revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-03 04:02:43 +01:00
Code Issues Releases Wiki Activity
phorge-phorge/src/applications/auth
History
epriestley 36c6eb9663 Improve routing of "/robots.txt", "/favicon.ico", "/status/", and 404 on custom Sites 
Summary:
Fixes T12919. Fixes T13636. Prior to this change, some well-known resource paths don't route on sites like ResourceSite.

- `/robots.txt`: Make it route on ResourceSite and just deny the whole site.
- `/favicon.ico`: Make it route on ResourceSite.
- `/status/`: Make it route on ResourceSite.
- 404: Make it render a 404 on ResourceSite.

Test Plan:
  - Visited all URIs on ResourceSite, got sensible responses.
  - Visited all URIs on main site.
  - Visited 404 while logged out, got login page.

Maniphest Tasks: T13636, T12919

Differential Revision: https://secure.phabricator.com/D21606
2021-03-11 14:05:39 -08:00
..
__tests__ Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
action Simplify implementation of "SysetemAction->getSystemActionConstant()" 2019-07-19 15:45:37 -07:00
adapter Remove Facebook OAuth dependency on "security_settings" property 2021-02-19 10:27:42 -08:00
application Replace old hard-coded URI-based "changes saved" jank with new overgeneralized cookie-based "changes saved" jank 2020-04-19 09:04:31 -07:00
capability Auth - add "manage providers" capability 2015-01-12 14:37:58 -08:00
conduit Deactivate SSH keys instead of destroying them completely 2016-05-18 14:54:28 -07:00
constants Replace old hard-coded URI-based "changes saved" jank with new overgeneralized cookie-based "changes saved" jank 2020-04-19 09:04:31 -07:00
controller Remove all readers and all nontrivial writers for "accountType" and "accountDomain" on "ExternalAccount" 2020-02-22 17:48:46 -08:00
data When issuing a "no-op" MFA token because no MFA is configured, don't give the timeline story a badge 2020-01-30 07:35:40 -08:00
editor Actually enforce auth.lock-config 2019-07-15 11:52:55 -07:00
engine Guarantee terms in PhabricatorAuthPasswordEngine are strings 2020-11-03 11:04:49 -08:00
engineextension Allow "Sign with MFA" to be applied as a comment action without requiring "CAN_EDIT" 2019-06-17 10:41:42 -07:00
exception Correctly identify more SSH private key problems as "formatting" or "passphrase" related 2019-11-13 10:22:00 -08:00
extension Improve routing of "/robots.txt", "/favicon.ico", "/status/", and 404 on custom Sites 2021-03-11 14:05:39 -08:00
factor Autofocus the "App Code" input on the TOTP prompt during MFA gates after login 2019-08-08 12:54:22 -07:00
future Replace "URI->setQueryParams()" after initialization with a constructor argument 2019-02-14 11:46:37 -08:00
garbagecollector Add a garbage collector for MFA challenges 2018-12-17 07:00:55 -08:00
guidance Some formatting changes for showing auth provider config guidance 2019-04-17 11:08:16 -07:00
mail Send forced mail on SSH key edits 2016-05-19 15:01:25 -07:00
management Remove all readers and all nontrivial writers for "accountType" and "accountDomain" on "ExternalAccount" 2020-02-22 17:48:46 -08:00
message Allow installs to provide "Request a Username Change" instructions 2019-09-24 11:09:26 -07:00
password Prevent users from selecting excessively bad passwords based on their username or email address 2018-11-06 12:44:07 -08:00
phid Set a URI on Auth Messages, so the "Change Details" dialog from the transaction record has a cancel button 2019-04-30 06:59:04 -07:00
provider Remove Facebook OAuth dependency on "security_settings" property 2021-02-19 10:27:42 -08:00
query Remove all readers and writers of "accountID" on "ExternalAccount" 2020-02-22 17:49:22 -08:00
revoker Add "bin/auth revoke --list" to explain what can be revoked 2018-01-23 14:01:39 -08:00
sshkey Fix an issue where passphrase-protected private keys were stored without discarding passphrases 2020-05-13 08:14:37 -07:00
storage Make AuthProvider, ExternalAccount, and ExternalAccountIdentifier all Destructible 2020-02-22 17:46:29 -08:00
tokentype Redesign Config Application 2016-08-29 15:49:49 -07:00
view Stop exposing raw "accountID" values directly in the web UI 2020-02-22 17:41:55 -08:00
worker Send emails for email invites 2015-02-11 06:06:09 -08:00
xaction Fix an issue where Duo validation could incorrectly apply to other factor types 2019-02-03 06:36:49 -08:00