1. 03 Dec, 2012 1 commit
  2. 02 Dec, 2012 1 commit
  3. 30 Nov, 2012 3 commits
  4. 27 Nov, 2012 1 commit
    • David Douard's avatar
      [web] add a digital signature to error form (closes #2522526) · 797fc2e2fb78
      David Douard authored
      Simple (and quite weak) implementation of a digital signature of the content
      to be submited by email in the error report view generated by ErrorView.
      
      The signature is a simple hmac hash computed using a secret key (generated at
      repository startup) and the "secret" form content to be included in the
      notification email. The controller can then check this content has not been
      modified or forged by a malicious user.
      
      --HG--
      branch : stable
      797fc2e2fb78
  5. 28 Nov, 2012 1 commit
  6. 27 Nov, 2012 5 commits
    • Arthur Lutz's avatar
      [doc] fix of personnal etc directory in book · 544ce5dd863c
      Arthur Lutz authored
      --HG--
      branch : stable
      544ce5dd863c
    • David Douard's avatar
      [web] add a Forbidden exception · d066ba3bb07d
      David Douard authored
      This is similar to the Unauthorized exception, but generates a 403 error
      instead of a 401 (Unauthorized)
      
      --HG--
      branch : stable
      d066ba3bb07d
    • Katia Saurfelt's avatar
      [web] add a ``anonymize-jsonp-queries`` option in file configuration (closes #2465388) · 1a6000ff2080
      Katia Saurfelt authored
      This option controls connection anonymizing before executing any query
      for CSRF / safety reason.
      
      --HG--
      branch : stable
      1a6000ff2080
    • Pierre-Yves David's avatar
      [downloadable] fix filename in HTTP header (closes #2522325, #2522324) · d74addac92bb
      Pierre-Yves David authored
      Before this changeset we use the `filename` header with utf8 encoded filename
      all the time.
      
      However RFC6266 says:
      
        The parameters "filename" and "filename*" differ only in that "filename*"
        uses the encoding defined in [RFC5987], allowing the use of characters not
        present in the ISO-8859-1 character set ([ISO-8859-1]).
      
      Therefore, we alter the code to:
      
      1. Use `filename` and `ascii` encoding whenever possible,
      2. use `filename*` with `utf8` encoding otherwise (with a filename fallback for
         old browser)
      
      We also switch the `content-disposition` value to attachement if filename is
      specified, this will result as a mandatory download according to RFC6266. This
      mandatory download is the expected behavior.
      
      We changes the filename encoding to RFC5987 which is simpler, supported by all
      and modern browser (including IE from version 6) and does not suffer from the
      continuation issue. (see ticket #2522324 for details)
      
      --HG--
      branch : stable
      d74addac92bb
    • Sylvain Thénault's avatar
      docstring typo · 4fabc81cd924
      Sylvain Thénault authored
      --HG--
      branch : stable
      4fabc81cd924
  7. 22 Nov, 2012 1 commit
  8. 16 Nov, 2012 4 commits
  9. 09 Nov, 2012 2 commits
  10. 24 Oct, 2012 1 commit
  11. 23 Oct, 2012 2 commits
  12. 14 Nov, 2012 1 commit
  13. 08 Nov, 2012 2 commits
  14. 14 Nov, 2012 1 commit
  15. 24 Oct, 2012 3 commits
  16. 17 Oct, 2012 1 commit
  17. 02 Oct, 2012 1 commit
  18. 28 Sep, 2012 1 commit
  19. 01 Oct, 2012 1 commit
  20. 24 Sep, 2012 1 commit
  21. 01 Oct, 2012 1 commit
  22. 08 Oct, 2012 1 commit
  23. 18 Sep, 2012 3 commits
  24. 11 Sep, 2012 1 commit
    • Sylvain Thénault's avatar
      [entity attr cache] mark attribute as uncacheable in the underlying function... · ac3cbf55d9fb
      Sylvain Thénault authored
      [entity attr cache] mark attribute as uncacheable in the underlying function else we may miss some changes.
      
      Also rewrite a storage test currently failing because cache of the entity created by the
      test transaction, distinct from the entity created internally and given to hooks and all,
      has its attributes cache not updated. As this doesn't seems a proper usage, rewrite it
      as expected.
      
      Much probably closes #2423719 definitly.
      ac3cbf55d9fb