silverwind
|
42d294941c
|
Replace CSRF cookie with CrossOriginProtection (#36183)
Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection)
which relies purely on HTTP headers.
Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107
TODOs:
- [x] Fix tests
- [ ] Ideally add tests to validates the protection
---------
Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
2025-12-25 12:33:34 +02:00 |
|
Lunny Xiao
|
c0f24bd803
|
Move organization's visibility change to danger zone. (#34814)
<img width="1185" alt="image"
src="https://github.com/user-attachments/assets/d48c4db2-df7c-43b3-986c-62e042190a51"
/>
<img width="829" alt="image"
src="https://github.com/user-attachments/assets/772b8a14-6837-41f2-9d78-9f0489ef1c7d"
/>
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
2025-08-20 20:57:42 -07:00 |
|
Lunny Xiao
|
7de114a332
|
Rework delete org and rename org UI (#34762)
# What's the problem of the original implementation
Renaming organization will mix with organization's information change
make the operation difficult to keep consistent.
This PR created a danger zone like what's repository setting. It also
moved organization's `rename` and `delete` operations to this zone. The
original updating repository will not change the name any more.
This is also a step to extract the `updaterepository` function
completely.
Before:
After:
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
2025-06-21 18:21:48 +00:00 |
|