date
silverwind	42d294941c	Replace CSRF cookie with CrossOriginProtection (#36183) ... Removes the CSRF cookie in favor of [`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection) which relies purely on HTTP headers. Fixes: https://github.com/go-gitea/gitea/issues/11188 Fixes: https://github.com/go-gitea/gitea/issues/30333 Helps: https://github.com/go-gitea/gitea/issues/35107 TODOs: - [x] Fix tests - [ ] Ideally add tests to validates the protection --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-12-25 12:33:34 +02:00
a1012112796	a4e23b81d3	fix attachment file size limit in server backend (#35519) ... fix #35512 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-10-21 15:07:11 +00:00
silverwind	1f35435b81	Run gopls modernize on codebase (#34751) ... Recent modernize fixes: https://github.com/golang/tools/commits/master/gopls/internal/analysis/modernize	2025-06-18 01:48:09 +00:00
NorthRealm	1e2f3514b9	Add endpoint deleting workflow run (#34337) ... Add endpoint deleting workflow run Resolves #26219 /claim #26219 --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-05-13 19:18:13 +00:00
wxiaoguang	8aee07a064	Improve "not found" error messages for API (#34267) ... Make the message clear, for example: #34266	2025-04-23 17:42:50 +08:00
Denys Konovalov	9a071a596f	Add API endpoint to request contents of multiple files simultaniously (#34139) ... Adds an API POST endpoint under `/repos/{owner}/{repo}/file-contents` which receives a list of paths and returns a list of the contents of these files. This API endpoint will be helpful for applications like headless CMS (reference: https://github.com/sveltia/sveltia-cms/issues/198) which need to retrieve a large number of files by reducing the amount of needed API calls. Close #33495 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-04-22 01:20:11 +08:00
TheFox0x7	ee3c82f874	Enable addtional linters (#34085) ... enable mirror, usestdlibbars and perfsprint part of: https://github.com/go-gitea/gitea/issues/34083 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-04-01 10:14:01 +00:00
Lunny Xiao	0056fdb942	Move git references checking to gitrepo packages to reduce expose of repository path (#33891)	2025-03-15 19:48:59 -07:00
wxiaoguang	3996518ed4	Refactor cache-control (#33861) ... And fix #21391	2025-03-13 07:04:50 +08:00
wxiaoguang	56a0a9c750	Fix git empty check and HEAD request (#33690)	2025-02-24 02:11:29 +00:00
wxiaoguang	15e020eec8	Refactor error system (#33626)	2025-02-17 12:41:03 -08:00
wxiaoguang	f35850f48e	Refactor error system (#33610)	2025-02-16 22:13:17 -08:00
wxiaoguang	30993e9508	Feature: Support workflow event dispatch via API (#33545) ... Fix: https://github.com/go-gitea/gitea/issues/31765 (Re-open #32059) --------- Co-authored-by: Bence Santha <git@santha.eu> Co-authored-by: Bence Sántha <7604637+bencurio@users.noreply.github.com> Co-authored-by: Christopher Homberger <christopher.homberger@web.de>	2025-02-11 03:05:42 +08:00
wxiaoguang	f24d73ab5f	Fix "redirect link" handling (#33440) ... `a%2fb` should not redirect to `a/b` --------- Co-authored-by: delvh <dev.lh@web.de>	2025-01-31 04:12:14 +08:00
wxiaoguang	65aae0912a	Fix raw file API ref handling (#33172) ... Fix #33164 and add more tests	2025-01-10 01:31:49 +00:00
Chai-Shi	0387195abb	[Feature] Private README.md for organization (#32872) ... Implemented #29503 --------- Co-authored-by: Ben Chang <ben_chang@htc.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2024-12-31 04:22:09 +00:00
wxiaoguang	6d5aa9218e	Refactor request context (#32956) ... Introduce RequestContext: is a short-lived context that is used to store request-specific data. RequestContext could be used to clean form tmp files, close context git repo, and do some tracing in the future. Then a lot of legacy code could be removed or improved. For example: most `ctx.Repo.GitRepo.Close()` could be removed because the git repo could be closed when the request is done.	2024-12-24 11:43:57 +08:00
wxiaoguang	61c35590c7	Refactor RepoRefByType (#32413) ... 1. clarify the "filepath" could(should) contain "{ref}" 2. remove unclear RepoRefLegacy and RepoRefAny, use RepoRefUnknown to guess 3. by the way, avoid using AppURL	2024-11-05 06:35:54 +00:00
Lunny Xiao	d6d3c96e65	Fix bug when a token is given public only (#32204)	2024-10-08 12:51:09 +03:00
wxiaoguang	43c7a2e7b1	Refactor names (#31405) ... This PR only does "renaming": * `Route` should be `Router` (and chi router is also called "router") * `Params` should be `PathParam` (to distingush it from URL query param, and to match `FormString`) * Use lower case for private functions to avoid exposing or abusing	2024-06-19 06:32:45 +08:00
wxiaoguang	c248f010ad	Refactor cache and disable go-chi cache (#30417) ... use built-in cache package to wrap external go-chi cache package	2024-04-13 08:38:44 +00:00
Lunny Xiao	29f149bd9f	Move context from modules to services (#29440) ... Since `modules/context` has to depend on `models` and many other packages, it should be moved from `modules/context` to `services/context` according to design principles. There is no logic code change on this PR, only move packages. - Move `code.gitea.io/gitea/modules/context` to `code.gitea.io/gitea/services/context` - Move `code.gitea.io/gitea/modules/contexttest` to `code.gitea.io/gitea/services/contexttest` because of depending on context - Move `code.gitea.io/gitea/modules/upload` to `code.gitea.io/gitea/services/context/upload` because of depending on context	2024-02-27 08:12:22 +01:00