-
-
Notifications
You must be signed in to change notification settings - Fork 5.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
public
resources should not set redirect_to cookie
#11088
Labels
Comments
public
resources should not redirect to /user/loginpublic
resources should not cause redirect_to cookie to be set
public
resources should not cause redirect_to cookie to be setpublic
resources should not cause redirect_to cookie to be set
public
resources should not cause redirect_to cookie to be setpublic
resources should not set redirect_to cookie
silverwind
added a commit
to silverwind/gitea
that referenced
this issue
Apr 16, 2020
Workaround for go-gitea#11088, was introduced in go-gitea@561e7a9.
Fixed in #11091 |
No, not fixed, it's just a workaround. Proper fix will be in the router, I plan to look into it. |
silverwind
added a commit
to silverwind/gitea
that referenced
this issue
Apr 17, 2020
Instead of further handling requests to `public` which causes issues like go-gitea#11088, immediately terminate requests to directories `js`, `css`, `fomantic` if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below `public` in a dynamic fashion. I also added `fomantic` to the reserved usernames and sorted the list. Fixes: go-gitea#11088
zeripath
pushed a commit
that referenced
this issue
Apr 18, 2020
Instead of further handling requests to public which causes issues like #11088, immediately terminate requests to directories js, css, fomantic if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below public in a dynamic fashion. I also added fomantic to the reserved usernames and sorted the list. Fixes: #11088
ydelafollye
pushed a commit
to ydelafollye/gitea
that referenced
this issue
Jul 31, 2020
Instead of further handling requests to public which causes issues like go-gitea#11088, immediately terminate requests to directories js, css, fomantic if no file is found which is checked against a hardcoded list. Maybe there is a way to retrieve the top-level entries below public in a dynamic fashion. I also added fomantic to the reserved usernames and sorted the list. Fixes: go-gitea#11088
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
/js/userheatmap.js
is currently requested by the serviceworker which is a bug in itself but the request causes a bad cookie to be set when authentication is enabled:The next time the user logs in with that cookie set, they will be redirected to /js/userheatmap.js which causes a page loading error. We should just 404 any requests that would be routed to a file in
public
, or at least the js/css/img/vendor folders.The text was updated successfully, but these errors were encountered: