github-forks
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Projects Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
release/v1.23
main
release/v1.22
release/v1.21
release/v1.20
release/v1.19
release/v1.18
release/v1.17
release/v1.16
release/v1.15
release/v1.14
release/v1.13
release/v1.12
release/v1.11
release/v1.10
release/v1.9
release/v1.8
v1.23.3
v1.23.2
v1.23.1
v1.23.0
v1.23.0-rc0
v1.22.6
v1.22.5
v1.22.4
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.22.0-rc1
v1.21.11
v1.22.0-rc0
v1.21.10
v1.21.9
v1.21.8
v1.21.7
v1.21.6
v1.21.5
v1.21.4
v1.21.3
v1.21.2
v1.20.6
v1.21.1
v1.21.0
v1.21.0-rc2
v1.21.0-rc1
v1.20.5
v1.22.0-dev
v1.21.0-rc0
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.19.4
v1.21.0-dev
v1.20.0-rc2
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.19.0-rc1
v1.20.0-dev
v1.19.0-rc0
v1.18.5
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.4
v1.18.0-rc1
v1.19.0-dev
v1.18.0-rc0
v1.17.3
v1.17.2
v1.17.1
v1.17.0
v1.17.0-rc2
v1.16.9
v1.17.0-rc1
v1.18.0-dev
v1.16.8
v1.16.7
v1.16.6
v1.16.5
v1.16.4
v1.16.3
v1.16.2
v1.16.1
v1.16.0
v1.15.11
v1.17.0-dev
v1.16.0-rc1
v1.15.10
v1.15.9
v1.15.8
v1.15.7
v1.15.6
v1.15.5
v1.15.4
v1.15.3
v1.15.2
v1.15.1
v1.14.7
v1.15.0
v1.15.0-rc3
v1.14.6
v1.15.0-rc2
v1.14.5
v1.16.0-dev
v1.15.0-rc1
v1.14.4
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.7
v1.14.0-rc2
v1.13.6
v1.13.5
v1.14.0-rc1
v1.15.0-dev
v1.13.4
v1.13.3
v1.13.2
v1.13.1
v1.13.0
v1.12.6
v1.13.0-rc2
v1.14.0-dev
v1.13.0-rc1
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.11.8
v1.12.0
v1.11.7
v1.12.0-rc2
v1.11.6
v1.12.0-rc1
v1.13.0-dev
v1.11.5
v1.11.4
v1.11.3
v1.10.6
v1.12.0-dev
v1.11.2
v1.10.5
v1.11.1
v1.10.4
v1.11.0
v1.11.0-rc2
v1.10.3
v1.11.0-rc1
v1.10.2
v1.10.1
v1.10.0
v1.9.6
v1.9.5
v1.10.0-rc2
v1.11.0-dev
v1.10.0-rc1
v1.9.4
v1.9.3
v1.9.2
v1.9.0
v1.9.0-rc2
v1.10.0-dev
v1.9.0-rc1
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.8.0-rc3
v1.7.6
v1.8.0-rc2
v1.7.5
v1.8.0-rc1
v1.9.0-dev
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.7.0-rc3
v1.6.4
v1.7.0-rc2
v1.6.3
v1.7.0-rc1
v1.7.0-dev
v1.6.2
v1.6.1
v1.6.0
v1.6.0-rc2
v1.5.3
v1.6.0-rc1
v1.6.0-dev
v1.5.2
v1.5.1
v1.5.0
v1.5.0-rc2
v1.5.0-rc1
v1.5.0-dev
v1.4.3
v1.4.1
v1.4.0
v1.4.0-rc3
v1.4.0-rc2
v1.3.3
v1.4.0-rc1
v1.3.2
v1.3.1
v1.3.0
v1.3.0-rc2
v1.3.0-rc1
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.2.0-rc2
v1.1.4
v1.2.0-rc1
v1.1.3
v1.1.1
v1.1.0
v1.0.2
v0.9.99
v1.0.0
v1.0.1
v1.1.2
v1.2.0-rc3
v1.20.0-rc0
v1.20.0-rc1
v1.23.0-dev
v1.24.0-dev
v1.4.2
v1.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b8490d59de'
${ noResults }
gitea/modules/setting
History
Jack Hay 4e879fed90
Deprecate query string auth tokens (#28390) 
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example: 
  ```
  HTTP/1.1 200 OK
  ...
  Warning: token and access_token API authentication is deprecated
  ...
  ```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`

## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed

## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)

