Go-Gitea
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
gitea/web_src/js/modules
History
silverwind 42d294941c
Replace CSRF cookie with `CrossOriginProtection` (#36183) 
Removes the CSRF cookie in favor of
[`CrossOriginProtection`](https://pkg.go.dev/net/http#CrossOriginProtection)
which relies purely on HTTP headers.

Fixes: https://github.com/go-gitea/gitea/issues/11188
Fixes: https://github.com/go-gitea/gitea/issues/30333
Helps: https://github.com/go-gitea/gitea/issues/35107

TODOs:

- [x] Fix tests
- [ ] Ideally add tests to validates the protection

---------

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 		2025-12-25 12:33:34 +02:00
..
fomantic Automatic generation of release notes (#35977) 2025-12-17 02:01:19 +00:00
diff-file.test.ts support the open-icon of folder (#34168) 2025-04-28 19:51:32 -07:00
diff-file.ts Enable TypeScript `strictNullChecks` (#35843) 2025-12-03 02:13:16 +00:00
fetch.test.ts
fetch.ts Replace CSRF cookie with `CrossOriginProtection` (#36183) 2025-12-25 12:33:34 +02:00
fomantic.ts Fix various Fomantic UI and htmx problems (#33851) 2025-03-11 11:35:05 -07:00
init.ts Update JS deps (#35978) 2025-11-20 21:53:44 +00:00
observer.ts Enable TypeScript `strictNullChecks` (#35843) 2025-12-03 02:13:16 +00:00
sortable.ts Enable TypeScript `strictNullChecks` (#35843) 2025-12-03 02:13:16 +00:00
tippy.ts Enable TypeScript `strictNullChecks` (#35843) 2025-12-03 02:13:16 +00:00
toast.test.ts
toast.ts Enable TypeScript `strictNullChecks` (#35843) 2025-12-03 02:13:16 +00:00
worker.ts Fix some typescript issues (#32586) 2024-11-21 13:57:42 +00:00