diff options
76 files changed, 211 insertions, 212 deletions
diff --git a/cmd/web_acme.go b/cmd/web_acme.go index 9a04274db5..459d4f0a76 100644 --- a/cmd/web_acme.go +++ b/cmd/web_acme.go @@ -128,5 +128,5 @@ func runLetsEncryptFallbackHandler(w http.ResponseWriter, r *http.Request) { // URI always contains a leading slash, which would result in a double // slash target := strings.TrimSuffix(setting.AppURL, "/") + r.URL.RequestURI() - http.Redirect(w, r, target, http.StatusFound) + http.Redirect(w, r, target, http.StatusTemporaryRedirect) } diff --git a/integrations/admin_user_test.go b/integrations/admin_user_test.go index d657f65fa5..59adac7ecc 100644 --- a/integrations/admin_user_test.go +++ b/integrations/admin_user_test.go @@ -46,7 +46,7 @@ func TestAdminEditUser(t *testing.T) { } func testSuccessfullEdit(t *testing.T, formData user_model.User) { - makeRequest(t, formData, http.StatusFound) + makeRequest(t, formData, http.StatusSeeOther) } func makeRequest(t *testing.T, formData user_model.User, headerCode int) { diff --git a/integrations/api_branch_test.go b/integrations/api_branch_test.go index 54fe4a6eda..e137331343 100644 --- a/integrations/api_branch_test.go +++ b/integrations/api_branch_test.go @@ -37,7 +37,7 @@ func testAPIGetBranchProtection(t *testing.T, branchName string, expectedHTTPSta req := NewRequestf(t, "GET", "/api/v1/repos/user2/repo1/branch_protections/%s?token=%s", branchName, token) resp := session.MakeRequest(t, req, expectedHTTPStatus) - if resp.Code == 200 { + if resp.Code == http.StatusOK { var branchProtection api.BranchProtection DecodeJSON(t, resp, &branchProtection) assert.EqualValues(t, branchName, branchProtection.BranchName) @@ -52,7 +52,7 @@ func testAPICreateBranchProtection(t *testing.T, branchName string, expectedHTTP }) resp := session.MakeRequest(t, req, expectedHTTPStatus) - if resp.Code == 201 { + if resp.Code == http.StatusCreated { var branchProtection api.BranchProtection DecodeJSON(t, resp, &branchProtection) assert.EqualValues(t, branchName, branchProtection.BranchName) @@ -65,7 +65,7 @@ func testAPIEditBranchProtection(t *testing.T, branchName string, body *api.Bran req := NewRequestWithJSON(t, "PATCH", "/api/v1/repos/user2/repo1/branch_protections/"+branchName+"?token="+token, body) resp := session.MakeRequest(t, req, expectedHTTPStatus) - if resp.Code == 200 { + if resp.Code == http.StatusOK { var branchProtection api.BranchProtection DecodeJSON(t, resp, &branchProtection) assert.EqualValues(t, branchName, branchProtection.BranchName) diff --git a/integrations/api_helper_for_declarative_test.go b/integrations/api_helper_for_declarative_test.go index 7f2cd787c3..5da72b7fb1 100644 --- a/integrations/api_helper_for_declarative_test.go +++ b/integrations/api_helper_for_declarative_test.go @@ -227,7 +227,7 @@ func doAPICreatePullRequest(ctx APITestContext, owner, repo, baseBranch, headBra Title: fmt.Sprintf("create a pr from %s to %s", headBranch, baseBranch), }) - expected := 201 + expected := http.StatusCreated if ctx.ExpectedCode != 0 { expected = ctx.ExpectedCode } @@ -246,7 +246,7 @@ func doAPIGetPullRequest(ctx APITestContext, owner, repo string, index int64) fu owner, repo, index, ctx.Token) req := NewRequest(t, http.MethodGet, urlStr) - expected := 200 + expected := http.StatusOK if ctx.ExpectedCode != 0 { expected = ctx.ExpectedCode } @@ -287,7 +287,7 @@ func doAPIMergePullRequest(ctx APITestContext, owner, repo string, index int64) expected := ctx.ExpectedCode if expected == 0 { - expected = 200 + expected = http.StatusOK } if !assert.EqualValues(t, expected, resp.Code, @@ -310,7 +310,7 @@ func doAPIManuallyMergePullRequest(ctx APITestContext, owner, repo, commitID str ctx.Session.MakeRequest(t, req, ctx.ExpectedCode) return } - ctx.Session.MakeRequest(t, req, 200) + ctx.Session.MakeRequest(t, req, http.StatusOK) } } diff --git a/integrations/api_pull_test.go b/integrations/api_pull_test.go index b6b8ad8734..a1c2a4c3e6 100644 --- a/integrations/api_pull_test.go +++ b/integrations/api_pull_test.go @@ -77,7 +77,7 @@ func TestAPICreatePullSuccess(t *testing.T) { Base: "master", Title: "create a failure pr", }) - session.MakeRequest(t, req, 201) + session.MakeRequest(t, req, http.StatusCreated) session.MakeRequest(t, req, http.StatusUnprocessableEntity) // second request should fail } @@ -105,7 +105,7 @@ func TestAPICreatePullWithFieldsSuccess(t *testing.T) { req := NewRequestWithJSON(t, http.MethodPost, fmt.Sprintf("/api/v1/repos/%s/%s/pulls?token=%s", owner10.Name, repo10.Name, token), opts) - res := session.MakeRequest(t, req, 201) + res := session.MakeRequest(t, req, http.StatusCreated) pull := new(api.PullRequest) DecodeJSON(t, res, pull) @@ -165,7 +165,7 @@ func TestAPIEditPull(t *testing.T) { Title: "create a success pr", }) pull := new(api.PullRequest) - resp := session.MakeRequest(t, req, 201) + resp := session.MakeRequest(t, req, http.StatusCreated) DecodeJSON(t, resp, pull) assert.EqualValues(t, "master", pull.Base.Name) @@ -173,12 +173,12 @@ func TestAPIEditPull(t *testing.T) { Base: "feature/1", Title: "edit a this pr", }) - resp = session.MakeRequest(t, req, 201) + resp = session.MakeRequest(t, req, http.StatusCreated) DecodeJSON(t, resp, pull) assert.EqualValues(t, "feature/1", pull.Base.Name) req = NewRequestWithJSON(t, http.MethodPatch, fmt.Sprintf("/api/v1/repos/%s/%s/pulls/%d?token=%s", owner10.Name, repo10.Name, pull.Index, token), &api.EditPullRequestOption{ Base: "not-exist", }) - session.MakeRequest(t, req, 404) + session.MakeRequest(t, req, http.StatusNotFound) } diff --git a/integrations/api_repo_languages_test.go b/integrations/api_repo_languages_test.go index ea20e6d542..8775d25029 100644 --- a/integrations/api_repo_languages_test.go +++ b/integrations/api_repo_languages_test.go @@ -33,7 +33,7 @@ func TestRepoLanguages(t *testing.T) { "content": "package main", "commit_choice": "direct", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) // let gitea calculate language stats time.Sleep(time.Second) diff --git a/integrations/attachment_test.go b/integrations/attachment_test.go index 25243feb3c..00e5b9de54 100644 --- a/integrations/attachment_test.go +++ b/integrations/attachment_test.go @@ -59,7 +59,7 @@ func createAttachment(t *testing.T, session *TestSession, repoURL, filename stri func TestCreateAnonymousAttachment(t *testing.T) { defer prepareTestEnv(t)() session := emptyTestSession(t) - createAttachment(t, session, "user2/repo1", "image.png", generateImg(), http.StatusFound) + createAttachment(t, session, "user2/repo1", "image.png", generateImg(), http.StatusSeeOther) } func TestCreateIssueAttachment(t *testing.T) { @@ -83,7 +83,7 @@ func TestCreateIssueAttachment(t *testing.T) { } req = NewRequestWithValues(t, "POST", link, postData) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) test.RedirectURL(resp) // check that redirect URL exists // Validate that attachment is available diff --git a/integrations/auth_ldap_test.go b/integrations/auth_ldap_test.go index ef0fafc93d..234e7c3ee9 100644 --- a/integrations/auth_ldap_test.go +++ b/integrations/auth_ldap_test.go @@ -135,7 +135,7 @@ func addAuthSourceLDAP(t *testing.T, sshKeyAttribute string, groupMapParams ...s "group_team_map_removal": groupTeamMapRemoval, "user_uid": "DN", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) } func TestLDAPUserSignin(t *testing.T) { @@ -202,7 +202,7 @@ func TestLDAPAuthChange(t *testing.T) { "is_sync_enabled": "on", "is_active": "on", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", href) resp = session.MakeRequest(t, req, http.StatusOK) diff --git a/integrations/change_default_branch_test.go b/integrations/change_default_branch_test.go index af5542e0b2..096afa28f4 100644 --- a/integrations/change_default_branch_test.go +++ b/integrations/change_default_branch_test.go @@ -28,7 +28,7 @@ func TestChangeDefaultBranch(t *testing.T) { "action": "default_branch", "branch": "DefaultBranch", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) csrf = GetCSRF(t, session, branchesURL) req = NewRequestWithValues(t, "POST", branchesURL, map[string]string{ diff --git a/integrations/create_no_session_test.go b/integrations/create_no_session_test.go index a76ff1eaaf..49234c1e95 100644 --- a/integrations/create_no_session_test.go +++ b/integrations/create_no_session_test.go @@ -110,7 +110,7 @@ func TestSessionFileCreation(t *testing.T) { "user_name": "user2", "password": userPassword, }) - resp = MakeRequest(t, req, http.StatusFound) + resp = MakeRequest(t, req, http.StatusSeeOther) sessionID = getSessionID(t, resp) assert.FileExists(t, sessionFile(tmpDir, sessionID)) diff --git a/integrations/delete_user_test.go b/integrations/delete_user_test.go index e44d2e7bd3..f24d75065f 100644 --- a/integrations/delete_user_test.go +++ b/integrations/delete_user_test.go @@ -36,7 +36,7 @@ func TestUserDeleteAccount(t *testing.T) { req := NewRequestWithValues(t, "POST", urlStr, map[string]string{ "_csrf": csrf, }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) assertUserDeleted(t, 