forgejo/modules
wxiaoguang 998cea5888
Use secure cookie for HTTPS sites (#26999)
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
2023-09-11 17:03:51 +08:00
..
actions chore(actions): support cron schedule task (#26655) 2023-08-24 03:06:51 +00:00
activitypub move repository deletion to service layer (#26948) 2023-09-08 04:51:15 +00:00
analyze Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
assetfs Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
auth Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
avatar Remove nfnt/resize and oliamb/cutter (#25999) 2023-07-20 19:52:42 +08:00
base Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
cache improve unit test for caching (#26185) 2023-07-27 22:24:40 +02:00
charset Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
container
context Fix the display of org level badges (#26504) 2023-09-06 14:38:14 +08:00
contexttest Avoid double-unescaping of form value (#26853) 2023-09-01 12:01:36 +00:00
csv Refactor locale number (#24134) 2023-04-17 11:37:23 +08:00
doctor Add fix incorrect can_create_org_repo for org owner team (#26683) 2023-08-29 01:11:23 +00:00
emoji Update emoji set to Unicode 15 (#25595) 2023-06-29 16:29:48 +00:00
eventsource Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
generate Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
git Clarify the git command Stdin hanging problem (#26967) 2023-09-08 13:20:38 +00:00
gitgraph
graceful Allow the use of alternative net.Listener implementations by downstreams (#25855) 2023-07-24 07:18:17 +00:00
hcaptcha
highlight Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
hostmatcher
html Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
httpcache Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
httplib Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
indexer Clarify the git command Stdin hanging problem (#26967) 2023-09-08 13:20:38 +00:00
issue/template Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
json Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
label Make label templates have consistent behavior and priority (#23749) 2023-04-10 16:44:02 +08:00
lfs Rewrite logger system (#24726) 2023-05-21 22:35:11 +00:00
log Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
markup Make user-content-* consistent with github (#26388) 2023-08-09 09:30:31 +00:00
mcaptcha
metrics Use a separate admin page to show global stats, remove actions stat (#25062) 2023-06-03 22:03:41 +08:00
migration Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
nosql Update tool dependencies, lock govulncheck and actionlint (#25655) 2023-07-09 11:58:06 +00:00
options Use a general approach to access custom/static/builtin assets (#24022) 2023-04-12 18:16:45 +08:00
packages Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
paginator Use more specific test methods (#24265) 2023-04-22 17:56:27 -04:00
pprof
private Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
process Less naked returns (#25713) 2023-07-07 05:31:56 +00:00
proxy
proxyprotocol
public Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974) 2023-07-21 12:14:20 +00:00
queue Expanding documentation in queue.go (#26889) 2023-09-08 05:22:43 +00:00
recaptcha
references
regexplru Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
repository move repository deletion to service layer (#26948) 2023-09-08 04:51:15 +00:00
secret Improve decryption failure message (#24573) 2023-05-07 19:29:43 +08:00
session Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
setting Use secure cookie for HTTPS sites (#26999) 2023-09-11 17:03:51 +08:00
sitemap
ssh restrict certificate type for builtin SSH server (#26789) 2023-09-01 13:45:22 +00:00
storage Use correct minio error (#26634) 2023-08-21 16:20:11 +00:00
structs refactor(API): refactor secret creation and update functionality (#26751) 2023-08-28 13:08:19 +08:00
svg Refactor backend SVG package and add tests (#26335) 2023-08-05 04:34:59 +00:00
sync
system
templates Replace util.SliceXxx with slices.Xxx (#26958) 2023-09-07 09:37:47 +00:00
test Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
testlogger Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
timeutil Fix incorrect webhook time and use relative-time to display it (#24477) 2023-05-03 19:53:43 -04:00
translation Replace interface{} with any (#25686) 2023-07-04 18:36:08 +00:00
turnstile
typesniffer Detect ogg mime-type as audio or video (#26494) 2023-08-15 10:31:25 +08:00
updatechecker
upload
uri
user
util Replace util.SliceXxx with slices.Xxx (#26958) 2023-09-07 09:37:47 +00:00
validation Check blocklist for emails when adding them to account (#26812) 2023-08-30 10:46:49 -05:00
web Update tool dependencies (#26607) 2023-08-20 22:59:19 +00:00
webhook New webhook trigger for receiving Pull Request review requests (#24481) 2023-05-24 22:06:27 -04:00