---------

Co-authored-by: delvh <dev.lh@web.de>
 		1 year ago
..
config Refactor system setting (#27000) 1 year ago
actions.go add skip ci functionality (#28075) 1 year ago
actions_test.go Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581) 2 years ago
admin.go Refactor the setting to make unit test easier (#22405) 2 years ago
api.go Refactor the setting to make unit test easier (#22405) 2 years ago
asset_dynamic.go Use a general approach to access custom/static/builtin assets (#24022) 2 years ago
asset_static.go Use a general approach to access custom/static/builtin assets (#24022) 2 years ago
attachment.go Fix incorrect default value of `[attachment].MAX_SIZE` (#28373) 1 year ago
attachment_test.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
cache.go Refactor the setting to make unit test easier (#22405) 2 years ago
camo.go Refactor the setting to make unit test easier (#22405) 2 years ago
config.go Refactor system setting (#27000) 1 year ago
config_env.go Fix `environment-to-ini` inherited key bug (#27543) 1 year ago
config_env_test.go Fix `environment-to-ini` inherited key bug (#27543) 1 year ago
config_provider.go Remove redundant `len` check around loop (#27464) 1 year ago
config_provider_test.go Fix INI parsing for value with trailing slash (#26995) 1 year ago
cors.go Fix incorrect CORS default values (#24206) 2 years ago
cron.go Replace `interface{}` with `any` (#25686) 2 years ago
cron_test.go Rewrite queue (#24505) 2 years ago
database.go Use `filepath` instead of `path` to create SQLite3 database file (#28374) 1 year ago
database_sqlite.go Implement FSFE REUSE for golang files (#21840) 2 years ago
database_test.go Fix incorrect pgsql conn builder behavior (#28085) 1 year ago
federation.go Refactor the setting to make unit test easier (#22405) 2 years ago
git.go Use `[git.config]` for reflog cleaning up (#24958) 2 years ago
git_test.go Use `[git.config]` for reflog cleaning up (#24958) 2 years ago
highlight.go Refactor the setting to make unit test easier (#22405) 2 years ago
i18n.go Refactor the setting to make unit test easier (#22405) 2 years ago
incoming_email.go Refactor the setting to make unit test easier (#22405) 2 years ago
indexer.go Allow skipping forks and mirrors from being indexed (#23187) 2 years ago
indexer_test.go Implement FSFE REUSE for golang files (#21840) 2 years ago
lfs.go Handle base64 decoding correctly to avoid panic (#26483) 2 years ago
lfs_test.go Display deprecated warning in admin panel pages as well as in the log file (#26094) 2 years ago
log.go Clarify the logger's MODE config option (#26267) 2 years ago
log_test.go Replace `interface{}` with `any` (#25686) 2 years ago
mailer.go Make mailer SMTP check have timed context (#24751) 2 years ago
mailer_test.go Remove unnecessary code (#24610) 2 years ago
markup.go Add .livemd as a markdown extension (#22730) 2 years ago
metrics.go Refactor the setting to make unit test easier (#22405) 2 years ago
migrations.go Refactor the setting to make unit test easier (#22405) 2 years ago
mime_type_map.go Refactor the setting to make unit test easier (#22405) 2 years ago
mirror.go Avoid polluting the config (#25345) 2 years ago
oauth2.go Pre-register OAuth application for tea (#27509) 1 year ago
other.go Refactor `setting.Other` and remove unused `SHOW_FOOTER_BRANDING` (#24270) 2 years ago
packages.go Avoid creating directories when loading config (#25944) 2 years ago
packages_test.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
path.go Update path related documents (#25417) 2 years ago
path_test.go Refactor path & config system (#25330) 2 years ago
picture.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
project.go Refactor the setting to make unit test easier (#22405) 2 years ago
proxy.go Refactor the setting to make unit test easier (#22405) 2 years ago
queue.go Increase queue length (#27555) 1 year ago
repository.go Change default size of attachments and repo files (#28100) 1 year ago
repository_archive.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
repository_archive_test.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
security.go Deprecate query string auth tokens (#28390) 1 year ago
server.go Remove some dead code (#27196) 1 year ago
service.go Add reverseproxy auth for API back with default disabled (#26703) 1 year ago
service_test.go Fix allowed user types setting problem (#26200) 2 years ago
session.go Use secure cookie for HTTPS sites (#26999) 1 year ago
setting.go Make "install page" respect environment config (#25648) 2 years ago
setting_test.go Implement FSFE REUSE for golang files (#21840) 2 years ago
ssh.go Expanded minimum RSA Keylength to 3072 (#26604) 1 year ago
storage.go Support storage base path as prefix (#27827) 1 year ago
storage_test.go Support storage base path as prefix (#27827) 1 year ago
task.go handle deprecated settings (#22992) 2 years ago
time.go Remove unused setting `time.FORMAT` (#24430) 2 years ago
ui.go Allow to set explore page default sort (#27951) 1 year ago
webhook.go Refactor the setting to make unit test easier (#22405) 2 years ago