Commit graph

458 commits

Author SHA1 Message Date
YunoHost Bot
3ecdb97bf6 Update from Weblate. (#85)
* Added translation using Weblate (Russian)
* [i18n] Translated using Weblate (Russian)
Currently translated at 12.1% (5 of 41 strings)
2017-08-07 18:24:55 +02:00
Evgeniy Ozhiganov
a4445a862b [i18n] Translated using Weblate (Russian)
Currently translated at 12.1% (5 of 41 strings)
2017-08-07 18:20:56 +02:00
Ozhiganov
c7bc762ea3 Added translation using Weblate (Russian) 2017-07-21 05:20:01 +02:00
Laurent Peuch
50fcc831bf [mod] comment didn't matched reality 2017-05-27 19:19:48 +02:00
opi
aca5f054ab Update changelog for 2.6.8 release 2017-05-23 21:46:14 +02:00
Laurent Peuch
c1a388ccf0 Merge pull request #84 from YunoHost/caching_for_hash
[enh] uses caching for hash to avoid heavy recalculation and process spawning
2017-05-23 21:40:30 +02:00
Laurent Peuch
5157415ce3 [fix] remove tabs 2017-05-23 07:26:41 +02:00
Laurent Peuch
76677fab0d [enh] uses caching for hash to avoid heavy recalculation and process spawning 2017-05-22 23:01:18 +02:00
opi
37c0980155 Update changelog for 2.6.7 release 2017-05-18 09:14:33 +02:00
opi
d105b28ccf [fix] sidddy takes 3 d 2017-05-18 08:56:48 +02:00
opi
25ce273120 [love] Add siddy to contributors file.
Thanks for you security reviews !
2017-05-18 08:54:45 +02:00
sidddy
fc52f05459 Quick fix for CDA security issue 2017-05-18 08:45:20 +02:00
Laurent Peuch
98a6879ab4 [fix] don't include ip in token, this is useless and make infinite redirection\n\nIt has been confirmed by a security friend that this was nearly useless here since the token is marked as Secure and can only be exchanged on https so if someone managed to steal it the user have way more important problems. 2017-05-18 08:40:33 +02:00
Laurent Peuch
2456eda200 [fix] Use hmac_sha512 instead of md5 for cookie hashing. Don't store the key in token anymore (#80)
* [fix] uses hmac_sha512 for hasing the token and don't store the key in it anymore
* [mod] remove python script and talk directly to openssl
2017-05-18 08:34:36 +02:00
Laurent Peuch
96b077fe02 Merge pull request #79 from YunoHost/crypto_random
[fix] uses a cryptographically secure source of randomness
2017-05-17 21:37:55 +02:00
Laurent Peuch
c5bb6ef2ae [fix] uses a cryptographically secure source of randomness 2017-05-15 03:29:34 +02:00
opi
46b6d1048e Update changelog for 2.6.6 release 2017-05-12 22:51:24 +02:00
opi
737ebba474 Merge branch 'acl_on_basic_http_auth' into stable 2017-05-12 22:49:12 +02:00
Laurent Peuch
c019f9d208 [fix] check users ACL on http basic auth 2017-05-12 22:45:19 +02:00
Alexandre Aubin
442147bbbe Update changelog for 2.6.5 release 2017-05-12 22:45:19 +02:00
Jeroen Keerl
2a648b8475 [i18n] Translated using Weblate (Dutch)
Currently translated at 95.1% (39 of 41 strings)
2017-05-12 22:45:19 +02:00
Fabian Gruber
4450ba8f95 [i18n] Translated using Weblate (German)
Currently translated at 100.0% (41 of 41 strings)
2017-05-12 22:45:19 +02:00
Alexandre Aubin
d0709ff1f3 Adding link to bugtracker 2017-05-12 22:45:19 +02:00
JimboJoe
5228bf4f0c [fix] Fix tile not displayed when app is installed on root (bug #285) (#71)
* Fix proposal for bug #285 (YunoHost tile is not displayed when the app is installed on root path)
* Fix access to administration page
