1
0
mirror of https://github.com/go-gitea/gitea.git synced 2024-09-01 14:56:30 +00:00
gitea/web_src/js
zeripath 2e317d3f6e
Prevent security failure due to bad APP_ID () ()
Backport 

WebAuthn may cause a security exception if the provided APP_ID is not allowed for the
current origin. Therefore we should reattempt authentication without the appid
extension.

Also we should allow [u2f] as-well as [U2F] sections.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-10 16:17:44 +01:00
..
components Revert "Prevent possible XSS when using jQuery ()" () 2022-01-16 11:19:26 +00:00
features Prevent security failure due to bad APP_ID () () 2022-02-10 16:17:44 +01:00
markup Add new JS linter rules () 2021-11-22 16:19:01 +08:00
standalone Add new JS linter rules () 2021-11-22 16:19:01 +08:00
vendor
index.js Support webauthn () 2022-01-14 16:03:31 +01:00
jquery.js
publicpath.js Frontend refactor, PascalCase to camelCase, remove unused code () 2021-10-21 15:37:43 +08:00
serviceworker.js
svg.js Add copy button to markdown code blocks () 2021-11-16 16:16:05 +08:00
svg.test.js Add copy button to markdown code blocks () 2021-11-16 16:16:05 +08:00
utils.js Detect dark theme via css variable () 2021-11-25 15:14:48 +08:00
utils.test.js Fix context popup error () 2021-10-22 22:34:01 +08:00