8) unittest.CheckConsistencyFor(t, &user_model.User{}) @@ -51,7 +51,7 @@ func TestUserDeleteAccountStillOwnRepos(t *testing.T) { req := NewRequestWithValues(t, "POST", urlStr, map[string]string{ "_csrf": csrf, }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) // user should not have been deleted, because the user still owns repos unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}) diff --git a/integrations/editor_test.go b/integrations/editor_test.go index 05892aa906..3ed0e510c4 100644 --- a/integrations/editor_test.go +++ b/integrations/editor_test.go @@ -34,7 +34,7 @@ func TestCreateFile(t *testing.T) { "content": "Content", "commit_choice": "direct", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) }) } @@ -48,7 +48,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) { "_csrf": csrf, "protected": "on", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) // Check if master branch has been locked successfully flashCookie := session.GetCookie("macaron_flash") assert.NotNil(t, flashCookie) @@ -82,7 +82,7 @@ func TestCreateFileOnProtectedBranch(t *testing.T) { "_csrf": csrf, "protected": "off", }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) // Check if master branch has been locked successfully flashCookie = session.GetCookie("macaron_flash") assert.NotNil(t, flashCookie) @@ -109,7 +109,7 @@ func testEditFile(t *testing.T, session *TestSession, user, repo, branch, filePa "commit_choice": "direct", }, ) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) // Verify the change req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", branch, filePath)) @@ -139,7 +139,7 @@ func testEditFileToNewBranch(t *testing.T, session *TestSession, user, repo, bra "new_branch_name": targetBranch, }, ) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) // Verify the change req = NewRequest(t, "GET", path.Join(user, repo, "raw/branch", targetBranch, filePath)) diff --git a/integrations/git_smart_http_test.go b/integrations/git_smart_http_test.go index b6043fe706..a6baafe374 100644 --- a/integrations/git_smart_http_test.go +++ b/integrations/git_smart_http_test.go @@ -24,31 +24,31 @@ func testGitSmartHTTP(t *testing.T, u *url.URL) { }{ { p: "user2/repo1/info/refs", - code: 200, + code: http.StatusOK, }, { p: "user2/repo1/HEAD", - code: 200, + code: http.StatusOK, }, { p: "user2/repo1/objects/info/alternates", - code: 404, + code: http.StatusNotFound, }, { p: "user2/repo1/objects/info/http-alternates", - code: 404, + code: http.StatusNotFound, }, { p: "user2/repo1/../../custom/conf/app.ini", - code: 404, + code: http.StatusNotFound, }, { p: "user2/repo1/objects/info/../../../../custom/conf/app.ini", - code: 404, + code: http.StatusNotFound, }, { p: `user2/repo1/objects/info/..\..\..\..\custom\conf\app.ini`, - code: 400, + code: http.StatusBadRequest, }, } diff --git a/integrations/git_test.go b/integrations/git_test.go index e1df8ac546..675b1879fa 100644 --- a/integrations/git_test.go +++ b/integrations/git_test.go @@ -435,7 +435,7 @@ func doProtectBranch(ctx APITestContext, branch, userToWhitelist, unprotectedFil "protected": "on", "unprotected_file_patterns": unprotectedFilePatterns, }) - ctx.Session.MakeRequest(t, req, http.StatusFound) + ctx.Session.MakeRequest(t, req, http.StatusSeeOther) } else { user, err := user_model.GetUserByName(userToWhitelist) assert.NoError(t, err) @@ -448,7 +448,7 @@ func doProtectBranch(ctx APITestContext, branch, userToWhitelist, unprotectedFil "whitelist_users": strconv.FormatInt(user.ID, 10), "unprotected_file_patterns": unprotectedFilePatterns, }) - ctx.Session.MakeRequest(t, req, http.StatusFound) + ctx.Session.MakeRequest(t, req, http.StatusSeeOther) } // Check if master branch has been locked successfully flashCookie := ctx.Session.GetCookie("macaron_flash") diff --git a/integrations/integration_test.go b/integrations/integration_test.go index dfa5bade78..c778fb8013 100644 --- a/integrations/integration_test.go +++ b/integrations/integration_test.go @@ -380,7 +380,7 @@ func loginUserWithPassword(t testing.TB, userName, password string) *TestSession "user_name": userName, "password": password, }) - resp = MakeRequest(t, req, http.StatusFound) + resp = MakeRequest(t, req, http.StatusSeeOther) ch := http.Header{} ch.Add("Cookie", strings.Join(resp.Header()["Set-Cookie"], ";")) @@ -408,7 +408,7 @@ func getTokenForLoggedInUser(t testing.TB, session *TestSession) string { "_csrf": doc.GetCSRF(), "name": fmt.Sprintf("api-testing-token-%d", tokenCounter), }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", "/user/settings/applications") resp = session.MakeRequest(t, req, http.StatusOK) htmlDoc := NewHTMLParser(t, resp.Body) diff --git a/integrations/issue_test.go b/integrations/issue_test.go index 29de774ee4..6a9b48e5a4 100644 --- a/integrations/issue_test.go +++ b/integrations/issue_test.go @@ -132,7 +132,7 @@ func testNewIssue(t *testing.T, session *TestSession, user, repo, title, content "title": title, "content": content, }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) issueURL := test.RedirectURL(resp) req = NewRequest(t, "GET", issueURL) @@ -162,7 +162,7 @@ func testIssueAddComment(t *testing.T, session *TestSession, issueURL, content, "content": content, "status": status, }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", test.RedirectURL(resp)) resp = session.MakeRequest(t, req, http.StatusOK) @@ -334,16 +334,16 @@ func TestIssueRedirect(t *testing.T) { // Test external tracker where style not set (shall default numeric) req := NewRequest(t, "GET", path.Join("org26", "repo_external_tracker", "issues", "1")) - resp := session.MakeRequest(t, req, http.StatusFound) + resp := session.MakeRequest(t, req, http.StatusSeeOther) assert.Equal(t, "https://tracker.com/org26/repo_external_tracker/issues/1", test.RedirectURL(resp)) // Test external tracker with numeric style req = NewRequest(t, "GET", path.Join("org26", "repo_external_tracker_numeric", "issues", "1")) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) assert.Equal(t, "https://tracker.com/org26/repo_external_tracker_numeric/issues/1", test.RedirectURL(resp)) // Test external tracker with alphanumeric style (for a pull request) req = NewRequest(t, "GET", path.Join("org26", "repo_external_tracker_alpha", "issues", "1")) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) assert.Equal(t, "/"+path.Join("org26", "repo_external_tracker_alpha", "pulls", "1"), test.RedirectURL(resp)) } diff --git a/integrations/links_test.go b/integrations/links_test.go index f514aa7757..bc87ffad83 100644 --- a/integrations/links_test.go +++ b/integrations/links_test.go @@ -59,7 +59,7 @@ func TestRedirectsNoLogin(t *testing.T) { } for link, redirectLink := range redirects { req := NewRequest(t, "GET", link) - resp := MakeRequest(t, req, http.StatusFound) + resp := MakeRequest(t, req, http.StatusSeeOther) assert.EqualValues(t, path.Join(setting.AppSubURL, redirectLink), test.RedirectURL(resp)) } } diff --git a/integrations/mirror_push_test.go b/integrations/mirror_push_test.go index b231b7a919..c5f45643ec 100644 --- a/integrations/mirror_push_test.go +++ b/integrations/mirror_push_test.go @@ -89,7 +89,7 @@ func doCreatePushMirror(ctx APITestContext, address, username, password string) "push_mirror_password": password, "push_mirror_interval": "0", }) - ctx.Session.MakeRequest(t, req, http.StatusFound) + ctx.Session.MakeRequest(t, req, http.StatusSeeOther) flashCookie := ctx.Session.GetCookie("macaron_flash") assert.NotNil(t, flashCookie) @@ -110,7 +110,7 @@ func doRemovePushMirror(ctx APITestContext, address, username, password string, "push_mirror_password": password, "push_mirror_interval": "0", }) - ctx.Session.MakeRequest(t, req, http.StatusFound) + ctx.Session.MakeRequest(t, req, http.StatusSeeOther) flashCookie := ctx.Session.GetCookie("macaron_flash") assert.NotNil(t, flashCookie) diff --git a/integrations/nonascii_branches_test.go b/integrations/nonascii_branches_test.go index f2992ecc1f..5ab7b8526a 100644 --- a/integrations/nonascii_branches_test.go +++ b/integrations/nonascii_branches_test.go @@ -18,7 +18,7 @@ func testSrcRouteRedirect(t *testing.T, session *TestSession, user, repo, route, // Make request req := NewRequest(t, "GET", path.Join(prefix, route)) - resp := session.MakeRequest(t, req, http.StatusFound) + resp := session.MakeRequest(t, req, http.StatusSeeOther) // Check Location header location := resp.HeaderMap.Get("Location") @@ -37,7 +37,7 @@ func setDefaultBranch(t *testing.T, session *TestSession, user, repo, branch str "action": "default_branch", "branch": branch, }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) } func TestNonasciiBranches(t *testing.T) { diff --git a/integrations/oauth_test.go b/integrations/oauth_test.go index c36aab652b..678dfbae2d 100644 --- a/integrations/oauth_test.go +++ b/integrations/oauth_test.go @@ -7,6 +7,7 @@ package integrations import ( "bytes" "io" + "net/http" "testing" "code.gitea.io/gitea/modules/json" @@ -21,20 +22,20 @@ func TestNoClientID(t *testing.T) { defer prepareTestEnv(t)() req := NewRequest(t, "GET", "/login/oauth/authorize") ctx := loginUser(t, "user2") - ctx.MakeRequest(t, req, 400) + ctx.MakeRequest(t, req, http.StatusBadRequest) } func TestLoginRedirect(t *testing.T) { defer prepareTestEnv(t)() req := NewRequest(t, "GET", "/login/oauth/authorize") - assert.Contains(t, MakeRequest(t, req, 302).Body.String(), "/user/login") + assert.Contains(t, MakeRequest(t, req, http.StatusSeeOther).Body.String(), "/user/login") } func TestShowAuthorize(t *testing.T) { defer prepareTestEnv(t)() req := NewRequest(t, "GET", defaultAuthorize) ctx := loginUser(t, "user4") - resp := ctx.MakeRequest(t, req, 200) + resp := ctx.MakeRequest(t, req, http.StatusOK) htmlDoc := NewHTMLParser(t, resp.Body) htmlDoc.AssertElement(t, "#authorize-app", true) @@ -45,7 +46,7 @@ func TestRedirectWithExistingGrant(t *testing.T) { defer prepareTestEnv(t)() req := NewRequest(t, "GET", defaultAuthorize) ctx := loginUser(t, "user1") - resp := ctx.MakeRequest(t, req, 302) + resp := ctx.MakeRequest(t, req, http.StatusSeeOther) u, err := resp.Result().Location() assert.NoError(t, err) assert.Equal(t, "thestate", u.Query().Get("state")) @@ -62,7 +63,7 @@ func TestAccessTokenExchange(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - resp := MakeRequest(t, req, 200) + resp := MakeRequest(t, req, http.StatusOK) type response struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` @@ -86,7 +87,7 @@ func TestAccessTokenExchangeWithoutPKCE(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - resp := MakeRequest(t, req, 200) + resp := MakeRequest(t, req, http.StatusOK) type response struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` @@ -109,7 +110,7 @@ func TestAccessTokenExchangeJSON(t *testing.T) { "redirect_uri": "a", "code": "authcode", }) - MakeRequest(t, req, 400) + MakeRequest(t, req, http.StatusBadRequest) } func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) { @@ -123,7 +124,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - MakeRequest(t, req, 400) + MakeRequest(t, req, http.StatusBadRequest) // invalid client secret req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{ "grant_type": "authorization_code", @@ -133,7 +134,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - MakeRequest(t, req, 400) + MakeRequest(t, req, http.StatusBadRequest) // invalid redirect uri req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{ "grant_type": "authorization_code", @@ -143,7 +144,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - MakeRequest(t, req, 400) + MakeRequest(t, req, http.StatusBadRequest) // invalid authorization code req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{ "grant_type": "authorization_code", @@ -153,7 +154,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) { "code": "???", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - MakeRequest(t, req, 400) + MakeRequest(t, req, http.StatusBadRequest) // invalid grant_type req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{ "grant_type": "???", @@ -163,7 +164,7 @@ func TestAccessTokenExchangeWithInvalidCredentials(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - MakeRequest(t, req, 400) + MakeRequest(t, req, http.StatusBadRequest) } func TestAccessTokenExchangeWithBasicAuth(t *testing.T) { @@ -175,7 +176,7 @@ func TestAccessTokenExchangeWithBasicAuth(t *testing.T) { "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) req.Header.Add("Authorization", "Basic ZGE3ZGEzYmEtOWExMy00MTY3LTg1NmYtMzg5OWRlMGIwMTM4OjRNSzhOYTZSNTVzbWRDWTBXdUNDdW1aNmhqUlBuR1k1c2FXVlJISGpKaUE9") - resp := MakeRequest(t, req, 200) + resp := MakeRequest(t, req, http.StatusOK) type response struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` @@ -196,7 +197,7 @@ func TestAccessTokenExchangeWithBasicAuth(t *testing.T) { "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) req.Header.Add("Authorization", "Basic ZGE3ZGEzYmEtOWExMy00MTY3LTg1NmYtMzg5OWRlMGIwMTM4OmJsYWJsYQ==") - resp = MakeRequest(t, req, 400) + resp = MakeRequest(t, req, http.StatusBadRequest) // missing header req = NewRequestWithValues(t, "POST", "/login/oauth/access_token", map[string]string{ @@ -205,7 +206,7 @@ func TestAccessTokenExchangeWithBasicAuth(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - resp = MakeRequest(t, req, 400) + resp = MakeRequest(t, req, http.StatusBadRequest) } func TestRefreshTokenInvalidation(t *testing.T) { @@ -218,7 +219,7 @@ func TestRefreshTokenInvalidation(t *testing.T) { "code": "authcode", "code_verifier": "N1Zo9-8Rfwhkt68r1r29ty8YwIraXR8eh_1Qwxg7yQXsonBt", // test PKCE additionally }) - resp := MakeRequest(t, req, 200) + resp := MakeRequest(t, req, http.StatusOK) type response struct { AccessToken string `json:"access_token"` TokenType string `json:"token_type"` @@ -244,16 +245,16 @@ func TestRefreshTokenInvalidation(t *testing.T) { assert.NoError(t, err) refreshReq.Body = io.NopCloser(bytes.NewReader(bs)) - MakeRequest(t, refreshReq, 200) + MakeRequest(t, refreshReq, http.StatusOK) refreshReq.Body = io.NopCloser(bytes.NewReader(bs)) - MakeRequest(t, refreshReq, 200) + MakeRequest(t, refreshReq, http.StatusOK) // test with invalidation setting.OAuth2.InvalidateRefreshTokens = true refreshReq.Body = io.NopCloser(bytes.NewReader(bs)) - MakeRequest(t, refreshReq, 200) + MakeRequest(t, refreshReq, http.StatusOK) refreshReq.Body = io.NopCloser(bytes.NewReader(bs)) - MakeRequest(t, refreshReq, 400) + MakeRequest(t, refreshReq, http.StatusBadRequest) } diff --git a/integrations/privateactivity_test.go b/integrations/privateactivity_test.go index 44df39b6e0..c5cdc27d6e 100644 --- a/integrations/privateactivity_test.go +++ b/integrations/privateactivity_test.go @@ -53,7 +53,7 @@ func testPrivateActivityHelperEnablePrivateActivity(t *testing.T) { "language": "en-US", "keep_activity_private": "1", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) } func testPrivateActivityHelperHasVisibleActivitiesInHTMLDoc(htmlDoc *HTMLDoc) bool { diff --git a/integrations/pull_create_test.go b/integrations/pull_create_test.go index 948c0b9ce2..671b5e7551 100644 --- a/integrations/pull_create_test.go +++ b/integrations/pull_create_test.go @@ -38,7 +38,7 @@ func testPullCreate(t *testing.T, session *TestSession, user, repo, branch, titl "_csrf": htmlDoc.GetCSRF(), "title": title, }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) return resp } @@ -130,7 +130,7 @@ func testDeleteRepository(t *testing.T, session *TestSession, ownerName, repoNam "_csrf": htmlDoc.GetCSRF(), "repo_name": repoName, }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) } func TestPullBranchDelete(t *testing.T) { @@ -139,7 +139,7 @@ func TestPullBranchDelete(t *testing.T) { session := loginUser(t, "user1") testRepoFork(t, session, "user2", "repo1", "user1", "repo1") - testCreateBranch(t, session, "user1", "repo1", "branch/master", "master1", http.StatusFound) + testCreateBranch(t, session, "user1", "repo1", "branch/master", "master1", http.StatusSeeOther) testEditFile(t, session, "user1", "repo1", "master1", "README.md", "Hello, World (Edited)\n") resp := testPullCreate(t, session, "user1", "repo1", "master1", "This is a pull title") diff --git a/integrations/pull_merge_test.go b/integrations/pull_merge_test.go index 8aded910d4..2e33d7095f 100644 --- a/integrations/pull_merge_test.go +++ b/integrations/pull_merge_test.go @@ -42,7 +42,7 @@ func testPullMerge(t *testing.T, session *TestSession, user, repo, pullnum strin "_csrf": htmlDoc.GetCSRF(), "do": string(mergeStyle), }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) return resp } @@ -220,7 +220,7 @@ func TestCantMergeConflict(t *testing.T) { Base: "base", Title: "create a conflicting pr", }) - session.MakeRequest(t, req, 201) + session.MakeRequest(t, req, http.StatusCreated) // Now this PR will be marked conflict - or at least a race will do - so drop down to pure code at this point... user1 := unittest.AssertExistsAndLoadBean(t, &user_model.User{ @@ -330,7 +330,7 @@ func TestCantMergeUnrelated(t *testing.T) { Base: "base", Title: "create an unrelated pr", }) - session.MakeRequest(t, req, 201) + session.MakeRequest(t, req, http.StatusCreated) // Now this PR could be marked conflict - or at least a race may occur - so drop down to pure code at this point... gitRepo, err := git.OpenRepository(path) diff --git a/integrations/pull_status_test.go b/integrations/pull_status_test.go index f818643005..07c73ceac6 100644 --- a/integrations/pull_status_test.go +++ b/integrations/pull_status_test.go @@ -29,7 +29,7 @@ func TestPullCreate_CommitStatus(t *testing.T) { "title": "pull request from status1", }, ) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", "/user1/repo1/pulls") resp := session.MakeRequest(t, req, http.StatusOK) @@ -108,7 +108,7 @@ func TestPullCreate_EmptyChangesWithCommits(t *testing.T) { "title": "pull request from status1", }, ) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", "/user1/repo1/pulls/1") resp := session.MakeRequest(t, req, http.StatusOK) diff --git a/integrations/release_test.go b/integrations/release_test.go index 28e0347791..88591a05e9 100644 --- a/integrations/release_test.go +++ b/integrations/release_test.go @@ -43,7 +43,7 @@ func createNewRelease(t *testing.T, session *TestSession, repoURL, tag, title st } req = NewRequestWithValues(t, "POST", link, postData) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) test.RedirectURL(resp) // check that redirect URL exists } diff --git a/integrations/rename_branch_test.go b/integrations/rename_branch_test.go index e856214f3c..7760a2d946 100644 --- a/integrations/rename_branch_test.go +++ b/integrations/rename_branch_test.go @@ -27,7 +27,7 @@ func TestRenameBranch(t *testing.T) { "to": "main", } req = NewRequestWithValues(t, "POST", "/user2/repo1/settings/rename_branch", postData) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) // check new branch link req = NewRequestWithValues(t, "GET", "/user2/repo1/src/branch/main/README.md", postData) @@ -35,7 +35,7 @@ func TestRenameBranch(t *testing.T) { // check old branch link req = NewRequestWithValues(t, "GET", "/user2/repo1/src/branch/master/README.md", postData) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) location := resp.HeaderMap.Get("Location") assert.Equal(t, "/user2/repo1/src/branch/main/README.md", location) diff --git a/integrations/repo_branch_test.go b/integrations/repo_branch_test.go index aef28515e7..ade5d673b9 100644 --- a/integrations/repo_branch_test.go +++ b/integrations/repo_branch_test.go @@ -30,7 +30,7 @@ func testCreateBranch(t testing.TB, session *TestSession, user, repo, oldRefSubU "new_branch_name": newBranchName, }) resp := session.MakeRequest(t, req, expectedStatus) - if expectedStatus != http.StatusFound { + if expectedStatus != http.StatusSeeOther { return "" } return test.RedirectURL(resp) @@ -51,37 +51,37 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) { { OldRefSubURL: "branch/master", NewBranch: "feature/test1", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.create_success", "feature/test1"), }, { OldRefSubURL: "branch/master", NewBranch: "", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "form.NewBranchName") + i18n.Tr("en", "form.require_error"), }, { OldRefSubURL: "branch/master", NewBranch: "feature=test1", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.create_success", "feature=test1"), }, { OldRefSubURL: "branch/master", NewBranch: strings.Repeat("b", 101), - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "form.NewBranchName") + i18n.Tr("en", "form.max_size_error", "100"), }, { OldRefSubURL: "branch/master", NewBranch: "master", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.branch_already_exists", "master"), }, { OldRefSubURL: "branch/master", NewBranch: "master/test", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.branch_name_conflict", "master/test", "master"), }, { @@ -92,21 +92,21 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) { { OldRefSubURL: "commit/65f1bf27bc3bf70f64657658635e66094edbcb4d", NewBranch: "feature/test3", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.create_success", "feature/test3"), }, { OldRefSubURL: "branch/master", NewBranch: "v1.0.0", CreateRelease: "v1.0.0", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.tag_collision", "v1.0.0"), }, { OldRefSubURL: "tag/v1.0.0", NewBranch: "feature/test4", CreateRelease: "v1.0.1", - ExpectedStatus: http.StatusFound, + ExpectedStatus: http.StatusSeeOther, FlashMessage: i18n.Tr("en", "repo.branch.create_success", "feature/test4"), }, } @@ -116,7 +116,7 @@ func testCreateBranches(t *testing.T, giteaURL *url.URL) { createNewRelease(t, session, "/user2/repo1", test.CreateRelease, test.CreateRelease, false, false) } redirectURL := testCreateBranch(t, session, "user2", "repo1", test.OldRefSubURL, test.NewBranch, test.ExpectedStatus) - if test.ExpectedStatus == http.StatusFound { + if test.ExpectedStatus == http.StatusSeeOther { req := NewRequest(t, "GET", redirectURL) resp := session.MakeRequest(t, req, http.StatusOK) htmlDoc := NewHTMLParser(t, resp.Body) @@ -135,7 +135,7 @@ func TestCreateBranchInvalidCSRF(t *testing.T) { "_csrf": "fake_csrf", "new_branch_name": "test", }) - resp := session.MakeRequest(t, req, http.StatusFound) + resp := session.MakeRequest(t, req, http.StatusSeeOther) loc := resp.Header().Get("Location") assert.Equal(t, setting.AppSubURL+"/", loc) resp = session.MakeRequest(t, NewRequest(t, "GET", loc), http.StatusOK) diff --git a/integrations/repo_fork_test.go b/integrations/repo_fork_test.go index 27b62d2646..d701850f14 100644 --- a/integrations/repo_fork_test.go +++ b/integrations/repo_fork_test.go @@ -45,7 +45,7 @@ func testRepoFork(t *testing.T, session *TestSession, ownerName, repoName, forkO "uid": fmt.Sprintf("%d", forkOwner.ID), "repo_name": forkRepoName, }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) // Step4: check the existence of the forked repo req = NewRequestf(t, "GET", "/%s/%s", forkOwnerName, forkRepoName) diff --git a/integrations/repo_generate_test.go b/integrations/repo_generate_test.go index b70a4a4797..4fbbb56c50 100644 --- a/integrations/repo_generate_test.go +++ b/integrations/repo_generate_test.go @@ -46,7 +46,7 @@ func testRepoGenerate(t *testing.T, session *TestSession, templateOwnerName, tem "repo_name": generateRepoName, "git_content": "true", }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) // Step4: check the existence of the generated repo req = NewRequestf(t, "GET", "/%s/%s", generateOwnerName, generateRepoName) diff --git a/integrations/repo_migrate_test.go b/integrations/repo_migrate_test.go index e6ba15b137..4e6923dd6f 100644 --- a/integrations/repo_migrate_test.go +++ b/integrations/repo_migrate_test.go @@ -33,7 +33,7 @@ func testRepoMigrate(t testing.TB, session *TestSession, cloneAddr, repoName str "repo_name": repoName, "service": fmt.Sprintf("%d", structs.PlainGitService), }) - resp = session.MakeRequest(t, req, http.StatusFound) + resp = session.MakeRequest(t, req, http.StatusSeeOther) return resp } diff --git a/integrations/setting_test.go b/integrations/setting_test.go index c0455a4520..3852eb4955 100644 --- a/integrations/setting_test.go +++ b/integrations/setting_test.go @@ -90,17 +90,17 @@ func TestSettingLandingPage(t *testing.T) { setting.LandingPageURL = setting.LandingPageExplore req = NewRequest(t, "GET", "/") - resp := MakeRequest(t, req, http.StatusFound) + resp := MakeRequest(t, req, http.StatusSeeOther) assert.Equal(t, "/explore", resp.Header().Get("Location")) setting.LandingPageURL = setting.LandingPageOrganizations req = NewRequest(t, "GET", "/") - resp = MakeRequest(t, req, http.StatusFound) + resp = MakeRequest(t, req, http.StatusSeeOther) assert.Equal(t, "/explore/organizations", resp.Header().Get("Location")) setting.LandingPageURL = setting.LandingPageLogin req = NewRequest(t, "GET", "/") - resp = MakeRequest(t, req, http.StatusFound) + resp = MakeRequest(t, req, http.StatusSeeOther) assert.Equal(t, "/user/login", resp.Header().Get("Location")) setting.LandingPageURL = landingPage diff --git a/integrations/signout_test.go b/integrations/signout_test.go index b54e7ee9ee..8ef97e89c5 100644 --- a/integrations/signout_test.go +++ b/integrations/signout_test.go @@ -15,7 +15,7 @@ func TestSignOut(t *testing.T) { session := loginUser(t, "user2") req := NewRequest(t, "POST", "/user/logout") - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) // try to view a private repo, should fail req = NewRequest(t, "GET", "/user2/repo2") diff --git a/integrations/signup_test.go b/integrations/signup_test.go index 93e384076f..87dea2fbe7 100644 --- a/integrations/signup_test.go +++ b/integrations/signup_test.go @@ -29,7 +29,7 @@ func TestSignup(t *testing.T) { "password": "examplePassword!1", "retype": "examplePassword!1", }) - MakeRequest(t, req, http.StatusFound) + MakeRequest(t, req, http.StatusSeeOther) // should be able to view new user's page req = NewRequest(t, "GET", "/exampleUser") @@ -48,7 +48,7 @@ func TestSignupAsRestricted(t *testing.T) { "password": "examplePassword!1", "retype": "examplePassword!1", }) - MakeRequest(t, req, http.StatusFound) + MakeRequest(t, req, http.StatusSeeOther) // should be able to view new user's page req = NewRequest(t, "GET", "/restrictedUser") @@ -71,7 +71,7 @@ func TestSignupEmail(t *testing.T) { {"exampleUser@example.com\r\n", http.StatusOK, i18n.Tr("en", "form.email_invalid", nil)}, {"exampleUser@example.com\r", http.StatusOK, i18n.Tr("en", "form.email_invalid", nil)}, {"exampleUser@example.com\n", http.StatusOK, i18n.Tr("en", "form.email_invalid", nil)}, - {"exampleUser@example.com", http.StatusFound, ""}, + {"exampleUser@example.com", http.StatusSeeOther, ""}, } for i, test := range tests { diff --git a/integrations/user_avatar_test.go b/integrations/user_avatar_test.go index 7c2267885a..2bf6fde5ff 100644 --- a/integrations/user_avatar_test.go +++ b/integrations/user_avatar_test.go @@ -70,7 +70,7 @@ func TestUserAvatar(t *testing.T) { req.Header.Add("X-Csrf-Token", csrf) req.Header.Add("Content-Type", writer.FormDataContentType()) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) user2 = unittest.AssertExistsAndLoadBean(t, &user_model.User{ID: 2}).