An error occurred fetching the project authors.
  1. 08 Oct, 2019 1 commit
    • Kerri Miller's avatar
      Avoid #authenticate_user! in #route_not_found · 00b3e372
      Kerri Miller authored
      This method, #route_not_found, is executed as the final fallback for
      unrecognized routes (as the name might imply.) We want to avoid
      `#authenticate_user!` when calling `#route_not_found`;
      `#authenticate_user!` can, depending on the request format, return a 401
      instead of redirecting to a login page. This opens a subtle security
      exploit where anonymous users will receive a 401 response when
      attempting to access a private repo, while a recognized user will
      receive a 404, exposing the existence of the private, hidden repo.
      00b3e372
  2. 26 Jun, 2019 1 commit
  3. 13 Mar, 2019 1 commit
    • Heinrich Lee Yu's avatar
      Move EE boards actions to BoardsActions concern · 6a97e77c
      Heinrich Lee Yu authored
      Previously, `Boards::BoardsController` was prepended to both
      `Project::BoardsController` and `Groups::BoardsControllera`.
      
      This is now moved to `EE::BoardsActions` which is prepended to
      `BoardsActions` which is already included by both controllers in CE.
      6a97e77c
  4. 06 Mar, 2019 3 commits
  5. 01 Mar, 2019 1 commit