1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-12-04 14:46:57 -05:00
gitea/routers/api/v1
Kemal Zebari 7adc4717ec
Include file extension checks in attachment API (#32151)
From testing, I found that issue posters and users with repository write
access are able to edit attachment names in a way that circumvents the
instance-level file extension restrictions using the edit attachment
APIs. This snapshot adds checks for these endpoints.
2024-11-06 21:34:32 +00:00
..
activitypub Remove SHA1 for support for ssh rsa signing (#31857) 2024-09-07 18:05:18 -04:00
admin Move admin routers from /admin to /-/admin (#32189) 2024-10-10 04:56:49 +00:00
misc Refactor names (#31405) 2024-06-19 06:32:45 +08:00
notify Refactor names (#31405) 2024-06-19 06:32:45 +08:00
org Fix bug when a token is given public only (#32204) 2024-10-08 12:51:09 +03:00
packages remove util.OptionalBool and related functions (#29513) 2024-03-02 16:42:31 +01:00
repo Include file extension checks in attachment API (#32151) 2024-11-06 21:34:32 +00:00
settings Move context from modules to services (#29440) 2024-02-27 08:12:22 +01:00
shared Refactor names (#31405) 2024-06-19 06:32:45 +08:00
swagger Support repo license (#24872) 2024-10-01 15:25:08 -04:00
user refactor: remove redundant err declarations (#32381) 2024-10-30 19:36:24 +00:00
utils Move admin routers from /admin to /-/admin (#32189) 2024-10-10 04:56:49 +00:00
api.go Add DISABLE_ORGANIZATIONS_PAGE and DISABLE_CODE_PAGE settings for explore pages and fix an issue related to user search (#32288) 2024-10-22 13:09:19 +08:00