Kay0u
af892991af
refactor legacy url protections
2020-02-13 10:06:32 +07:00
Kay0u
9628d51d2d
check permission after unprotected
2020-01-29 18:24:51 +07:00
Kay0u
19ae10200d
fix string.match
2020-01-17 14:56:32 +07:00
Alexandre Aubin
247847a203
Check skipped_urls before protected_urls
2019-12-02 18:13:19 +01:00
Alexandre Aubin
a13a2fee1e
More extensive check between allowed rules vs. protected rules
2019-10-03 23:11:52 +02:00
Alexandre Aubin
1eb322df17
Many tweaks in log system + implement many log messages in low-level functions
2019-10-03 20:42:01 +02:00
Alexandre Aubin
7cb61f1619
Merge branch 'logging' into logging-reloaded
2019-09-24 17:27:44 +02:00
Geoff Montel
1161367d0e
Fixed: bug serving files because of LUA exception
...
"Interrupted system call" during PWDIR change on "popen" function
Restored by removing FIND's wildcard which could yield fo emptiness
(example : `mydir/` is empty; making `cd mydir && find *` yielding
to non argumented FIND function.
Tested on Stretch with nginx (1.10.3-1+deb9u2) and lua5.1 (5.1.5-8.1+b2).
Note that this could lead to bugs, code refactor should enclose lua-filesystem (1.6.3-1),
but I'm a rookie in LUA.
2019-07-14 14:30:37 +02:00
Josué Tille
b0756e2494
Allow access in portail in other domain than main domain
2019-05-17 22:42:52 +02:00
chateau
13257e4de0
allow to redirect sso pages the same way than apps urls (from login page)
2019-03-20 03:17:17 +01:00
Alexandre Aubin
32a9229ef4
Enable cache for 1 hour for static assets
2019-03-19 16:52:43 +01:00
Alexandre Aubin
23e78c2c39
This TODO is done
2019-03-19 15:08:09 +01:00
Alexandre Aubin
0c377c3363
Rename css/js files for semantic + explain their purpose
2019-03-19 00:17:53 +01:00
Alexandre Aubin
67e253211c
This ynhpanel.json has never been used by anything ...
2019-03-18 18:24:49 +01:00
Alexandre Aubin
328c0b73f0
Misc fixes + note about stuff to fix
2019-03-14 17:41:31 +01:00
chateau
9845d99398
Make files in current theme's directory accessibles under " https://server.tld/ynhtheme/ ".
2019-03-09 11:21:12 +01:00
Alexandre Aubin
2f24e82f38
Add trick to access.lua to be able to inject custom/theme css and js when in apps as well
2019-02-23 04:20:01 +01:00
Alexandre Aubin
7dc84973df
Improve comment
2018-12-14 00:31:54 +01:00
ljf (zamentur)
c3a9380361
[fix] PCRE choice if no %. in url regex
2018-12-13 23:23:10 +01:00
ljf
b90153a5ca
[enh] Add comment about lua pattern deprecated
2018-06-24 20:44:28 +02:00
ljf
9cbe43862b
[enh] Add PCRE regex support
2018-06-24 16:04:26 +02:00
Alexandre Aubin
d38d5e3d29
[fix] Force back_url to use HTTPS ( #93 )
2017-10-12 22:06:30 +02:00
sidddy
fc52f05459
Quick fix for CDA security issue
2017-05-18 08:45:20 +02:00
sidddy
ad39e3ded5
Added access log, ignore IP, check acl for basic auth
2017-05-13 15:06:18 +02:00
Laurent Peuch
c019f9d208
[fix] check users ACL on http basic auth
2017-05-12 22:45:19 +02:00
JimboJoe
5228bf4f0c
[fix] Fix tile not displayed when app is installed on root (bug #285 ) ( #71 )
...
* Fix proposal for bug #285 (YunoHost tile is not displayed when the app is installed on root path)
* Fix access to administration page
2017-05-12 22:45:19 +02:00
opi
9956a7c1c1
[fix] Validate domain & url before redirection on login.
2017-03-08 11:08:33 +01:00
opi
0823062e30
[fix] Escape dash in domain before matching.
2017-02-23 23:14:03 +01:00
opi
af53f4d393
[fix] match protected URIs against URL arguments
2016-04-29 17:28:08 +02:00
Maniack Crudelis
3b2bc73df5
Regex non reconnues sur protected_regex
...
Les patterns sont interprétés correctement sur unprotected_regex, mais pas sur protected_regex.
L'ajout de ..hlp.uri_args_string() corrige ça et permet d'interpréter correctement les patterns
2016-04-29 17:28:08 +02:00
kload
0ebddc079a
[fix] Load libraries locally to avoid caching
2015-05-16 09:42:26 +02:00
kload
294b1d6058
[fix] Use 'cache' shared table to store CDA keys and avoid infinite redirections
2015-05-04 19:30:32 +02:00
kload
8953860017
[fix] Efficiently generate random strings
2015-04-30 15:16:51 +02:00
kload
32b730c11f
[fix] Load modules as proper modules + typo
2015-02-15 13:09:15 +01:00
kload
a0163f9f39
[enh] Finish documenting the code
2015-02-15 13:09:15 +01:00
kload
35e69a1bf2
[fix] Separate files properly
2015-02-12 12:08:52 +01:00
kload
84015149b9
[enh] Separate configuration file loading to a new file and document it
2015-02-02 00:05:09 +01:00
Alexis Gavoty
83718fd05e
Merge pull request #28 from opi/master
...
[fix] Do not limit amount of mail aliases & forward.
2014-12-08 20:44:50 +01:00
Alexis Gavoty
48983a6e68
[fix] Do match skipped/redirected/unprotected URIs against URL arguments
2014-12-07 19:40:03 +01:00
opi
b59376814e
[fix] Forget to reset count for maildrop.
2014-11-27 14:20:21 +01:00
opi
696f09c8c2
[fix] Clean cache update according to last commit.
2014-11-27 14:19:52 +01:00
opi
d809c8de6a
[fix] Do not limit amount of mail aliases & forward.
2014-11-27 13:56:34 +01:00
opi
edd3e030f4
[fix] Force portal scheme. Fix #25
2014-11-13 20:27:01 +01:00
opi
d361f0e6bb
[fix] Do not return formatted html in ynhpanel.json
2014-11-13 19:01:16 +01:00
kload
2e1117beff
[enh] Handle local domain (yunohost.local by default) as a main domain replacement
2014-09-13 23:21:21 +02:00
kload
f32f278105
[enh] Limit domains per user
2014-08-19 16:01:14 +02:00
Hnk Reno
8eba1864a6
[fix] Fix small grammatical error.
2014-06-21 12:31:02 +02:00
opi
ad63afbfad
Use proper ngx code for "access denied" page.
2014-06-02 18:09:43 +02:00
Alexis Gavoty
07fb6e5435
[fix] Force string in URI args
2014-05-30 11:58:55 +02:00
kload
27c40011b7
[fix] portal_url for ynhanel.json
2014-05-14 22:27:07 +00:00