vh/rest-server
1
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-12-07 09:36:13 -08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity
284 Commits 1 Branch 14 Tags
83e78c6cd748a8a7a957643561900b6cae0d79a4
Commit Graph

13 Commits

Author SHA1 Message Date
Konrad Wojas
83e78c6cd7 Allow numbers in htpasswd usernames 2021-01-05 00:08:26 +08:00
Juergen Hoetzel
33c41b55bb Security: Prevent loading of usernames containing a slash 
"/" is valid char in HTTP authorization headers, but is also used in
rest-server to map usernames to private repos.

This commit prevents loading maliciously composed usernames like
"/foo/config" by restricting the allowed characters to the unicode
character class, numbers, "-", "." and "@".

Closes #131
 2020-12-28 11:30:00 +01:00
Alexander Neumann
53576a1454 Update changelog template for rest-server 2020-09-13 12:12:58 +02:00
Alexander Neumann
d4b929ef35 Move changelog files for 0.10.0 2020-09-13 11:24:26 +02:00
Alexander Neumann
20603b1622 Remove old changelog 
We've had an intermediate release (0.9.8) not covered by the changelog,
so let's start properly in 0.10.0.
 2020-09-13 11:19:30 +02:00
Alexander Neumann
1488830de1 Add entry to changelog 2020-09-13 11:19:26 +02:00
Alexander Neumann
27264c0a7a Fix changelog template 2020-04-04 21:13:07 +02:00
Alexander Neumann
c69d473fa5 Add changelog 2020-04-04 21:13:07 +02:00
Leo R. Lundgren
6ebedcc0b2 Add .gitkeep to persist changelog/unreleased/ when empty. 2019-12-18 23:14:09 +01:00
Alexander Neumann
7dd5483ea3 Merge pull request #64 from restic/fix-append-only 
Security: Refuse overwriting the config file in append-only mode
 2018-04-02 13:25:46 +02:00
Alexander Neumann
0f4f747b74 Add entry to changelog 2018-04-02 13:09:37 +02:00
Alexander Neumann
9d6316bd6e Add pull request URL 2018-03-24 17:41:54 +01:00
Alexander Neumann
897d5a026c Add changelog generated by calens 
Closes #44
 2018-03-24 17:40:49 +01:00