github-forks
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Projects Releases Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
release/v1.23
release/v1.22
release/v1.21
release/v1.20
release/v1.19
release/v1.18
release/v1.17
release/v1.16
release/v1.15
release/v1.14
release/v1.13
release/v1.12
release/v1.11
release/v1.10
release/v1.9
release/v1.8
v1.23.1
v1.23.0
v1.23.0-rc0
v1.22.6
v1.22.5
v1.22.4
v1.22.3
v1.22.2
v1.22.1
v1.22.0
v1.22.0-rc1
v1.21.11
v1.22.0-rc0
v1.21.10
v1.21.9
v1.21.8
v1.21.7
v1.21.6
v1.21.5
v1.21.4
v1.21.3
v1.21.2
v1.20.6
v1.21.1
v1.21.0
v1.21.0-rc2
v1.21.0-rc1
v1.20.5
v1.22.0-dev
v1.21.0-rc0
v1.20.4
v1.20.3
v1.20.2
v1.20.1
v1.20.0
v1.19.4
v1.21.0-dev
v1.20.0-rc2
v1.19.3
v1.19.2
v1.19.1
v1.19.0
v1.19.0-rc1
v1.20.0-dev
v1.19.0-rc0
v1.18.5
v1.18.4
v1.18.3
v1.18.2
v1.18.1
v1.18.0
v1.17.4
v1.18.0-rc1
v1.19.0-dev
v1.18.0-rc0
v1.17.3
v1.17.2
v1.17.1
v1.17.0
v1.17.0-rc2
v1.16.9
v1.17.0-rc1
v1.18.0-dev
v1.16.8
v1.16.7
v1.16.6
v1.16.5
v1.16.4
v1.16.3
v1.16.2
v1.16.1
v1.16.0
v1.15.11
v1.17.0-dev
v1.16.0-rc1
v1.15.10
v1.15.9
v1.15.8
v1.15.7
v1.15.6
v1.15.5
v1.15.4
v1.15.3
v1.15.2
v1.15.1
v1.14.7
v1.15.0
v1.15.0-rc3
v1.14.6
v1.15.0-rc2
v1.14.5
v1.16.0-dev
v1.15.0-rc1
v1.14.4
v1.14.3
v1.14.2
v1.14.1
v1.14.0
v1.13.7
v1.14.0-rc2
v1.13.6
v1.13.5
v1.14.0-rc1
v1.15.0-dev
v1.13.4
v1.13.3
v1.13.2
v1.13.1
v1.13.0
v1.12.6
v1.13.0-rc2
v1.14.0-dev
v1.13.0-rc1
v1.12.5
v1.12.4
v1.12.3
v1.12.2
v1.12.1
v1.11.8
v1.12.0
v1.11.7
v1.12.0-rc2
v1.11.6
v1.12.0-rc1
v1.13.0-dev
v1.11.5
v1.11.4
v1.11.3
v1.10.6
v1.12.0-dev
v1.11.2
v1.10.5
v1.11.1
v1.10.4
v1.11.0
v1.11.0-rc2
v1.10.3
v1.11.0-rc1
v1.10.2
v1.10.1
v1.10.0
v1.9.6
v1.9.5
v1.10.0-rc2
v1.11.0-dev
v1.10.0-rc1
v1.9.4
v1.9.3
v1.9.2
v1.9.0
v1.9.0-rc2
v1.10.0-dev
v1.9.0-rc1
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.8.0-rc3
v1.7.6
v1.8.0-rc2
v1.7.5
v1.8.0-rc1
v1.9.0-dev
v1.7.4
v1.7.3
v1.7.2
v1.7.1
v1.7.0
v1.7.0-rc3
v1.6.4
v1.7.0-rc2
v1.6.3
v1.7.0-rc1
v1.7.0-dev
v1.6.2
v1.6.1
v1.6.0
v1.6.0-rc2
v1.5.3
v1.6.0-rc1
v1.6.0-dev
v1.5.2
v1.5.1
v1.5.0
v1.5.0-rc2
v1.5.0-rc1
v1.5.0-dev
v1.4.3
v1.4.1
v1.4.0
v1.4.0-rc3
v1.4.0-rc2
v1.3.3
v1.4.0-rc1
v1.3.2
v1.3.1
v1.3.0
v1.3.0-rc2
v1.3.0-rc1
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.2.0-rc2
v1.1.4
v1.2.0-rc1
v1.1.3
v1.1.1
v1.1.0
v1.0.2
v0.9.99
v1.0.0
v1.0.1
v1.1.2
v1.2.0-rc3
v1.20.0-rc0
v1.20.0-rc1
v1.23.0-dev
v1.24.0-dev
v1.4.2
v1.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'cab7b7f59c'
${ noResults }
gitea/modules/setting
History
KN4CK3R c6c829fe3f
Enhanced auth token / remember me (#27606) 
Closes #27455

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
 		1 year ago
..
