Commit message
Age
Author
Refs
r2161:e8d12db8
svn: allow specifying alternative template file for mod_dav config.
Tue, 10 Oct 2017 07:30:22
r2160:844c2584
files: prevent XSS in fake errors message on filenodes.
Mon, 09 Oct 2017 20:37:05
r2159:31411168
docs: added example how to make tmpfs changes permanent
Mon, 09 Oct 2017 09:32:43
r2158:24e0f4b8
dependencies: added redis library to enable usage of redis backend for beaker.
Mon, 09 Oct 2017 09:43:36
r2157:aefa7aac
auth: don't expose full set of permissions into channelstream payload.
This leads to resource discovery security vulnerability
Sun, 08 Oct 2017 21:31:45
r2156:ea1af41c
audit-logs: expose tailoed audit logs in repository view
Sun, 08 Oct 2017 10:11:04
r2155:a81b6ebb
security: fix XSS in repo strip view.
Sat, 07 Oct 2017 11:14:08
r2154:574d07a8
auth: use cache_ttl from a plugin to also cache permissions.
- this gives a 30% speed increase in operations like svn commit
- generally uses the same mechanismy like auth cache to cache permissions for faster
access to vcs commands
Sat, 07 Oct 2017 08:02:39
r2153:6de97439
auth-rhodecode: don't fail on bcrypt if user password is set to None.
Default to emptry string to not cause an exception.
Sat, 07 Oct 2017 08:02:57
r2152:8e19a416
files: protect against 500 errors on nodelist.
Sat, 07 Oct 2017 08:33:47