Files
@ 1346754f1852
Branch filter:
Location: kallithea/setup.cfg - annotation
1346754f1852
1.1 KiB
text/x-ini
forms: don't use secure forms with authentication token for GET requests
The token is secret and should never be used in forms posted with GET which are
URL encoded. aef21d16a262 was too aggresive in using secure forms everywhere
and did thus also incorrectly use them for forms posted with GET.
Some token leakage was reported by Gjoko Krstic <gjoko@zeroscience.mk> of Zero
Science Lab.
The token is secret and should never be used in forms posted with GET which are
URL encoded. aef21d16a262 was too aggresive in using secure forms everywhere
and did thus also incorrectly use them for forms posted with GET.
Some token leakage was reported by Gjoko Krstic <gjoko@zeroscience.mk> of Zero
Science Lab.
564e40829f80 1949ece749ce acaa02179aeb acaa02179aeb 564e40829f80 564e40829f80 acaa02179aeb acaa02179aeb 19267f233d39 acaa02179aeb acaa02179aeb 564e40829f80 8c1258f69892 7187c1707eda 7187c1707eda 08ad393e6866 08ad393e6866 08ad393e6866 08ad393e6866 08ad393e6866 08ad393e6866 8c1258f69892 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 564e40829f80 564e40829f80 564e40829f80 7e5f8c12a3fc 10df28cbcce7 ad38f9f93b3b 3483de9d11e5 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 564e40829f80 7e5f8c12a3fc 7e5f8c12a3fc 7e5f8c12a3fc 564e40829f80 0a48c1ec04fc 0a48c1ec04fc 0a48c1ec04fc acaa02179aeb acaa02179aeb 0a48c1ec04fc 0a48c1ec04fc 3483de9d11e5 | [egg_info]
tag_build =
tag_svn_revision = 0
tag_date = 0
[nosetests]
verbose = True
verbosity = 2
with-pylons = kallithea/tests/test.ini
detailed-errors = 1
nologcapture = 1
[pytest]
# only look for tests in kallithea/tests
python_files = kallithea/tests/**/test_*.py
addopts =
# --verbose
# show extra test summary info as specified by chars (f)ailed, (E)error, (s)skipped, (x)failed, (X)passed, (w)warnings.
-rfEsxXw
# Shorter scrollbacks; less stuff to scroll through
--tb=short
[compile_catalog]
domain = kallithea
directory = kallithea/i18n
statistics = true
[extract_messages]
add_comments = TRANSLATORS:
output_file = kallithea/i18n/kallithea.pot
msgid-bugs-address = translations@kallithea-scm.org
copyright-holder = Various authors, licensing as GPLv3
no-wrap = true
[init_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
[update_catalog]
domain = kallithea
input_file = kallithea/i18n/kallithea.pot
output_dir = kallithea/i18n
previous = true
[build_sphinx]
source-dir = docs/
build-dir = docs/_build
all_files = 1
[upload_sphinx]
upload-dir = docs/_build/html
|