openproject

Commit Graph

Author	SHA1	Message	Date
Martin Linkhorst	dbc75d4263	there was a wrong parenthesis: the last match needs to be ANDed with all the prior checks. instead of changing it, refactored the code to be more clear. still allows redirects to different sub-uris.	11 years ago
Philipp Tessenow	b0285751a6	explicitly allow home path in back_url	11 years ago
Philipp Tessenow	7808e82cf1	fix protocol-relative redirection test - escape forward slash in regexp - allow redirection to home_path '/'	11 years ago
jplang	7bb076fa48	[security] fixed back url verification --HG-- extra : convert_revision : svn%3Ae93f8b46-1217-0410-a6f0-8f06a7374b81/trunk%4013018	11 years ago
Johannes Wollert	8b096975fe	updates copyright headers updates more copyright more copyright headers	11 years ago
Martin Linkhorst	6f21ef73ad	move application controller load hook to the end of the class definition. find explanation why inside.	11 years ago
Markus Kahl	4d41bff3a0	make API sessions not expire	11 years ago
Philipp Tessenow	f099413192	introduce render_400 (bad request) method in application controller	11 years ago
Hagen Schink	dba223e029	Fixes specs by renaming event properties	11 years ago
Philipp Tessenow	7282104f00	remove forgotten debug statement [ci skip]	11 years ago
Philipp Tessenow	8a25a1c0a1	add option to diable browser cache for security reasons.	11 years ago
Hagen Schink	61682ae789	Fixes event sorting	11 years ago
Philipp Tessenow	444546e2e8	use \A and \z instead of ^ and $ in ruby regexes	11 years ago
Jens Ulferts	b346e6a242	moves find_issue into v1/issues_controller - only used there	11 years ago
Michael Frister	626848551b	Rename Redmine::Configuration to OpenProject::Configuration This removes the configuration test, the test will later be updated and re-added as a spec.	11 years ago
Hagen Schink	e164c4345e	Renames variables	11 years ago
Sebastian Schuster	e4ec72f2c5	Readded find_issues as some subclasses still depend on it	11 years ago
Sebastian Schuster	8842f75b1e	Added before filter for bulk destroy in work packages controller	11 years ago
Philipp Tessenow	a1e67dd460	new copyright header #1903	11 years ago
Jens Ulferts	1b9edac314	removes issue views/actions/routes no longer required	11 years ago
Christian Ratz	43bc798abb	changed feed setting to enabled instead of disabled	11 years ago
Christian Ratz	8f1b73b473	better naming of before filter	11 years ago
Christian Ratz	b86f8d65d7	[#1850 ] Disable atom feeds via setting	11 years ago
Nils Kenneweg	e1341b3a31	renamed header.	11 years ago
Nils Kenneweg	543c77232a	improved layout passthrough	11 years ago
Nils Kenneweg	8d129f9d9a	url rewriting. iframe destruction on close.	11 years ago
Nils Kenneweg	f94dab0f6f	bugfix	11 years ago
Nils Kenneweg	f877b2c1b6	bugfix. url rewriting.	11 years ago
Nils Kenneweg	1a29603db0	fixed logout dialog test. remove unnecessary code.	11 years ago
Nils Kenneweg	9279b55ebd	modal with less knowledge. more generalization.	11 years ago
Jens Ulferts	5f84c153bb	prevent unauthorized export	11 years ago
Michael Frister	38cdf2e2dd	Add option to log user for all requests Also remove before filter that worked around some session cookie bug in Rails. This workaround wasn't effective anyway, since our session cookie names don't contain chiliproject any more.	11 years ago
Hagen Schink	4abf1b092e	Renames and adapts notices	11 years ago
Hagen Schink	60fc9882fe	Allows to set controller name	11 years ago
Hagen Schink	b719fd911b	Checks user permissions and project id	11 years ago
Christian Rijke	8acc54811b	Only set updated_at for logged in users and not for anonymous users.	11 years ago
Christian Rijke	c9d1e660a4	Set updated_at immediately after login.	11 years ago
Christian Rijke	d42c9eb1a9	Refactor session_expired? conditions.	11 years ago
Christian Rijke	1ba73c4ef9	Always set session[:updated_at] to avoid logging out users when the administrator turns on session expiration.	11 years ago
Christian Rijke	3956f024d0	Log out users with empty session activity time when session lifetime is enabled.	11 years ago
Jens Ulferts	36b9870cd6	allows for rendering pdf from work_package#show This will break changset rendering on the issue page	11 years ago
Martin Czuchra	05f1f78d2d	Removes whitespace at end of line.	11 years ago
Jens Ulferts	cac318adfc	copies planning_elments#show to work_packages#show	11 years ago
Nils Kenneweg	45534694e0	intendation + changelog.	11 years ago
Nils Kenneweg	78c1bd075c	rename X-ACCEPT-AUTH=X-Authentication-Scheme, test	11 years ago
Nils Kenneweg	05003493e2	added reason to api.	11 years ago
Nils Kenneweg	22664cb7c9	401 standard conformity	11 years ago
Sebastian Schuster	423152fa06	Fixed the uninitialized constant exception caused by the user class being loaded first in a pure core configuration in development	11 years ago
Christian Ratz	1298b0f7f4	more reliable session lifetime - allow only integer value for session ttl - disable session lifetime for ttl < 5 min - added hint to settings	11 years ago
Christian Ratz	f06e6f9ed7	[opf1054] Implements configurable session_lifetime - added locales also for the settings	11 years ago

1 2 3 4 5

204 Commits (838fa2482d530bcdcbaf8a4281f13b5db0ea1174)