(*user_model.User) // owner of the repo3, is an org diff --git a/integrations/user_test.go b/integrations/user_test.go index 4cfe7700e1..24f2a4d6a8 100644 --- a/integrations/user_test.go +++ b/integrations/user_test.go @@ -33,7 +33,7 @@ func TestRenameUsername(t *testing.T) { "email": "user2@example.com", "language": "en-US", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) unittest.AssertExistsAndLoadBean(t, &user_model.User{Name: "newUsername"}) unittest.AssertNotExistsBean(t, &user_model.User{Name: "user2"}) @@ -103,7 +103,7 @@ func TestRenameReservedUsername(t *testing.T) { "email": "user2@example.com", "language": "en-US", }) - resp := session.MakeRequest(t, req, http.StatusFound) + resp := session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequest(t, "GET", test.RedirectURL(resp)) resp = session.MakeRequest(t, req, http.StatusOK) diff --git a/integrations/xss_test.go b/integrations/xss_test.go index 4c2e60e799..1ce25e1bf5 100644 --- a/integrations/xss_test.go +++ b/integrations/xss_test.go @@ -27,7 +27,7 @@ func TestXSSUserFullName(t *testing.T) { "email": user.Email, "language": "en-US", }) - session.MakeRequest(t, req, http.StatusFound) + session.MakeRequest(t, req, http.StatusSeeOther) req = NewRequestf(t, "GET", "/%s", user.Name) resp := session.MakeRequest(t, req, http.StatusOK) diff --git a/modules/context/api.go b/modules/context/api.go index c1b31dcff9..e847ca35fa 100644 --- a/modules/context/api.go +++ b/modules/context/api.go @@ -214,7 +214,7 @@ func (ctx *APIContext) RequireCSRF() { if len(headerToken) > 0 || len(formValueToken) > 0 { Validate(ctx.Context, ctx.csrf) } else { - ctx.Context.Error(401, "Missing CSRF token.") + ctx.Context.Error(http.StatusUnauthorized, "Missing CSRF token.") } } @@ -239,7 +239,7 @@ func (ctx *APIContext) CheckForOTP() { return } if !ok { - ctx.Context.Error(401) + ctx.Context.Error(http.StatusUnauthorized) return } } diff --git a/modules/context/context.go b/modules/context/context.go index 57448907e2..61f58eabb2 100644 --- a/modules/context/context.go +++ b/modules/context/context.go @@ -139,7 +139,7 @@ func RedirectToUser(ctx *Context, userName string, redirectUserID int64) { if ctx.Req.URL.RawQuery != "" { redirectPath += "?" + ctx.Req.URL.RawQuery } - ctx.Redirect(path.Join(setting.AppSubURL, redirectPath)) + ctx.Redirect(path.Join(setting.AppSubURL, redirectPath), http.StatusTemporaryRedirect) } // HasAPIError returns true if error occurs in form validation. @@ -215,7 +215,7 @@ func (ctx *Context) HTML(status int, name base.TplName) { // RenderToString renders the template content to a string func (ctx *Context) RenderToString(name base.TplName, data map[string]interface{}) (string, error) { var buf strings.Builder - err := ctx.Render.HTML(&buf, 200, string(name), data) + err := ctx.Render.HTML(&buf, http.StatusOK, string(name), data) return buf.String(), err } @@ -397,7 +397,7 @@ func (ctx *Context) JSON(status int, content interface{}) { // Redirect redirects the request func (ctx *Context) Redirect(location string, status ...int) { - code := http.StatusFound + code := http.StatusSeeOther if len(status) == 1 { code = status[0] } diff --git a/modules/context/repo.go b/modules/context/repo.go index f8b07ffb05..87be2af135 100644 --- a/modules/context/repo.go +++ b/modules/context/repo.go @@ -335,7 +335,7 @@ func RedirectToRepo(ctx *Context, redirectRepoID int64) { if ctx.Req.URL.RawQuery != "" { redirectPath += "?" + ctx.Req.URL.RawQuery } - ctx.Redirect(path.Join(setting.AppSubURL, redirectPath)) + ctx.Redirect(path.Join(setting.AppSubURL, redirectPath), http.StatusTemporaryRedirect) } func repoAssignment(ctx *Context, repo *repo_model.Repository) { diff --git a/modules/lfs/http_client_test.go b/modules/lfs/http_client_test.go index 0ffe663da5..8f6dcb1966 100644 --- a/modules/lfs/http_client_test.go +++ b/modules/lfs/http_client_test.go @@ -81,7 +81,7 @@ func lfsTestRoundtripHandler(req *http.Request) *http.Response { Objects: []*ObjectResponse{ { Error: &ObjectError{ - Code: 404, + Code: http.StatusNotFound, Message: "Object not found", }, }, diff --git a/modules/private/restore_repo.go b/modules/private/restore_repo.go index 347ed5e78a..b1561f392b 100644 --- a/modules/private/restore_repo.go +++ b/modules/private/restore_repo.go @@ -45,7 +45,7 @@ func RestoreRepo(ctx context.Context, repoDir, ownerName, repoName string, units } defer resp.Body.Close() - if resp.StatusCode != 200 { + if resp.StatusCode != http.StatusOK { ret := struct { Err string `json:"err"` }{} diff --git a/modules/web/route_test.go b/modules/web/route_test.go index a8470fec94..801afe92c9 100644 --- a/modules/web/route_test.go +++ b/modules/web/route_test.go @@ -67,7 +67,7 @@ func TestRoute2(t *testing.T) { route = 1 }) }, func(resp http.ResponseWriter, req *http.Request) { - resp.WriteHeader(200) + resp.WriteHeader(http.StatusOK) }) r.Group("/issues/{index}", func() { diff --git a/routers/api/v1/org/member.go b/routers/api/v1/org/member.go index 7f82f19385..9dae15462f 100644 --- a/routers/api/v1/org/member.go +++ b/routers/api/v1/org/member.go @@ -130,7 +130,7 @@ func IsMember(ctx *context.APIContext) { // responses: // "204": // description: user is a member - // "302": + // "303": // description: redirection to /orgs/{org}/public_members/{username} // "404": // description: user is not a member @@ -161,7 +161,7 @@ func IsMember(ctx *context.APIContext) { } redirectURL := setting.AppSubURL + "/api/v1/orgs/" + url.PathEscape(ctx.Org.Organization.Name) + "/public_members/" + url.PathEscape(userToCheck.Name) - ctx.Redirect(redirectURL, 302) + ctx.Redirect(redirectURL) } // IsPublicMember check if a user is a public member of an organization diff --git a/routers/api/v1/repo/issue_tracked_time.go b/routers/api/v1/repo/issue_tracked_time.go index 5cc39becb8..19732c101f 100644 --- a/routers/api/v1/repo/issue_tracked_time.go +++ b/routers/api/v1/repo/issue_tracked_time.go @@ -288,7 +288,7 @@ func ResetIssueTime(ctx *context.APIContext) { } return } - ctx.Status(204) + ctx.Status(http.StatusNoContent) } // DeleteTime delete a specific time by id diff --git a/routers/common/middleware.go b/routers/common/middleware.go index 880700969a..591c4cf30e 100644 --- a/routers/common/middleware.go +++ b/routers/common/middleware.go @@ -70,9 +70,9 @@ func Middlewares() []func(http.Handler) http.Handler { combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, log.Stack(2)) log.Error("%v", combinedErr) if setting.IsProd { - http.Error(resp, http.StatusText(500), 500) + http.Error(resp, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) } else { - http.Error(resp, combinedErr, 500) + http.Error(resp, combinedErr, http.StatusInternalServerError) } } }() diff --git a/routers/install/install.go b/routers/install/install.go index 98eeb5f8a0..164ce68405 100644 --- a/routers/install/install.go +++ b/routers/install/install.go @@ -59,7 +59,7 @@ func Init(next http.Handler) http.Handler { return http.HandlerFunc(func(resp http.ResponseWriter, req *http.Request) { if setting.InstallLock { resp.Header().Add("Refresh", "1; url="+setting.AppURL+"user/login") - _ = rnd.HTML(resp, 200, string(tplPostInstall), nil) + _ = rnd.HTML(resp, http.StatusOK, string(tplPostInstall), nil) return } locale := middleware.Locale(resp, req) diff --git a/routers/install/routes.go b/routers/install/routes.go index f377cd40c9..ef96e99628 100644 --- a/routers/install/routes.go +++ b/routers/install/routes.go @@ -41,9 +41,9 @@ func installRecovery() func(next http.Handler) http.Handler { combinedErr := fmt.Sprintf("PANIC: %v\n%s", err, log.Stack(2)) log.Error("%s", combinedErr) if setting.IsProd { - http.Error(w, http.StatusText(500), 500) + http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError) } else { - http.Error(w, combinedErr, 500) + http.Error(w, combinedErr, http.StatusInternalServerError) } } }() @@ -66,7 +66,7 @@ func installRecovery() func(next http.Handler) http.Handler { if !setting.IsProd { store["ErrorMsg"] = combinedErr } - err = rnd.HTML(w, 500, "status/500", templates.BaseVars().Merge(store)) + err = rnd.HTML(w, http.StatusInternalServerError, "status/500", templates.BaseVars().Merge(store)) if err != nil { log.Error("%v", err) } diff --git a/routers/web/admin/admin.go b/routers/web/admin/admin.go index 63bc7de7d7..4c700df354 100644 --- a/routers/web/admin/admin.go +++ b/routers/web/admin/admin.go @@ -346,7 +346,7 @@ func Queue(ctx *context.Context) { qid := ctx.ParamsInt64("qid") mq := queue.GetManager().GetManagedQueue(qid) if mq == nil { - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } ctx.Data["Title"] = ctx.Tr("admin.monitor.queue", mq.Name) @@ -361,7 +361,7 @@ func WorkerCancel(ctx *context.Context) { qid := ctx.ParamsInt64("qid") mq := queue.GetManager().GetManagedQueue(qid) if mq == nil { - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } pid := ctx.ParamsInt64("pid") @@ -377,7 +377,7 @@ func Flush(ctx *context.Context) { qid := ctx.ParamsInt64("qid") mq := queue.GetManager().GetManagedQueue(qid) if mq == nil { - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } timeout, err := time.ParseDuration(ctx.FormString("timeout")) @@ -423,7 +423,7 @@ func AddWorkers(ctx *context.Context) { qid := ctx.ParamsInt64("qid") mq := queue.GetManager().GetManagedQueue(qid) if mq == nil { - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } number := ctx.FormInt("number") @@ -453,7 +453,7 @@ func SetQueueSettings(ctx *context.Context) { qid := ctx.ParamsInt64("qid") mq := queue.GetManager().GetManagedQueue(qid) if mq == nil { - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } if _, ok := mq.Managed.