gitcaddy/gitea
2
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases 3 Wiki Activity
main
gitea/templates/org/team
History
silverwind 42d294941c
Replace CSRF cookie with CrossOriginProtection (#36183) 
Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection)
which relies purely on HTTP headers.

Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107

TODOs:

- [x] Fix tests
- [ ] Ideally add tests to validates the protection

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-12-25 12:33:34 +02:00
..
invite.tmpl Replace CSRF cookie with CrossOriginProtection (#36183) 2025-12-25 12:33:34 +02:00
members.tmpl Replace CSRF cookie with CrossOriginProtection (#36183) 2025-12-25 12:33:34 +02:00
navbar.tmpl Fix all rounded borders, change affected tab menus to pills (#30707) 2024-04-29 20:53:15 +00:00
new.tmpl Replace CSRF cookie with CrossOriginProtection (#36183) 2025-12-25 12:33:34 +02:00
repositories.tmpl Replace CSRF cookie with CrossOriginProtection (#36183) 2025-12-25 12:33:34 +02:00
sidebar.tmpl Replace CSRF cookie with CrossOriginProtection (#36183) 2025-12-25 12:33:34 +02:00
teams.tmpl Replace CSRF cookie with CrossOriginProtection (#36183) 2025-12-25 12:33:34 +02:00