forgejo

Commit Graph

Author	SHA1	Message	Date
Aleksandr Bulyshchenko	ee878e3951	Support secure cookie for csrf-token (#3839 ) * dep: Update github.com/go-macaron/csrf Update github.com/go-macaron/csrf with dep to revision 503617c6b372 to fix issue of csrf-token security. This update includes following commits: - Add support for the Cookie HttpOnly flag - Support secure mode for csrf cookie Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com> * routers: set csrf-token security depending on COOKIE_SECURE Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>	6 years ago
Antoine GIRARD	3f3383dc0a	Migrate to dep (#3972 ) * Update makefile to use dep * Migrate to dep * Fix some deps * Try to find a better version for golang.org/x/net * Try to find a better version for golang.org/x/oauth2	6 years ago

Author

SHA1

Message

Date

Aleksandr Bulyshchenko

ee878e3951

Support secure cookie for csrf-token (#3839 )

* dep: Update github.com/go-macaron/csrf

Update github.com/go-macaron/csrf with dep to revision 503617c6b372
to fix issue of csrf-token security.

This update includes following commits:
- Add support for the Cookie HttpOnly flag
- Support secure mode for csrf cookie

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

* routers: set csrf-token security depending on COOKIE_SECURE

Signed-off-by: Aleksandr Bulyshchenko <A.Bulyshchenko@globallogic.com>

Antoine GIRARD

3f3383dc0a

Migrate to dep (#3972 )

* Update makefile to use dep

* Migrate to dep

* Fix some deps

* Try to find a better version for golang.org/x/net

* Try to find a better version for golang.org/x/oauth2

1 2

52 Commits (583968f274b85d1c9184c614cbdae763899f7827)