wxiaoguang 998cea5888 Use secure cookie for HTTPS sites (#26999) ... If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's default value should be true. And, if a user visits an "http" site with "https" AppURL, they won't be able to login, and they should have been warned. The only problem is that the "language" can't be set either in such case, while I think it is not a serious problem, and it could be fixed easily if needed. 		2023-09-11 17:03:51 +08:00
..
actions_test.go	Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581)	2023-06-30 07:26:36 +00:00
actions.go	Artifacts retention and auto clean up (#26131)	2023-09-06 07:41:06 +00:00
admin.go
api.go
asset_dynamic.go
asset_static.go
attachment_test.go
attachment.go
cache.go
camo.go
config_env_test.go	Remove last newline from config file (#26468)	2023-08-12 15:28:35 +00:00
config_env.go	Remove last newline from config file (#26468)	2023-08-12 15:28:35 +00:00
config_provider_test.go	Fix INI parsing for value with trailing slash (#26995)	2023-09-10 16:15:51 +00:00
config_provider.go	Fix INI parsing for value with trailing slash (#26995)	2023-09-10 16:15:51 +00:00
cors.go
cron_test.go
cron.go	Replace interface{} with any (#25686)	2023-07-04 18:36:08 +00:00
database_sqlite.go
database_test.go
database.go	Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413)	2023-06-21 10:49:25 +00:00
federation.go
git_test.go
git.go
highlight.go
i18n.go
incoming_email.go
indexer_test.go
indexer.go
lfs_test.go	Display deprecated warning in admin panel pages as well as in the log file (#26094)	2023-07-26 03:53:37 +00:00
lfs.go	Handle base64 decoding correctly to avoid panic (#26483)	2023-08-14 10:30:16 +00:00
log_test.go	Replace interface{} with any (#25686)	2023-07-04 18:36:08 +00:00
log.go	Clarify the logger's MODE config option (#26267)	2023-08-01 18:28:23 +00:00
mailer_test.go
mailer.go
markup.go
metrics.go
migrations.go
mime_type_map.go
mirror.go	Avoid polluting the config (#25345)	2023-06-18 16:10:44 +00:00
oauth2.go	Handle base64 decoding correctly to avoid panic (#26483)	2023-08-14 10:30:16 +00:00
other.go
packages_test.go
packages.go	Avoid creating directories when loading config (#25944)	2023-07-18 07:32:36 -05:00
path_test.go	Refactor path & config system (#25330)	2023-06-21 13:50:26 +08:00
path.go	Update path related documents (#25417)	2023-07-19 11:22:57 +02:00
picture.go
project.go
proxy.go
queue.go	Calculate MAX_WORKERS default value by CPU number (#26177)	2023-07-27 16:40:35 +08:00
repository_archive_test.go
repository_archive.go
repository.go
security.go	Update minimum password length requirements (#25946)	2023-08-21 19:27:50 +00:00
server.go	Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)	2023-07-21 12:14:20 +00:00
service_test.go	Fix allowed user types setting problem (#26200)	2023-07-28 12:15:39 -04:00
service.go	Add reverseproxy auth for API back with default disabled (#26703)	2023-09-07 08:31:46 +00:00
session.go	Use secure cookie for HTTPS sites (#26999)	2023-09-11 17:03:51 +08:00
setting_test.go
setting.go	Make "install page" respect environment config (#25648)	2023-07-09 22:43:37 +00:00
ssh.go	Expanded minimum RSA Keylength to 3072 (#26604)	2023-08-28 00:53:16 +00:00
storage_test.go	Fix storage path logic especially for relative paths (#26441)	2023-08-13 22:09:25 +02:00
storage.go	Fix storage path logic especially for relative paths (#26441)	2023-08-13 22:09:25 +02:00
task.go
time.go
ui.go
webhook.go