Files @ 1346754f1852
Branch filter:

Location: kallithea/docs/changelog.rst

1346754f1852 200 B text/prs.fallenstein.rst Show Annotation Show as Raw Download as Raw
Mads Kiilerich
forms: don't use secure forms with authentication token for GET requests

The token is secret and should never be used in forms posted with GET which are
URL encoded. aef21d16a262 was too aggresive in using secure forms everywhere
and did thus also incorrectly use them for forms posted with GET.

Some token leakage was reported by Gjoko Krstic <gjoko@zeroscience.mk> of Zero
Science Lab.
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
.. _changelog:

=========
Changelog
=========

Kallithea project doesn't keep its changelog here.  We refer you to our `Mercurial logs`__.


.. __: https://kallithea-scm.org/repos/kallithea/changelog
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.