summary refs log tree commit diff
BranchCommit messageAuthorAge
masterRecommend kitd to run litterbox on OpenBSDJune McEnroe19 months
 
TagDownloadAuthorAge
1.9litterbox-1.9.tar.gz  litterbox-1.9.zip  June McEnroe2 years
1.8litterbox-1.8.tar.gz  litterbox-1.8.zip  June McEnroe4 years
1.7litterbox-1.7.tar.gz  litterbox-1.7.zip  June McEnroe4 years
1.6litterbox-1.6.tar.gz  litterbox-1.6.zip  June McEnroe5 years
1.5litterbox-1.5.tar.gz  litterbox-1.5.zip  June McEnroe5 years
1.4p1litterbox-1.4p1.tar.gz  litterbox-1.4p1.zip  June McEnroe5 years
1.4litterbox-1.4.tar.gz  litterbox-1.4.zip  June McEnroe5 years
1.3litterbox-1.3.tar.gz  litterbox-1.3.zip  June McEnroe5 years
1.2p1litterbox-1.2p1.tar.gz  litterbox-1.2p1.zip  June McEnroe5 years
1.2litterbox-1.2.tar.gz  litterbox-1.2.zip  June McEnroe5 years
1.1litterbox-1.1.tar.gz  litterbox-1.1.zip  June McEnroe5 years
1.0litterbox-1.0.tar.gz  litterbox-1.0.zip  June McEnroe5 years
generated by cgit-pink 1.4.1 (git 2.36.1) at 2025-05-18 00:08:53 +0000
572f78b50392&follow=1'>auth: lua string comparisons are time invariantJason A. Donenfeld By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-16authentication: use hidden form instead of refererJason A. Donenfeld This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-16auth: add basic authentication filter frameworkJason A. Donenfeld This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-16t0111: Additions and fixesLukas Fleischer * Rename the capitalize-* filters to dump.* since they also dump the arguments. * Add full argument validation to the email filters. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-16parsing.c: Remove leading space from committerLukas Fleischer