summaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Set secure session cookies when redirecting from HTTP to HTTPS.merged--secureCookiesFlorian Zschocke2016-12-101-1/+2
| | | | | | So far for session cookies the secure property was only set when no HTTP port was opened. This changes to also set it when HTTP is redirected to the HTTPS port.
* Set secure user cookies and only for HTTP.Florian Zschocke2016-12-101-0/+14
| | | | | | | | | Mark the user authentication cookie to be only used for HTTP, making it inaccessible for JavaScript engines. If only HTTPS is used and no HTTP (i.e. also if HTTP is redirected to HTTPS) then mark the user cookie to be sent only over secure connections.
* Merge pull request #1087 from ↵Paul Martin2016-06-191-0/+1
|\ | | | | | | | | mereth/issues/964-session-loss-redirects-to-start-page Fixes #964 - add missing redirect after restoring user in new session
| * add missing redirect after restoring user in new sessionmereth2016-06-151-0/+1
| |
* | Merge pull request #1055 from gitblit/1048-TicketReferencesPaul Martin2016-06-1814-201/+1926
|\ \ | |/ |/| Ticket Reference handling #1048
| * TicketReference Testing #1048Paul Martin2016-06-181-4/+36
| | | | | | | | + Multiple commits in a single push
| * Ticket Reference handling #1048Paul Martin2016-04-2714-201/+1894
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + Supports referencing: + Tickets from other tickets via comments + Tickets from commits on any branch + Common TicketLink class used for both commits and tickets + TicketLink is temporary and persisted to ticket as a Reference + Support deletion of ticket references + Rebasing patchsets/branches will generate new references + Deleting old patchsets/branches will remove the relevant references + Substantial testing of use cases + With and without patchsets, deleting, amending + BranchTicketService used during testing to allow end-to-end ref testing + Relocated common git helper functions to JGitUtils
* | Merge pull request #1084 from metasim/youtrack-hookJames Moger2016-06-132-0/+254
|\ \ | | | | | | Initial implementation of a JetBrains YouTrack hook for GitBlit.
| * | Initial implementation of a JetBrains YouTrack hook for GitBlit.Simeon H.K. Fitch2016-06-032-0/+254
| | |
* | | fix baseURL handling in HttpUtils, fixes #1083Dirk Steinkopf2016-06-121-2/+14
| | |
* | | Fixes #1062 - Upgraded to Prosemirror 0.6.1Paul Martin2016-04-294-29/+36
| | |
* | | Merge pull request #1070 from gitblit/1061-filestoreSortByDatePaul Martin2016-04-282-3/+48
|\ \ \ | | | | | | | | Fixes #1061 - Most recent first on filestore page
| * | | Fixes #1061 - Most recent first on filestore pagePaul Martin2016-04-282-3/+48
| | |/ | |/|
* / | Use getInteger not getFilesize, fixes #1049James Moger2016-04-201-1/+1
|/ /
* | fixes #966 to prevent always searching all reposPaul Martin2016-04-161-3/+6
| |
* | Fixes #1028 - FilestorePage now pages and filtersPaul Martin2016-04-084-20/+207
| |
* | Fix for #962 - Delete patchset abilityPaul Martin2016-04-067-9/+187
| |
* | Fix for #1042 - Filestore items now shown as iconsPaul Martin2016-04-068-48/+17
| |
* | Fixes #882 Honour allow new ticket settingPaul Martin2016-04-061-1/+1
| |
* | Fix for #1037 myTickets now honours permissionsPaul Martin2016-04-041-5/+13
| |
* | Fix for #1034 Ticket Page ErrorPaul Martin2016-03-311-8/+10
| |
* | Friendly URL for EditFile Page #974Paul Martin2016-03-275-13/+37
| | | | | | | | + Prevent Edit of old doc version
* | Disable edit links in read only mode #974Paul Martin2016-03-272-5/+21
| |
* | Updating ProseMirror to 0.4.0Paul Martin2016-03-272-10/+10
| |
* | Document edit capability via ProseMirror submodule #974Paul Martin2016-03-2723-150/+1085
| | | | | | | | | | | | | | | | | | | | | | | | + New docEdit page with links from docPage and docList + Bespoke menu system with full screen edit mode + npm required for building client side scripts + Ant script added for BuildUI which performs npm commands + Update font-awesome to 4.5.0 + Factor out to JGitUtils common code in BranchTicketService for EditFilePage + getTreeEntries + commitIndex + Merge capability for document editing
* | Merge pull request #1032 from gitblit/1031-FixForRepositoryPagePaul Martin2016-03-271-2/+10
|\ \ | | | | | | Fix for #1031 to display error message
| * | Fix for #1031 to display error messagePaul Martin2016-03-261-2/+10
| | |
* | | Fix for #1018 and #1025 browser LFS linksPaul Martin2016-03-214-12/+279
|/ / | | | | | | | | + View and Raw both download the actual file + Blame will show the metafile
* | Merge pull request #988 from gitblit/976-raw-download-filestore-itemJames Moger2016-01-2524-131/+468
