Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Validate OAuth Redirect URIs #32643

Merged
merged 12 commits into from
Nov 28, 2024
Merged

Validate OAuth Redirect URIs #32643

merged 12 commits into from
Nov 28, 2024

Conversation

bohde
Copy link
Contributor

@bohde bohde commented Nov 25, 2024

This fixes a TODO in the code to validate the RedirectURIs when adding or editing an OAuth application in user settings.

This also includes a refactor of the user settings tests to only create the DB once per top-level test to avoid reloading fixtures.

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 25, 2024
@pull-request-size pull-request-size bot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Nov 25, 2024
@github-actions github-actions bot added the modifies/go Pull requests that update Go code label Nov 25, 2024
@lunny lunny added this to the 1.23.0 milestone Nov 26, 2024
@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Nov 27, 2024
wxiaoguang
wxiaoguang requested changes Nov 27, 2024
View reviewed changes
Copy link
Contributor

@wxiaoguang wxiaoguang left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I do not think EqualFold is right. @lunny

#32643 (comment)

image

image

@GiteaBot GiteaBot added lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 27, 2024
@wxiaoguang
Copy link
Contributor

wxiaoguang commented Nov 27, 2024
edited
Loading

Feel free to discard my change request if the concern is addressed, in case I am not at computer.

@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/blocked A maintainer has reservations with the PR and thus it cannot be merged labels Nov 28, 2024
@lunny lunny added the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Nov 28, 2024
@lunny lunny merged commit 16a7d34 into go-gitea:main Nov 28, 2024
26 checks passed
@GiteaBot GiteaBot removed the reviewed/wait-merge This pull request is part of the merge queue. It will be merged soon. label Nov 28, 2024
zjjhot added a commit to zjjhot/gitea that referenced this pull request Nov 29, 2024
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
7ad51ab 
* giteaofficial/main:
  Refactor render system (orgmode) (go-gitea#32671)
  Improve diff file tree (go-gitea#32658)
  Don't create action when syncing mirror pull refs (go-gitea#32659)
  Allow users with write permission to run actions (go-gitea#32644)
  Validate OAuth Redirect URIs (go-gitea#32643)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lunny lunny lunny approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/go Pull requests that update Go code size/L Denotes a PR that changes 100-499 lines, ignoring generated files.
Projects
None yet
Milestone
1.23.0
Development

Successfully merging this pull request may close these issues.
4 participants
@bohde @wxiaoguang @lunny @GiteaBot