42d294941c
Removes the CSRF cookie in favor of [`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection) which relies purely on HTTP headers. Fixes: https://github.com/go-gitea/gitea/issues/11188 Fixes: https://github.com/go-gitea/gitea/issues/30333 Helps: https://github.com/go-gitea/gitea/issues/35107 TODOs: - [x] Fix tests - [ ] Ideally add tests to validates the protection --------- Signed-off-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
163 lines
6.7 KiB
Handlebars
163 lines
6.7 KiB
Handlebars
{{template "base/head" .}}
|
|
<div role="main" aria-label="{{.Title}}" class="page-content repository new release">
|
|
{{template "repo/header" .}}
|
|
<div class="ui container">
|
|
<h2 class="ui dividing header">
|
|
{{if .PageIsEditRelease}}
|
|
{{ctx.Locale.Tr "repo.release.edit_release"}}
|
|
<div class="sub header">{{ctx.Locale.Tr "repo.release.edit_subheader"}}</div>
|
|
{{else}}
|
|
{{ctx.Locale.Tr "repo.release.new_release"}}
|
|
<div class="sub header">{{ctx.Locale.Tr "repo.release.new_subheader"}}</div>
|
|
{{end}}
|
|
</h2>
|
|
{{template "base/alert" .}}
|
|
|
|
<form class="ui form" action="{{.Link}}" method="post" data-global-init="initReleaseEditForm"
|
|
data-existing-tags="{{JsonUtils.EncodeToString .Tags}}"
|
|
data-tag-helper="{{ctx.Locale.Tr "repo.release.tag_helper"}}"
|
|
data-tag-helper-new="{{ctx.Locale.Tr "repo.release.tag_helper_new"}}"
|
|
data-tag-helper-existing="{{ctx.Locale.Tr "repo.release.tag_helper_existing"}}"
|
|
>
|
|
<div class="inline field {{if .Err_TagName}}error{{end}}">
|
|
<label class="tw-block tw-mb-1"><b>{{ctx.Locale.Tr "repo.git_tag"}}</b></label>
|
|
{{if .PageIsEditRelease}}
|
|
<input type="hidden" name="tag_name" value="{{.tag_name}}">
|
|
<input type="hidden" name="tag_target" value="{{.tag_target}}">
|
|
<span>{{.tag_name}} @ {{.tag_target}}</span>
|
|
{{else}}
|
|
<div class="flex-text-block tw-flex-wrap">
|
|
<input type="text" class="tw-w-auto" name="tag_name" value="{{.tag_name}}" aria-label="{{ctx.Locale.Tr "repo.release.tag_name"}}" placeholder="{{ctx.Locale.Tr "repo.release.tag_name"}}" autofocus required maxlength="255">
|
|
<div class="tag-target-selector tw-contents">
|
|
<span>@</span>
|
|
<div class="ui selection dropdown">
|
|
<input type="hidden" name="tag_target" value="{{.tag_target}}">
|
|
{{svg "octicon-git-branch"}}
|
|
<div class="text">
|
|
{{ctx.Locale.Tr "repo.release.target"}} :
|
|
<strong id="repo-branch-current">{{.Repository.DefaultBranch}}</strong>
|
|
</div>
|
|
{{svg "octicon-triangle-down" 14 "dropdown icon"}}
|
|
<div class="menu">
|
|
{{range .Branches}}
|
|
<div class="item" data-value="{{.}}">{{.}}</div>
|
|
{{end}}
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
<div>
|
|
<span class="help tag-name-helper tw-pb-0">{{ctx.Locale.Tr "repo.release.tag_helper"}}</span>
|
|
</div>
|
|
{{end}}
|
|
</div>
|
|
|
|
<div class="field {{if .Err_Title}}error{{end}}">
|
|
<label><b>{{ctx.Locale.Tr "repo.release.title"}}</b></label>
|
|
<input name="title" aria-label="{{ctx.Locale.Tr "repo.release.title"}}" placeholder="{{ctx.Locale.Tr "repo.release.title"}}" value="{{.title}}" autofocus maxlength="255">
|
|
</div>
|
|
|
|
<div class="field">
|
|
<label><b>{{ctx.Locale.Tr "repo.release.notes"}}</b></label>
|
|
<button type="button" class="ui small compact button generate-release-notes"
|
|
data-generate-url="{{.RepoLink}}/releases/generate-notes"
|
|
data-tooltip-content="{{ctx.Locale.Tr "repo.release.generate_notes_desc"}}"
|
|
data-text-missing-tag="{{ctx.Locale.Tr "repo.release.generate_notes_missing_tag"}}"
|
|
>
|
|
{{ctx.Locale.Tr "repo.release.generate_notes"}}
|
|
</button>
|
|
</div>
|
|
<div class="field">
|
|
