forked from gitea/gitea
1
0
Fork 0
gitea/web_src/js
zeripath 2e317d3f6e
Prevent security failure due to bad APP_ID (#18678) (#18682)
Backport #18678

WebAuthn may cause a security exception if the provided APP_ID is not allowed for the
current origin. Therefore we should reattempt authentication without the appid
extension.

Also we should allow [u2f] as-well as [U2F] sections.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-02-10 16:17:44 +01:00
..
components Revert "Prevent possible XSS when using jQuery (#18289)" (#18293) 2022-01-16 11:19:26 +00:00
features Prevent security failure due to bad APP_ID (#18678) (#18682) 2022-02-10 16:17:44 +01:00
markup Add new JS linter rules (#17699) 2021-11-22 16:19:01 +08:00
standalone Add new JS linter rules (#17699) 2021-11-22 16:19:01 +08:00
vendor Restore Accessibility for Dropdown (#16576) 2021-08-06 01:16:24 +03:00
index.js Support webauthn (#17957) 2022-01-14 16:03:31 +01:00
jquery.js Upgrade jQuery to 3.5.0, remove jQuery-Migrate, fix deprecations (#11055) 2020-04-18 18:46:29 -04:00
publicpath.js Frontend refactor, PascalCase to camelCase, remove unused code (#17365) 2021-10-21 15:37:43 +08:00
serviceworker.js Fix serviceworker output file and misc improvements (#11562) 2020-05-24 08:36:40 +01:00
svg.js Add copy button to markdown code blocks (#17638) 2021-11-16 16:16:05 +08:00
svg.test.js Add copy button to markdown code blocks (#17638) 2021-11-16 16:16:05 +08:00
utils.js Detect dark theme via css variable (#17800) 2021-11-25 15:14:48 +08:00
utils.test.js Fix context popup error (#17398) 2021-10-22 22:34:01 +08:00