finn/forgejo
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Refactor CSRF protector (#32057)

Browse source 
Remove unused CSRF options, decouple "new csrf protector" and "prepare"
logic, do not redirect to home page if CSRF validation falis (it
shouldn't happen in daily usage, if it happens, redirecting to home
doesn't help either but just makes the problem more complex for "fetch")

(cherry picked from commit 1fede04b83288d8a91304a83b7601699bb5cba04)

Conflicts:
	options/locale/locale_en-US.ini
	tests/integration/repo_branch_test.go
  trivial context conflicts
This commit is contained in:
wxiaoguang 2024-09-18 15:17:25 +08:00 committed by Earl Warren
parent 1bdf334844
commit 1ae3b127fc
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
7 changed files with 71 additions and 171 deletions
Download patch file Download diff file Expand all files Collapse all files

1
options/locale/locale_en-US.ini
View file

@ -231,7 +231,6 @@ string.desc = Z - A
[error]
occurred = An error occurred
report_message = If you believe that this is a Forgejo bug, please search for issues on <a href="%s" target="_blank">Codeberg</a> or open a new issue if necessary.
invalid_csrf = Bad Request: invalid CSRF token
not_found = The target couldn't be found.
network_error = Network error
server_internal = Internal server error