{{template "shared/combomarkdowneditor" (dict
|
|
"MarkdownPreviewInRepo" $.Repository
|
|
"MarkdownPreviewMode" "comment"
|
|
"TextareaName" "content"
|
|
"TextareaContent" .content
|
|
"TextareaPlaceholder" (ctx.Locale.Tr "repo.release.message")
|
|
"DropzoneParentContainer" "form"
|
|
)}}
|
|
</div>
|
|
|
|
{{range .attachments}}
|
|
<div class="field flex-text-block" id="attachment-{{.ID}}">
|
|
<div class="flex-text-block tw-flex-1">
|
|
<input name="attachment-edit-{{.UUID}}" class="tw-max-w-[48em]" required value="{{.Name}}">
|
|
<input name="attachment-del-{{.UUID}}" type="hidden" value="false">
|
|
<span class="text grey tw-flex-shrink-0">{{.Size | FileSize}}</span>
|
|
<span data-tooltip-content="{{ctx.Locale.Tr "repo.release.download_count" (ctx.Locale.PrettyNumber .DownloadCount)}}">
|
|
{{svg "octicon-info"}}
|
|
</span>
|
|
</div>
|
|
<a class="ui mini compact red button" data-global-click="onReleaseEditAttachmentDelete" data-id="{{.ID}}" data-uuid="{{.UUID}}">
|
|
{{ctx.Locale.Tr "remove"}}
|
|
</a>
|
|
</div>
|
|
{{end}}
|
|
{{if .IsAttachmentEnabled}}
|
|
<div class="field">
|
|
{{template "repo/upload" .}}
|
|
</div>
|
|
{{end}}
|
|
|
|
{{if not .PageIsEditRelease}}
|
|
<div class="field">
|
|
<div class="ui checkbox">
|
|
<input type="checkbox" name="add_tag_msg">
|
|
<label><strong>{{ctx.Locale.Tr "repo.release.add_tag_msg"}}</strong></label>
|
|
</div>
|
|
</div>
|
|
{{else}}
|
|
<input type="hidden" name="add_tag_msg" value="false">
|
|
{{end}}
|
|
|
|
<div class="field">
|
|
<div class="ui checkbox">
|
|
<input type="checkbox" name="prerelease" {{if .prerelease}}checked{{end}}>
|
|
<label><strong>{{ctx.Locale.Tr "repo.release.prerelease_desc"}}</strong></label>
|
|
</div>
|
|
<div class="help tw-block tw-ml-[21px]">{{ctx.Locale.Tr "repo.release.prerelease_helper"}}</div>
|
|
</div>
|
|
|
|
<div class="flex-text-block tw-justify-end">
|
|
{{if .PageIsEditRelease}}
|
|
<a class="ui small button" href="{{.RepoLink}}/releases">
|
|
{{ctx.Locale.Tr "repo.release.cancel"}}
|
|
</a>
|
|
<a class="ui small red button link-action"
|
|
data-modal-confirm-header="{{ctx.Locale.Tr "repo.release.deletion"}}" data-modal-confirm-content="{{ctx.Locale.Tr "repo.release.deletion_desc"}}"
|
|
data-url="{{$.RepoLink}}/releases/delete?id={{.ID}}">
|
|
{{ctx.Locale.Tr "repo.release.delete_release"}}
|
|
</a>
|
|
{{if .IsDraft}}
|
|
<button class="ui small button" type="submit" name="draft" value="1">{{ctx.Locale.Tr "repo.release.save_draft"}}</button>
|
|
<button class="ui small primary button">{{ctx.Locale.Tr "repo.release.publish"}}</button>
|
|
{{else}}
|
|
<button class="ui small primary button">{{ctx.Locale.Tr "repo.release.edit_release"}}</button>
|
|
{{end}}
|
|
{{else}}
|
|
{{if .ShowCreateTagOnlyButton}}
|
|
<button class="ui small button" name="tag_only" value="1">{{ctx.Locale.Tr "repo.release.add_tag"}}</button>
|
|
{{end}}
|
|
<button class="ui small button" name="draft" value="1">{{ctx.Locale.Tr "repo.release.save_draft"}}</button>
|
|
<button class="ui small primary button">{{ctx.Locale.Tr "repo.release.publish"}}</button>
|
|
{{end}}
|
|
</div>
|
|
</form>
|
|
</div>
|
|
</div>
|
|
|
|
<div id="generate-release-notes-modal" class="ui mini modal">
|
|
<div class="content ui form">
|
|
<p>{{ctx.Locale.Tr "repo.release.generate_notes_desc"}}</p>
|
|
<div class="field">
|
|
<label>{{ctx.Locale.Tr "repo.release.previous_tag"}}</label>
|
|
<select name="previous_tag" class="ui selection dropdown"></select>
|
|
</div>
|
|
<div class="actions">
|
|
<button class="ui primary ok button">{{ctx.Locale.Tr "repo.release.generate_notes"}}</button>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
{{template "base/footer" .}}
|