]> gitweb.ps.run Git - ps-cgit/commit
projects / ps-cgit / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: d6e9200) | patch
authentication: use hidden form instead of referer
authorJason A. Donenfeld <Jason@zx2c4.com>
Thu, 16 Jan 2014 10:39:17 +0000 (11:39 +0100)
committerJason A. Donenfeld <Jason@zx2c4.com>
Thu, 16 Jan 2014 11:13:39 +0000 (12:13 +0100)
commitb826537cb4aa2358027ffcb1dd6a87274734e962
tree7c749c66d868cb996828d2b65a4bede58b5ebd62tree | snapshot
parentd6e9200cc35411f3f27426b608bcfdef9348e6d3commit | diff
authentication: use hidden form instead of referer

This also gives us some CSRF protection. Note that we make use of the
hmac to protect the redirect value.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
cgit.c diff | blob | history
cgitrc.5.txt diff | blob | history
filters/simple-authentication.lua diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.