|\ \ | | | | | | Fix for #976 - Filestore links via browser
| * | Fix for #976 - Filestore links via browserPaul Martin2015-12-2524-131/+468
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | + GitLFS client support + FilestoreModel now parses meta file + Read meta heading from cache if available + Authentication based on accept headers for browser view filestore login + PathModel & PathChangeModel now understands filestore items + Zip & Rar downloads contain include filestore items + Filestore servlet returns LFS JSON error only if accepted by client + DiffStat now knows repository to allow identification of filestore items + Filestore items identified and returned via view, raw & blob links on blame, commitDiff, commit and Tree pages
* | | Merge pull request #1004 from RedShift1/ticket-#998-document-DH-keysizeJames Moger2016-01-171-1/+11
|\ \ \ | | | | | | | | Ticket #998 document dh keysize
| * | | Typo in setup_transport_http.mkdGlenn Matthys2016-01-171-1/+1
| | | |
| * | | Describe how DH key bitlength can be influencedGlenn Matthys2016-01-171-0/+10
| | | |
* | | | Fix char encoding in setup_proxy.mkdGlenn Matthys2016-01-171-1/+1
|/ / /
* | | Merge pull request #990 from dbywalec/authenthication-of-federation-userJames Moger2016-01-161-0/+6
|\ \ \ | | | | | | | | Fix authentication failure warning log messages for FEDERATION_USER
| * | | Fix authentication failure warning log messages for FEDERATION_USERDariusz Bywalec2016-01-041-0/+6
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | The AuthenticationManager did not encounter for FEDERATION_USER and would unnecessarily generate a lot of failure warning log messages, e.g: Failed login attempt for $gitblit, invalid credentials from XXX.XX.XX.XX A simple condition will prematurely return null bypassing the regular authentication path and immediately make the authentication be routed via FederationManager.
* | | Merge pull request #991 from ↵James Moger2016-01-161-1/+1
|\ \ \ | | | | | | | | | | | | | | | | dbywalec/authentication-of-already-authenticated-user Lower log level of servlet authenticate when request is already authenticated
| * | | Lower log level of servlet authenticate when request is already authenticatedDariusz Bywalec2016-01-041-1/+1
| |/ / | | | | | | | | | | | | | | | | | | | | | | | | When calling a servlet which has already been authenticated, the server would produce a lot of superfluous log entries, e.g: Called servlet authenticate when request is already authenticated. The log level for this log entry has been lowered down to DEBUG.
* / / Fix for #993 LIST_BRANCHES without adminBoris Stumm2016-01-061-13/+2
|/ / | | | | | | | | Replaced the canAccess() method in RpcFilter with !adminRequest, that should solve the problem.
* | Change Jenkins groovy script for any protocol (git/http/ssh)rgroux2015-12-161-1/+4
| | | | | | | | | | groovy.jenkinsGitbaseurl in gitblit.properties or web.xml can override the http default protocol
* | Merge pull request #980 from mrjoel/mrjoel-httpheadersJames Moger2015-12-107-12/+280
|\ \ | | | | | | Refactor authentication for servlet HTTP header handler
| * | remove external account type in lieu of specific typeJoel Johnson2015-12-092-4/+1
| | | | | | | | | | | | | | | | | | | | | This was unused and causing provider lookup to fail in AuthenticationManager.findProvider() by changing it out from underneath. As a result, the supportXChanges methods weren't being reported correctly.
| * | add site documentation for HTTP header authenticationJoel Johnson2015-12-091-0/+12
| | |
| * | implement an HTTP header AuthenticationProviderJoel Johnson2015-12-095-9/+268
| | |
* | | Merge pull request #981 from mrjoel/mrjoel-loguseraccessJames Moger2015-12-101-2/+2
|\ \ \ | | | | | | | | Log username with access logging
| * | | log authenticated usernameJoel Johnson2015-12-091-2/+2
| |/ /
* | | Merge pull request #982 from gitblit/978-milestone-date-selectorJames Moger2015-12-106-9/+181
|\ \ \ | | | | | | | | fix for #978 - HTML5 date input support
| * | | fix for #978 - HTML5 date input supportPaul Martin2015-12-096-9/+181
| |/ / | | | | | | | | | | | | | | | | | | | | | + JS patch/hack to coerce legacy wicket into talking to a HTML5 input type + JS script to hide inline help on date format when using HTML5 date picker + Date picker shown in user locale and standard does not support custom format. + Always sent in ISO8601 format
* / / revise logic for forcing dotfile to textJoel Johnson2015-12-091-1/+8
|/ /
* | Merge pull request #979 from pingunaut/masterJames Moger2015-12-081-31/+12
|\ \ | | | | | | Remove empty catch blocks to stop swallowing exceptions. #498