(queue.ManagedPool); !ok { diff --git a/routers/web/admin/notice.go b/routers/web/admin/notice.go index 147e03ba03..b50549b804 100644 --- a/routers/web/admin/notice.go +++ b/routers/web/admin/notice.go @@ -59,10 +59,10 @@ func DeleteNotices(ctx *context.Context) { if err := admin_model.DeleteNoticesByIDs(ids); err != nil { ctx.Flash.Error("DeleteNoticesByIDs: " + err.Error()) - ctx.Status(500) + ctx.Status(http.StatusInternalServerError) } else { ctx.Flash.Success(ctx.Tr("admin.notices.delete_success")) - ctx.Status(200) + ctx.Status(http.StatusOK) } } diff --git a/routers/web/auth/oauth.go b/routers/web/auth/oauth.go index 847af52bdb..4369c333ac 100644 --- a/routers/web/auth/oauth.go +++ b/routers/web/auth/oauth.go @@ -462,7 +462,7 @@ func AuthorizeOAuth(ctx *context.Context) { log.Error("Unable to update nonce: %v", err) } } - ctx.Redirect(redirect.String(), 302) + ctx.Redirect(redirect.String()) return } @@ -544,7 +544,7 @@ func GrantApplicationOAuth(ctx *context.Context) { handleServerError(ctx, form.State, form.RedirectURI) return } - ctx.Redirect(redirect.String(), 302) + ctx.Redirect(redirect.String(), http.StatusSeeOther) } // OIDCWellKnown generates JSON so OIDC clients know Gitea's capabilities @@ -752,7 +752,7 @@ func handleAuthorizeError(ctx *context.Context, authErr AuthorizeError, redirect if redirectURI == "" { log.Warn("Authorization failed: %v", authErr.ErrorDescription) ctx.Data["Error"] = authErr - ctx.HTML(400, tplGrantError) + ctx.HTML(http.StatusBadRequest, tplGrantError) return } redirect, err := url.Parse(redirectURI) @@ -765,7 +765,7 @@ func handleAuthorizeError(ctx *context.Context, authErr AuthorizeError, redirect q.Set("error_description", authErr.ErrorDescription) q.Set("state", authErr.State) redirect.RawQuery = q.Encode() - ctx.Redirect(redirect.String(), 302) + ctx.Redirect(redirect.String(), http.StatusSeeOther) } // SignInOAuth handles the OAuth2 login buttons diff --git a/routers/web/auth/webauthn.go b/routers/web/auth/webauthn.go index bedbe7ddc3..c0cf58f3d3 100644 --- a/routers/web/auth/webauthn.go +++ b/routers/web/auth/webauthn.go @@ -39,7 +39,7 @@ func WebAuthn(ctx *context.Context) { return } - ctx.HTML(200, tplWebAuthn) + ctx.HTML(http.StatusOK, tplWebAuthn) } // WebAuthnLoginAssertion submits a WebAuthn challenge to the browser @@ -166,5 +166,5 @@ func WebAuthnLoginAssertionPost(ctx *context.Context) { } } - ctx.JSON(200, map[string]string{"redirect": redirect}) + ctx.JSON(http.StatusOK, map[string]string{"redirect": redirect}) } diff --git a/routers/web/base.go b/routers/web/base.go index 3e873c5826..938abaef81 100644 --- a/routers/web/base.go +++ b/routers/web/base.go @@ -50,11 +50,11 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor if err != nil { if os.IsNotExist(err) || errors.Is(err, os.ErrNotExist) { log.Warn("Unable to find %s %s", prefix, rPath) - http.Error(w, "file not found", 404) + http.Error(w, "file not found", http.StatusNotFound) return } log.Error("Error whilst getting URL for %s %s. Error: %v", prefix, rPath, err) - http.Error(w, fmt.Sprintf("Error whilst getting URL for %s %s", prefix, rPath), 500) + http.Error(w, fmt.Sprintf("Error whilst getting URL for %s %s", prefix, rPath), http.StatusInternalServerError) return } @@ -62,7 +62,7 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor w, req, u.String(), - http.StatusMovedPermanently, + http.StatusPermanentRedirect, ) }) } @@ -82,7 +82,7 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor rPath := strings.TrimPrefix(req.URL.Path, "/"+prefix+"/") rPath = path.Clean("/" + strings.ReplaceAll(rPath, "\\", "/"))[1:] if rPath == "" { - http.Error(w, "file not found", 404) + http.Error(w, "file not found", http.StatusNotFound) return } @@ -96,11 +96,11 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor if err != nil { if os.IsNotExist(err) || errors.Is(err, os.ErrNotExist) { log.Warn("Unable to find %s %s", prefix, rPath) - http.Error(w, "file not found", 404) + http.Error(w, "file not found", http.StatusNotFound) return } log.Error("Error whilst opening %s %s. Error: %v", prefix, rPath, err) - http.Error(w, fmt.Sprintf("Error whilst opening %s %s", prefix, rPath), 500) + http.Error(w, fmt.Sprintf("Error whilst opening %s %s", prefix, rPath), http.StatusInternalServerError) return } defer fr.Close() @@ -108,7 +108,7 @@ func storageHandler(storageSetting setting.Storage, prefix string, objStore stor _, err = io.Copy(w, fr) if err != nil { log.Error("Error whilst rendering %s %s. Error: %v", prefix, rPath, err) - http.Error(w, fmt.Sprintf("Error whilst rendering %s %s", prefix, rPath), 500) + http.Error(w, fmt.Sprintf("Error whilst rendering %s %s", prefix, rPath), http.StatusInternalServerError) return } }) @@ -163,7 +163,7 @@ func Recovery() func(next http.Handler) http.Handler { if !setting.IsProd { store["ErrorMsg"] = combinedErr } - err = rnd.HTML(w, 500, "status/500", templates.BaseVars().Merge(store)) + err = rnd.HTML(w, http.StatusInternalServerError, "status/500", templates.BaseVars().Merge(store)) if err != nil { log.Error("%v", err) } diff --git a/routers/web/explore/code.go b/routers/web/explore/code.go index 506d13b59b..28bdc7c9ca 100644 --- a/routers/web/explore/code.go +++ b/routers/web/explore/code.go @@ -24,7 +24,7 @@ const ( // Code render explore code page func Code(ctx *context.Context) { if !setting.Indexer.RepoIndexerEnabled { - ctx.Redirect(setting.AppSubURL+"/explore", 302) + ctx.Redirect(setting.AppSubURL + "/explore") return } diff --git a/routers/web/goget.go b/routers/web/goget.go index 2843a96c30..4a31fcc2c5 100644 --- a/routers/web/goget.go +++ b/routers/web/goget.go @@ -48,7 +48,7 @@ func goGet(ctx *context.Context) { </body> </html> `)) - ctx.Status(400) + ctx.Status(http.StatusBadRequest) return } branchName := setting.Repository.DefaultBranch diff --git a/routers/web/metrics.go b/routers/web/metrics.go index 37558ee337..c7e01b8faa 100644 --- a/routers/web/metrics.go +++ b/routers/web/metrics.go @@ -21,13 +21,13 @@ func Metrics(resp http.ResponseWriter, req *http.Request) { } header := req.Header.Get("Authorization") if header == "" { - http.Error(resp, "", 401) + http.Error(resp, "", http.StatusUnauthorized) return } got := []byte(header) want := []byte("Bearer " + setting.Metrics.Token) if subtle.ConstantTimeCompare(got, want) != 1 { - http.Error(resp, "", 401) + http.Error(resp, "", http.StatusUnauthorized) return } promhttp.Handler().ServeHTTP(resp, req) diff --git a/routers/web/repo/editor.go b/routers/web/repo/editor.go index a2cf070375..c10162c759 100644 --- a/routers/web/repo/editor.go +++ b/routers/web/repo/editor.go @@ -780,7 +780,7 @@ func UploadFileToServer(ctx *context.Context) { func RemoveUploadFileFromServer(ctx *context.Context) { form := web.GetForm(ctx).(*forms.RemoveUploadFileForm) if len(form.File) == 0 { - ctx.Status(204) + ctx.Status(http.StatusNoContent) return } @@ -790,7 +790,7 @@ func RemoveUploadFileFromServer(ctx *context.Context) { } log.Trace("Upload file removed: %s", form.File) - ctx.Status(204) + ctx.Status(http.StatusNoContent) } // GetUniquePatchBranchName Gets a unique branch name for a new patch branch diff --git a/routers/web/repo/issue.go b/routers/web/repo/issue.go index adf7e93eac..aeb1f0a020 100644 --- a/routers/web/repo/issue.go +++ b/routers/web/repo/issue.go @@ -1931,7 +1931,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { // TODO: Not support 'clear' now if action != "attach" && action != "detach" { - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } @@ -1946,7 +1946,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { "UpdatePullReviewRequest: refusing to add review request for non-PR issue %-v#%d", issue.Repo, issue.Index, ) - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } if reviewID < 0 { @@ -1961,7 +1961,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { "UpdatePullReviewRequest: refusing to add team review request for %s#%d owned by non organization UID[%d]", issue.Repo.FullName(), issue.Index, issue.Repo.ID, ) - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } @@ -1975,7 +1975,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { log.Warn( "UpdatePullReviewRequest: refusing to add team review request for UID[%d] team %s to %s#%d owned by UID[%d]", team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID) - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } @@ -1987,7 +1987,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { