gitea

Lerking/gitea

Fork 0

mirror of https://github.com/go-gitea/gitea.git synced 2026-01-04 11:21:56 +01:00

Commit Graph

Author SHA1 Message Date

Author	SHA1	Message	Date
silverwind	42d294941c	Replace CSRF cookie with `CrossOriginProtection` (#36183 ) Some checks failed release-nightly / nightly-binary (push) Has been cancelled Details release-nightly / nightly-container (push) Has been cancelled Details Removes the CSRF cookie in favor of [`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection) which relies purely on HTTP headers. Fixes: https://github.com/go-gitea/gitea/issues/11188 Fixes: https://github.com/go-gitea/gitea/issues/30333 Helps: https://github.com/go-gitea/gitea/issues/35107 TODOs: - [x] Fix tests - [ ] Ideally add tests to validates the protection --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-12-25 12:33:34 +02:00
TheFox0x7	cc1fdc84ca	Use test context in tests and new loop system in benchmarks (#33648 ) Replace all contexts in tests with go1.24 t.Context() --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-02-20 09:57:40 +00:00
Jason Song	e9b98aef44	Enhance routers for the Actions runner operations (#33549 ) Some checks are pending release-nightly / nightly-binary (push) Waiting to run Details release-nightly / nightly-docker-rootful (push) Waiting to run Details release-nightly / nightly-docker-rootless (push) Waiting to run Details - Find the runner before deleting - Move the main logic from `routers/web/repo/setting/runners.go` to `routers/web/shared/actions/runners.go`. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2025-02-11 01:39:10 +00:00

silverwind

42d294941c

Replace CSRF cookie with CrossOriginProtection (#36183 )

release-nightly / nightly-binary (push) Has been cancelled

Details

release-nightly / nightly-container (push) Has been cancelled

Details

Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection)
which relies purely on HTTP headers.

Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107

TODOs:

- [x] Fix tests
- [ ] Ideally add tests to validates the protection

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

2025-12-25 12:33:34 +02:00

TheFox0x7

cc1fdc84ca

Use test context in tests and new loop system in benchmarks (#33648 )

Replace all contexts in tests with go1.24 t.Context()

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

2025-02-20 09:57:40 +00:00

Jason Song

e9b98aef44

Enhance routers for the Actions runner operations (#33549 )

release-nightly / nightly-binary (push) Waiting to run

Details

release-nightly / nightly-docker-rootful (push) Waiting to run

Details

release-nightly / nightly-docker-rootless (push) Waiting to run

Details

- Find the runner before deleting
- Move the main logic from `routers/web/repo/setting/runners.go` to
`routers/web/shared/actions/runners.go`.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

2025-02-11 01:39:10 +00:00

3 Commits