cgit/filters, branch v0.10.2 Robin Krahl's fork of cgit https://git.ireas.org/cgit/atom?h=v0.10.2 2014-04-17T10:55:09Z remove trailing whitespaces from source files 2014-04-17T10:55:09Z Christian Hesse mail@eworm.de 2014-04-17T09:55:46Z urn:sha1:b431282c91deea24916578395d88084261410968 filter: add libravatar email-filter lua script 2014-03-13T10:57:01Z Christian Hesse mail@eworm.de 2014-03-13T10:55:49Z urn:sha1:e22e985416929adb735bd952db00fce82d883914 simple-authentication: style 2014-01-22T23:58:07Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-22T23:58:07Z urn:sha1:aa6d5b105de9de6d01855c15217e46fd36890dbc Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> auth: document tweakables in lua script 2014-01-17T14:34:44Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-17T14:34:44Z urn:sha1:9dde6d38e9fc273fc62386eeda0da2e89a2cebfc Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> auth: have cgit calculate login address 2014-01-16T22:21:54Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-16T22:21:54Z urn:sha1:a431326e8fab8153905fbde036dd3c9fb4cc8eaa This way we're sure to use virtual root, or any other strangeness encountered. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> auth: lua string comparisons are time invariant 2014-01-16T18:47:35Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-16T18:47:35Z urn:sha1:df00ab1096868b3cffe563c48de5572f78b50392 By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> authentication: use hidden form instead of referer 2014-01-16T11:13:39Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-16T10:39:17Z urn:sha1:b826537cb4aa2358027ffcb1dd6a87274734e962 This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> auth: add basic authentication filter framework 2014-01-16T01:28:12Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-14T20:49:31Z urn:sha1:d6e9200cc35411f3f27426b608bcfdef9348e6d3 This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> email-gravatar: fix html syntax issues 2014-01-15T13:43:02Z Christian Hesse mail@eworm.de 2014-01-15T12:39:54Z urn:sha1:8ae1d8b8fd0b097b10716d0d2d8acaadbd7a46f7 an attribute value specification must be an attribute value literal unless SHORTTAG YES is specified email-gravatar: do not scale icons up 2014-01-14T17:57:51Z Jason A. Donenfeld Jason@zx2c4.com 2014-01-14T17:57:36Z urn:sha1:5bda21faf4df44ba089ee745b72f0806115c322b Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>