team.OrgID, team.Name, issue.Repo.FullName(), issue.Index, issue.Repo.ID, err, ) - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } ctx.ServerError("IsValidTeamReviewRequest", err) @@ -2010,7 +2010,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { reviewID, issue.Repo, issue.Index, err, ) - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } ctx.ServerError("GetUserByID", err) @@ -2025,7 +2025,7 @@ func UpdatePullReviewRequest(ctx *context.Context) { reviewer, issue.Repo, issue.Index, err, ) - ctx.Status(403) + ctx.Status(http.StatusForbidden) return } ctx.ServerError("isValidReviewRequest", err) @@ -2117,7 +2117,7 @@ func NewComment(ctx *context.Context) { if issue.IsLocked && !ctx.Repo.CanWriteIssuesOrPulls(issue.IsPull) && !ctx.Doer.IsAdmin { ctx.Flash.Error(ctx.Tr("repo.issues.comment_on_locked")) - ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther) + ctx.Redirect(issue.HTMLURL()) return } @@ -2170,10 +2170,10 @@ func NewComment(ctx *context.Context) { if models.IsErrDependenciesLeft(err) { if issue.IsPull { ctx.Flash.Error(ctx.Tr("repo.issues.dependency.pr_close_blocked")) - ctx.Redirect(fmt.Sprintf("%s/pulls/%d", ctx.Repo.RepoLink, issue.Index), http.StatusSeeOther) + ctx.Redirect(fmt.Sprintf("%s/pulls/%d", ctx.Repo.RepoLink, issue.Index)) } else { ctx.Flash.Error(ctx.Tr("repo.issues.dependency.issue_close_blocked")) - ctx.Redirect(fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index), http.StatusSeeOther) + ctx.Redirect(fmt.Sprintf("%s/issues/%d", ctx.Repo.RepoLink, issue.Index)) } return } @@ -2306,7 +2306,7 @@ func DeleteComment(ctx *context.Context) { return } - ctx.Status(200) + ctx.Status(http.StatusOK) } // ChangeIssueReaction create a reaction for issue diff --git a/routers/web/repo/issue_dependency.go b/routers/web/repo/issue_dependency.go index d9084328ee..d43cb373a2 100644 --- a/routers/web/repo/issue_dependency.go +++ b/routers/web/repo/issue_dependency.go @@ -35,7 +35,7 @@ func AddDependency(ctx *context.Context) { } // Redirect - defer ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther) + defer ctx.Redirect(issue.HTMLURL()) // Dependency dep, err := models.GetIssueByID(depID) @@ -125,5 +125,5 @@ func RemoveDependency(ctx *context.Context) { } // Redirect - ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther) + ctx.Redirect(issue.HTMLURL()) } diff --git a/routers/web/repo/issue_label_test.go b/routers/web/repo/issue_label_test.go index baa34530fa..5d7a29ee93 100644 --- a/routers/web/repo/issue_label_test.go +++ b/routers/web/repo/issue_label_test.go @@ -36,7 +36,7 @@ func TestInitializeLabels(t *testing.T) { test.LoadRepo(t, ctx, 2) web.SetForm(ctx, &forms.InitializeLabelsForm{TemplateName: "Default"}) InitializeLabels(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) unittest.AssertExistsAndLoadBean(t, &models.Label{ RepoID: 2, Name: "enhancement", @@ -82,7 +82,7 @@ func TestNewLabel(t *testing.T) { Color: "#abcdef", }) NewLabel(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) unittest.AssertExistsAndLoadBean(t, &models.Label{ Name: "newlabel", Color: "#abcdef", @@ -101,7 +101,7 @@ func TestUpdateLabel(t *testing.T) { Color: "#abcdef", }) UpdateLabel(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) unittest.AssertExistsAndLoadBean(t, &models.Label{ ID: 2, Name: "newnameforlabel", diff --git a/routers/web/repo/issue_lock.go b/routers/web/repo/issue_lock.go index b016818669..5ac5cac52e 100644 --- a/routers/web/repo/issue_lock.go +++ b/routers/web/repo/issue_lock.go @@ -5,8 +5,6 @@ package repo import ( - "net/http" - "code.gitea.io/gitea/models" "code.gitea.io/gitea/modules/context" "code.gitea.io/gitea/modules/web" @@ -43,7 +41,7 @@ func LockIssue(ctx *context.Context) { return } - ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther) + ctx.Redirect(issue.HTMLURL()) } // UnlockIssue unlocks a previously locked issue. @@ -67,5 +65,5 @@ func UnlockIssue(ctx *context.Context) { return } - ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther) + ctx.Redirect(issue.HTMLURL()) } diff --git a/routers/web/repo/issue_watch.go b/routers/web/repo/issue_watch.go index 223fc72071..53fec11cdc 100644 --- a/routers/web/repo/issue_watch.go +++ b/routers/web/repo/issue_watch.go @@ -53,5 +53,5 @@ func IssueWatch(ctx *context.Context) { return } - ctx.Redirect(issue.HTMLURL(), http.StatusSeeOther) + ctx.Redirect(issue.HTMLURL()) } diff --git a/routers/web/repo/search.go b/routers/web/repo/search.go index e33fe38dea..c230e88d2d 100644 --- a/routers/web/repo/search.go +++ b/routers/web/repo/search.go @@ -18,7 +18,7 @@ const tplSearch base.TplName = "repo/search" // Search render repository search page func Search(ctx *context.Context) { if !setting.Indexer.RepoIndexerEnabled { - ctx.Redirect(ctx.Repo.RepoLink, 302) + ctx.Redirect(ctx.Repo.RepoLink) return } language := ctx.FormTrim("l") diff --git a/routers/web/repo/setting_protected_branch.go b/routers/web/repo/setting_protected_branch.go index cd6cf38038..dae618a758 100644 --- a/routers/web/repo/setting_protected_branch.go +++ b/routers/web/repo/setting_protected_branch.go @@ -73,7 +73,7 @@ func ProtectedBranchPost(ctx *context.Context) { branch := ctx.FormString("branch") if !ctx.Repo.GitRepo.IsBranchExist(branch) { - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } else if repo.DefaultBranch != branch { repo.DefaultBranch = branch diff --git a/routers/web/repo/settings_test.go b/routers/web/repo/settings_test.go index bd29eca195..db1e905869 100644 --- a/routers/web/repo/settings_test.go +++ b/routers/web/repo/settings_test.go @@ -60,7 +60,7 @@ func TestAddReadOnlyDeployKey(t *testing.T) { } web.SetForm(ctx, &addKeyForm) DeployKeysPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{ Name: addKeyForm.Title, @@ -90,7 +90,7 @@ func TestAddReadWriteOnlyDeployKey(t *testing.T) { } web.SetForm(ctx, &addKeyForm) DeployKeysPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) unittest.AssertExistsAndLoadBean(t, &asymkey_model.DeployKey{ Name: addKeyForm.Title, @@ -127,7 +127,7 @@ func TestCollaborationPost(t *testing.T) { CollaborationPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) exists, err := models.IsCollaborator(re.ID, 4) assert.NoError(t, err) @@ -153,7 +153,7 @@ func TestCollaborationPost_InactiveUser(t *testing.T) { CollaborationPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } @@ -185,7 +185,7 @@ func TestCollaborationPost_AddCollaboratorTwice(t *testing.T) { CollaborationPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) exists, err := models.IsCollaborator(re.ID, 4) assert.NoError(t, err) @@ -194,7 +194,7 @@ func TestCollaborationPost_AddCollaboratorTwice(t *testing.T) { // Try adding the same collaborator again CollaborationPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } @@ -216,7 +216,7 @@ func TestCollaborationPost_NonExistentUser(t *testing.T) { CollaborationPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } @@ -256,7 +256,7 @@ func TestAddTeamPost(t *testing.T) { AddTeamPost(ctx) assert.True(t, team.HasRepository(re.ID)) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.Empty(t, ctx.Flash.ErrorMsg) } @@ -296,7 +296,7 @@ func TestAddTeamPost_NotAllowed(t *testing.T) { AddTeamPost(ctx) assert.False(t, team.HasRepository(re.ID)) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } @@ -337,7 +337,7 @@ func TestAddTeamPost_AddTeamTwice(t *testing.T) { AddTeamPost(ctx) assert.True(t, team.HasRepository(re.ID)) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } @@ -370,7 +370,7 @@ func TestAddTeamPost_NonExistentTeam(t *testing.T) { ctx.Repo = repo AddTeamPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assert.NotEmpty(t, ctx.Flash.ErrorMsg) } diff --git a/routers/web/repo/webhook.go b/routers/web/repo/webhook.go index 7ffea1724a..81dab5a3b9 100644 --- a/routers/web/repo/webhook.go +++ b/routers/web/repo/webhook.go @@ -1241,7 +1241,7 @@ func TestWebhook(ctx *context.Context) { w, err := webhook.GetWebhookByRepoID(ctx.Repo.Repository.ID, hookID) if err != nil { ctx.Flash.Error("GetWebhookByID: " + err.Error()) - ctx.Status(500) + ctx.Status(http.StatusInternalServerError) return } @@ -1285,10 +1285,10 @@ func TestWebhook(ctx *context.Context) { } if err := webhook_service.PrepareWebhook(w, ctx.Repo.Repository, webhook.HookEventPush, p); err != nil { ctx.Flash.Error("PrepareWebhook: " + err.Error()) - ctx.Status(500) + ctx.Status(http.StatusInternalServerError) } else { ctx.Flash.Info(ctx.Tr("repo.settings.webhook.delivery.success")) - ctx.Status(200) + ctx.Status(http.StatusOK) } } diff --git a/routers/web/repo/wiki_test.go b/routers/web/repo/wiki_test.go index b19c628a9f..41b5c0f8fd 100644 --- a/routers/web/repo/wiki_test.go +++ b/routers/web/repo/wiki_test.go @@ -124,7 +124,7 @@ func TestNewWikiPost(t *testing.T) { Message: message, }) NewWikiPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assertWikiExists(t, ctx.Repo.Repository, title) assert.Equal(t, wikiContent(t, ctx.Repo.Repository, title), content) } @@ -176,7 +176,7 @@ func TestEditWikiPost(t *testing.T) { Message: