summary refs log tree commit diff
path: root/www/git.causal.agency/cgit/cgit.c
diff options
context:
space:
mode:
authorJune McEnroe <june@causal.agency>2022-01-12 20:46:48 -0500
committerJune McEnroe <june@causal.agency>2022-01-12 20:46:48 -0500
commit0b7c05a55669713ed402355c72a209ff585854af (patch)
tree39a7c5c18c754cdcd56e61856200b33daa554959 /www/git.causal.agency/cgit/cgit.c
parentAdd tildegit (gitea) to sup (diff)
downloadsrc-0b7c05a55669713ed402355c72a209ff585854af.tar.gz
src-0b7c05a55669713ed402355c72a209ff585854af.zip
Publish "Books 2021"
Diffstat (limited to '')
0 files changed, 0 insertions, 0 deletions
cgit-pink/commit/filters/simple-authentication.lua?id=df00ab1096868b3cffe563c48de5572f78b50392&follow=1'>auth: lua string comparisons are time invariantJason A. Donenfeld By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-16authentication: use hidden form instead of refererJason A. Donenfeld This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-16auth: add basic authentication filter frameworkJason A. Donenfeld This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> 2014-01-16t0111: Additions and fixesLukas Fleischer * Rename the capitalize-* filters to dump.* since they also dump the arguments. * Add full argument validation to the email filters. Signed-off-by: Lukas Fleischer <cgit@cryptocrack.de> 2014-01-16parsing.c: Remove leading space from committerLukas Fleischer