config Refactor system setting (#27000) 1 year ago
actions.go Make Actions tasks/jobs timeouts configurable by the user (#27400) 1 year ago
actions_test.go Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581) 2 years ago
admin.go Refactor the setting to make unit test easier (#22405) 2 years ago
api.go Refactor the setting to make unit test easier (#22405) 2 years ago
asset_dynamic.go Use a general approach to access custom/static/builtin assets (#24022) 2 years ago
asset_static.go Use a general approach to access custom/static/builtin assets (#24022) 2 years ago
attachment.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
attachment_test.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
cache.go Refactor the setting to make unit test easier (#22405) 2 years ago
camo.go Refactor the setting to make unit test easier (#22405) 2 years ago
config.go Refactor system setting (#27000) 1 year ago
config_env.go Fix `environment-to-ini` inherited key bug (#27543) 1 year ago
config_env_test.go Fix `environment-to-ini` inherited key bug (#27543) 1 year ago
config_provider.go Remove redundant `len` check around loop (#27464) 1 year ago
config_provider_test.go Fix INI parsing for value with trailing slash (#26995) 1 year ago
cors.go Fix incorrect CORS default values (#24206) 2 years ago
cron.go Replace `interface{}` with `any` (#25686) 2 years ago
cron_test.go Rewrite queue (#24505) 2 years ago
database.go Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413) 2 years ago
database_sqlite.go Implement FSFE REUSE for golang files (#21840) 2 years ago
database_test.go Implement FSFE REUSE for golang files (#21840) 2 years ago
federation.go Refactor the setting to make unit test easier (#22405) 2 years ago
git.go Use `[git.config]` for reflog cleaning up (#24958) 2 years ago
git_test.go Use `[git.config]` for reflog cleaning up (#24958) 2 years ago
highlight.go Refactor the setting to make unit test easier (#22405) 2 years ago
i18n.go Refactor the setting to make unit test easier (#22405) 2 years ago
incoming_email.go Refactor the setting to make unit test easier (#22405) 2 years ago
indexer.go Allow skipping forks and mirrors from being indexed (#23187) 2 years ago
indexer_test.go Implement FSFE REUSE for golang files (#21840) 2 years ago
lfs.go Handle base64 decoding correctly to avoid panic (#26483) 1 year ago
lfs_test.go Display deprecated warning in admin panel pages as well as in the log file (#26094) 2 years ago
log.go Clarify the logger's MODE config option (#26267) 2 years ago
log_test.go Replace `interface{}` with `any` (#25686) 2 years ago
mailer.go Make mailer SMTP check have timed context (#24751) 2 years ago
mailer_test.go Remove unnecessary code (#24610) 2 years ago
markup.go Add .livemd as a markdown extension (#22730) 2 years ago
metrics.go Refactor the setting to make unit test easier (#22405) 2 years ago
migrations.go Refactor the setting to make unit test easier (#22405) 2 years ago
mime_type_map.go Refactor the setting to make unit test easier (#22405) 2 years ago
mirror.go Avoid polluting the config (#25345) 2 years ago
oauth2.go Pre-register OAuth application for tea (#27509) 1 year ago
other.go Refactor `setting.Other` and remove unused `SHOW_FOOTER_BRANDING` (#24270) 2 years ago
packages.go Avoid creating directories when loading config (#25944) 2 years ago
packages_test.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
path.go Update path related documents (#25417) 2 years ago
path_test.go Refactor path & config system (#25330) 2 years ago
picture.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
project.go Refactor the setting to make unit test easier (#22405) 2 years ago
proxy.go Refactor the setting to make unit test easier (#22405) 2 years ago
queue.go Increase queue length (#27555) 1 year ago
repository.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
repository_archive.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
repository_archive_test.go Fix all possible setting error related storages and added some tests (#23911) 2 years ago
security.go Enhanced auth token / remember me (#27606) 1 year ago
server.go Remove some dead code (#27196) 1 year ago
service.go Add reverseproxy auth for API back with default disabled (#26703) 1 year ago
service_test.go Fix allowed user types setting problem (#26200) 2 years ago
session.go Use secure cookie for HTTPS sites (#26999) 1 year ago
setting.go Make "install page" respect environment config (#25648) 2 years ago
setting_test.go Implement FSFE REUSE for golang files (#21840) 2 years ago
ssh.go Expanded minimum RSA Keylength to 3072 (#26604) 1 year ago
storage.go Fix storage path logic especially for relative paths (#26441) 1 year ago
storage_test.go Fix storage path logic especially for relative paths (#26441) 1 year ago
task.go handle deprecated settings (#22992) 2 years ago
time.go Remove unused setting `time.FORMAT` (#24430) 2 years ago
ui.go Rename the default themes to gitea-light, gitea-dark, gitea-auto (#27419) 1 year ago
webhook.go Refactor the setting to make unit test easier (#22405) 2 years ago