message, }) EditWikiPost(ctx) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) assertWikiExists(t, ctx.Repo.Repository, title) assert.Equal(t, wikiContent(t, ctx.Repo.Repository, title), content) if title != "Home" { diff --git a/routers/web/user/home.go b/routers/web/user/home.go index afdc344b69..0878e8d528 100644 --- a/routers/web/user/home.go +++ b/routers/web/user/home.go @@ -151,7 +151,7 @@ func Dashboard(ctx *context.Context) { func Milestones(ctx *context.Context) { if unit.TypeIssues.UnitGlobalDisabled() && unit.TypePullRequests.UnitGlobalDisabled() { log.Debug("Milestones overview page not available as both issues and pull requests are globally disabled") - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } @@ -323,7 +323,7 @@ func Milestones(ctx *context.Context) { func Pulls(ctx *context.Context) { if unit.TypePullRequests.UnitGlobalDisabled() { log.Debug("Pull request overview page not available as it is globally disabled.") - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } @@ -336,7 +336,7 @@ func Pulls(ctx *context.Context) { func Issues(ctx *context.Context) { if unit.TypeIssues.UnitGlobalDisabled() { log.Debug("Issues overview page not available as it is globally disabled.") - ctx.Status(404) + ctx.Status(http.StatusNotFound) return } diff --git a/routers/web/user/setting/account_test.go b/routers/web/user/setting/account_test.go index a67d09e9ed..005603e7ac 100644 --- a/routers/web/user/setting/account_test.go +++ b/routers/web/user/setting/account_test.go @@ -94,6 +94,6 @@ func TestChangePassword(t *testing.T) { AccountPost(ctx) assert.Contains(t, ctx.Flash.ErrorMsg, req.Message) - assert.EqualValues(t, http.StatusFound, ctx.Resp.Status()) + assert.EqualValues(t, http.StatusSeeOther, ctx.Resp.Status()) } } diff --git a/routers/web/web.go b/routers/web/web.go index 6d2fbedace..b40a43058d 100644 --- a/routers/web/web.go +++ b/routers/web/web.go @@ -96,7 +96,7 @@ func Routes(sessioner func(http.Handler) http.Handler) *web.Route { // this png is very likely to always be below the limit for gzip so it doesn't need to pass through gzip routes.Get("/apple-touch-icon.png", func(w http.ResponseWriter, req *http.Request) { - http.Redirect(w, req, path.Join(setting.StaticURLPrefix, "/assets/img/apple-touch-icon.png"), 301) + http.Redirect(w, req, path.Join(setting.StaticURLPrefix, "/assets/img/apple-touch-icon.png"), http.StatusPermanentRedirect) }) // redirect default favicon to the path of the custom favicon with a default as a fallback @@ -142,17 +142,17 @@ func Routes(sessioner func(http.Handler) http.Handler) *web.Route { routes.Get("/ssh_info", func(rw http.ResponseWriter, req *http.Request) { if !git.SupportProcReceive { - rw.WriteHeader(404) + rw.WriteHeader(http.StatusNotFound) return } rw.Header().Set("content-type", "text/json;charset=UTF-8") _, err := rw.Write([]byte(`{"type":"gitea","version":1}`)) if err != nil { log.Error("fail to write result: err: %v", err) - rw.WriteHeader(500) + rw.WriteHeader(http.StatusInternalServerError) return } - rw.WriteHeader(200) + rw.WriteHeader(http.StatusOK) }) // Removed: toolbox.Toolboxer middleware will provide debug information which seems unnecessary diff --git a/services/auth/sspi_windows.go b/services/auth/sspi_windows.go index cadf721796..3a8c8bed44 100644 --- a/services/auth/sspi_windows.go +++ b/services/auth/sspi_windows.go @@ -109,7 +109,7 @@ func (s *SSPI) Verify(req *http.Request, w http.ResponseWriter, store DataStore, store.GetData()["EnableOpenIDSignIn"] = setting.Service.EnableOpenIDSignIn store.GetData()["EnableSSPI"] = true - err := s.rnd.HTML(w, 401, string(tplSignIn), templates.BaseVars().Merge(store.GetData())) + err := s.rnd.HTML(w, http.StatusUnauthorized, string(tplSignIn), templates.BaseVars().Merge(store.GetData())) if err != nil { log.Error("%v", err) } diff --git a/services/lfs/locks.go b/services/lfs/locks.go index a96e931fd9..fa51470d62 100644 --- a/services/lfs/locks.go +++ b/services/lfs/locks.go @@ -52,7 +52,7 @@ func GetListLockHandler(ctx *context.Context) { if err != nil { log.Debug("Could not find repository: %s/%s - %s", rv.User, rv.Repo, err) ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs") - ctx.JSON(401, api.LFSLockError{ + ctx.JSON(http.StatusUnauthorized, api.LFSLockError{ Message: "You must have pull access to list locks", }) return @@ -139,7 +139,7 @@ func PostLockHandler(ctx *context.Context) { if err != nil { log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err) ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs") - ctx.JSON(401, api.LFSLockError{ + ctx.JSON(http.StatusUnauthorized, api.LFSLockError{ Message: "You must have push access to create locks", }) return @@ -164,7 +164,7 @@ func PostLockHandler(ctx *context.Context) { dec := json.NewDecoder(bodyReader) if err := dec.Decode(&req); err != nil { log.Warn("Failed to decode lock request as json. Error: %v", err) - writeStatus(ctx, 400) + writeStatus(ctx, http.StatusBadRequest) return } @@ -206,7 +206,7 @@ func VerifyLockHandler(ctx *context.Context) { if err != nil { log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err) ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs") - ctx.JSON(401, api.LFSLockError{ + ctx.JSON(http.StatusUnauthorized, api.LFSLockError{ Message: "You must have push access to verify locks", }) return @@ -272,7 +272,7 @@ func UnLockHandler(ctx *context.Context) { if err != nil { log.Error("Unable to get repository: %s/%s Error: %v", userName, repoName, err) ctx.Resp.Header().Set("WWW-Authenticate", "Basic realm=gitea-lfs") - ctx.JSON(401, api.LFSLockError{ + ctx.JSON(http.StatusUnauthorized, api.LFSLockError{ Message: "You must have push access to delete locks", }) return @@ -297,7 +297,7 @@ func UnLockHandler(ctx *context.Context) { dec := json.NewDecoder(bodyReader) if err := dec.Decode(&req); err != nil { log.Warn("Failed to decode lock request as json. Error: %v", err) - writeStatus(ctx, 400) + writeStatus(ctx, http.StatusBadRequest) return } diff --git a/services/migrations/gitea_downloader_test.go b/services/migrations/gitea_downloader_test.go index dc6903e854..601b0a7c79 100644 --- a/services/migrations/gitea_downloader_test.go +++ b/services/migrations/gitea_downloader_test.go @@ -25,7 +25,7 @@ func TestGiteaDownloadRepo(t *testing.T) { } resp, err := http.Get("https://gitea.com/gitea") - if err != nil || resp.StatusCode != 200 { + if err != nil || resp.StatusCode != http.StatusOK { t.Skipf("Can't reach https://gitea.com, skipping %s", t.Name()) } diff --git a/services/migrations/gitlab.go b/services/migrations/gitlab.go index d3a034e27c..549e3cb659 100644 --- a/services/migrations/gitlab.go +++ b/services/migrations/gitlab.go @@ -91,7 +91,7 @@ func NewGitlabDownloader(ctx context.Context, baseURL, repoPath, username, passw u, _ := url.Parse(baseURL) for len(pathParts) >= 2 { _, resp, err = gitlabClient.Version.GetVersion() - if err == nil || resp != nil && resp.StatusCode == 401 { + if err == nil || resp != nil && resp.StatusCode == http.StatusUnauthorized { err = nil // if no authentication given, this still should work break } @@ -619,7 +619,7 @@ func (g *GitlabDownloader) GetPullRequests(page, perPage int) ([]*base.PullReque func (g *GitlabDownloader) GetReviews(reviewable base.Reviewable) ([]*base.Review, error) { approvals, resp, err := g.client.MergeRequestApprovals.GetConfiguration(g.repoID, int(reviewable.GetForeignIndex()), gitlab.WithContext(g.ctx)) if err != nil { - if resp != nil && resp.StatusCode == 404 { + if resp != nil && resp.StatusCode == http.StatusNotFound { log.Error(fmt.Sprintf("GitlabDownloader: while migrating a error occurred: '%s'", err.Error())) return []*base.Review{}, nil } diff --git a/services/migrations/gitlab_test.go b/services/migrations/gitlab_test.go index 52edb2af8f..e63d674186 100644 --- a/services/migrations/gitlab_test.go +++ b/services/migrations/gitlab_test.go @@ -28,7 +28,7 @@ func TestGitlabDownloadRepo(t *testing.T) { } resp, err := http.Get("https://gitlab.com/gitea/test_repo") - if err != nil || resp.StatusCode != 200 { + if err != nil || resp.StatusCode != http.StatusOK { t.Skipf("Can't access test repo, skipping %s", t.Name()) } diff --git a/services/migrations/onedev_test.go b/services/migrations/onedev_test.go index 55ae7da1fc..0cf1ab852c 100644 --- a/services/migrations/onedev_test.go +++ b/services/migrations/onedev_test.go @@ -19,7 +19,7 @@ import ( func TestOneDevDownloadRepo(t *testing.T) { resp, err := http.Get("https://code.onedev.io/projects/go-gitea-test_repo") - if err != nil || resp.StatusCode != 200 { + if err != nil || resp.StatusCode != http.StatusOK { t.Skipf("Can't access test repo, skipping %s", t.Name()) } diff --git a/templates/swagger/v1_json.tmpl b/templates/swagger/v1_json.tmpl index 3bc6158183..4f2e7dbb1a 100644 --- a/templates/swagger/v1_json.tmpl +++ b/templates/swagger/v1_json.tmpl @@ -1474,7 +1474,7 @@ "204": { "description": "user is a member" }, - "302": { + "303": { "description": "redirection to /orgs/{org}/public_members/{username}" }, "404": { |