silverwind
cda44750cb
Attachments: Add extension support, allow all types for releases ( #12465 )
...
* Attachments: Add extension support, allow all types for releases
- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
releases to prevent circumvention of allowed types check
Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers
* rename function
* extract GET routes out of RepoMustNotBeArchived
Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago
Lunny Xiao
1645d4a5d8
Use ID or Where to instead directly use Get when load object from database ( #11925 )
...
* Use ID or Where to instead directly use Get when load object from database
* Apply suggestions from code review
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
5 years ago
Lunny Xiao
85202d4784
Display ui time with customize time location ( #7792 )
...
* display ui time with customize time location
* fix lint
* rename UILocation to DefaultUILocation
* move time related functions to modules/timeutil
* fix tests
* fix tests
* fix build
* fix swagger
5 years ago
SagePtr
59f879bfec
Fix double-generation of scratch token ( #6832 ) ( #6833 )
6 years ago
techknowlogick
adf3f004b6
Switch plaintext scratch tokens to use hash instead ( #4331 )
7 years ago
Lauris BH
1e1ece8f3d
Do not allow to reuse TOTP passcode ( #3878 )
7 years ago
Codruț Constantin Gușoi
96c268c0fc
Implements generator cli for secrets ( #3531 )
...
Signed-off-by: Codruț Constantin Gușoi <codrut.gusoi@gmail.com>
7 years ago
Morgan Bazalgette
edce41ae65
go back to using CFB for AES decryption/encryption for 2FA ( #3274 )
7 years ago
Lunny Xiao
f2e20c81b6
Refactor struct's time to remove unnecessary memory usage ( #3142 )
...
* refactor struct's time to remove unnecessary memory usage
* use AsTimePtr simple code
* fix tests
* fix time compare
* fix template on gpg
* use AddDuration instead of Add
7 years ago
Ethan Koenig
b7ebaf6d20
Various wiki bug fixes ( #2996 )
...
* Update macaron
* Various wiki bug fixes
7 years ago
Ethan Koenig
aa962deec0
Replace deprecated Id method with ID ( #2655 )
7 years ago
Lunny Xiao
a8717e5e3a
Use AfterLoad instead of AfterSet on Structs ( #2628 )
...
* use AfterLoad instead of AfterSet on Structs
* fix the comments on AfterLoad
* fix the comments on action AfterLoad
7 years ago
Lunny Xiao
005900baea
Use created & updated instead BeforeInsert & BeforeUpdate ( #2482 )
...
* use created & updated instead BeforeInsert & BeforeUpdate
* fix vendor checksum
* only show generated SQL when development mode
* remove extra update column updated_unix
* remove trace config
7 years ago
Andrew
6dd096b7f0
Two factor authentication support ( #630 )
...
* Initial commit for 2FA support
Signed-off-by: Andrew <write@imaginarycode.com>
* Add vendored files
* Add missing depends
* A few clean ups
* Added improvements, proper encryption
* Better encryption key
* Simplify "key" generation
* Make 2FA enrollment page more robust
* Fix typo
* Rename twofa/2FA to TwoFactor
* UNIQUE INDEX -> UNIQUE
8 years ago