-
- 下载
Merge branch 'mass-assignment-defense-in-depth' into 'master'
Add defense-in-depth against mass assignment in authn/z controllers See merge request https://gitlab.com/gitlab-org/gitlab/-/merge_requests/149029 Merged-by:Douglas Barbosa Alexandre <dbalexandre@gmail.com> Approved-by:
显示
- app/controllers/invites_controller.rb 1 个添加, 1 个删除app/controllers/invites_controller.rb
- app/controllers/oauth/authorizations_controller.rb 1 个添加, 1 个删除app/controllers/oauth/authorizations_controller.rb
- app/controllers/oauth/authorized_applications_controller.rb 2 个添加, 2 个删除app/controllers/oauth/authorized_applications_controller.rb
- app/controllers/omniauth_callbacks_controller.rb 4 个添加, 3 个删除app/controllers/omniauth_callbacks_controller.rb
- app/controllers/passwords_controller.rb 1 个添加, 2 个删除app/controllers/passwords_controller.rb
- app/services/auth/dependency_proxy_authentication_service.rb 1 个添加, 1 个删除app/services/auth/dependency_proxy_authentication_service.rb
- ee/app/controllers/concerns/arkose/token_verifiable.rb 1 个添加, 1 个删除ee/app/controllers/concerns/arkose/token_verifiable.rb
- ee/app/controllers/ee/passwords_controller.rb 1 个添加, 1 个删除ee/app/controllers/ee/passwords_controller.rb
- ee/app/controllers/ee/sessions_controller.rb 1 个添加, 1 个删除ee/app/controllers/ee/sessions_controller.rb
- ee/spec/requests/users/registrations_identity_verification_controller_spec.rb 11 个添加, 0 个删除...rs/registrations_identity_verification_controller_spec.rb
- lib/gitlab/auth/auth_finders.rb 12 个添加, 11 个删除lib/gitlab/auth/auth_finders.rb
- spec/controllers/oauth/authorized_applications_controller_spec.rb 13 个添加, 1 个删除...trollers/oauth/authorized_applications_controller_spec.rb
- spec/controllers/sessions_controller_spec.rb 46 个添加, 0 个删除spec/controllers/sessions_controller_spec.rb
- spec/lib/gitlab/auth/auth_finders_spec.rb 33 个添加, 2 个删除spec/lib/gitlab/auth/auth_finders_spec.rb
- spec/models/user_spec.rb 11 个添加, 0 个删除spec/models/user_spec.rb
加载中
想要评论请 注册 或 登录