2017-05-12 22:45:19 +02:00
Alexandre Aubin
3a04c42ae6 Update changelog for 2.6.5 release 2017-04-24 13:03:07 -04:00
opi
eba9c6ede2 Merge pull request #76 from yunohost-bot/weblate-yunohost-ssowat
Update from Weblate.
2017-04-24 17:34:20 +02:00
Jeroen Keerl
d7ed67a586 [i18n] Translated using Weblate (Dutch)
Currently translated at 95.1% (39 of 41 strings)
2017-04-24 17:29:57 +02:00
Fabian Gruber
ad274017d9 [i18n] Translated using Weblate (German)
Currently translated at 100.0% (41 of 41 strings)
2017-04-03 01:35:23 +02:00
Alexandre Aubin
25eeff041d Adding link to bugtracker 2017-04-03 01:35:16 +02:00
JimboJoe
b1a1d55e66 [fix] Fix tile not displayed when app is installed on root (bug #285) (#71)
* Fix proposal for bug #285 (YunoHost tile is not displayed when the app is installed on root path)
* Fix access to administration page
2017-04-02 23:47:54 +02:00
opi
edb1ea079c Update changelog for 2.6.4 release 2017-03-14 15:39:44 +01:00
opi
f68c7f9e44 [fix] Remove help-link in portal as they don't link to nothing. Fix #68 2017-03-14 15:32:49 +01:00
opi
ee971b453d Update changelog for 2.6.3 release 2017-03-08 11:13:50 +01:00
opi
16923ffc95 Merge pull request #75 from yunohost-bot/weblate-yunohost-ssowat
Update from Weblate.
2017-03-08 11:12:29 +01:00
opi
a6911d9037 [i18n] Translated using Weblate (French)
Currently translated at 100.0% (41 of 41 strings)
2017-03-08 11:11:29 +01:00
opi
9956a7c1c1 [fix] Validate domain & url before redirection on login. 2017-03-08 11:08:33 +01:00
opi
e6631df5b1 Update changelog for 2.6.2 release 2017-03-02 12:19:11 +01:00
opi
773d7a2830 [enh] Add Trollken to contributors list. 2017-03-02 12:17:40 +01:00
opi
2a8bf7c0a3 Merge pull request #74 from yunohost-bot/weblate-yunohost-ssowat
Update from Weblate.
2017-03-02 12:14:25 +01:00
Trollken
514f8d3d41 [i18n] Translated using Weblate (Portuguese)
Currently translated at 100.0% (39 of 39 strings)
2017-02-28 15:39:01 +01:00
opi
fff95314ce [fix] Use local variables for cookie's expired_time. 2017-02-28 15:38:46 +01:00
opi
6bd8eb1a90 [fix] Delete cookies on logout. 2017-02-28 15:36:45 +01:00
opi
2eb38d3eaa [enh] Add 'Secure' flag in cookies. 2017-02-28 15:36:04 +01:00
opi
a2af42144b [fix] Use 'Expires' instead of 'Max-Age' for every cookie for consistency. 2017-02-28 15:23:40 +01:00
JimboJoe
fb99ee2177 Fix HTTP cookie caching
- Use "Expires" instead of "Max-Age" when using a cookie date (Max-Age is used with an interval of seconds in the future: https://en.wikipedia.org/wiki/HTTP_cookie#Expires_and_Max-Age)
- Fix cookie dates to be compliant with specifications

Fixes errors with various "picky" clients (for example, Lightroom/Piwigo plugin).
2017-02-28 15:19:28 +01:00
opi
1faf47e6b2 Merge pull request #67 from YunoHost/fix-633_caching_issue
[fix] Refresh ldap info before loading page that requires it, fixes #633
2017-02-28 11:17:44 +01:00
Julien Malik
fd3338de99 [fix] Refresh ldap info before loading page that requires it, fixes #633 2017-02-28 11:14:22 +01:00
opi
0823062e30 [fix] Escape dash in domain before matching. 2017-02-23 23:14:03 +01:00
opi
e7b39d4d29 [fix] Always redirect to portal when calling logout page. 2017-02-23 17:53:17 +01:00
opi
01e2b20e02 Update changelog for 2.6.1 release 2017-02-02 12:05:08 +01:00