1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-12-22 13:30:55 +01:00
No description
Find a file
epriestley 7298589c86 Proof of concept mitigation of BREACH
Summary: Ref T3684 for discussion. This could be cleaned up a bit (it would be nice to draw entropy once per request, for instance, and maybe respect CSRF_TOKEN_LENGTH more closely) but should effectively mitigate BREACH.

Test Plan: Submitted forms; submitted forms after mucking with CSRF and observed CSRF error. Verified that source now has "B@..." tokens.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T3684

Differential Revision: https://secure.phabricator.com/D6686
2013-08-07 16:09:05 -07:00
bin Provide a more flexible script for administrative management of audits 2013-08-05 10:35:01 -07:00
conf Add a setup warning for port in mysql.host 2013-07-14 16:57:50 -07:00
externals Provide clearer syntax highlighting for phame posts. Including background colour, overflow scrolling and border. Also support for tt tag differentiation 2013-07-03 06:25:45 -07:00
resources Paste - add support for email replies and subscribers 2013-08-05 17:11:46 -07:00
scripts Provide a more flexible script for administrative management of audits 2013-08-05 10:35:01 -07:00
src Proof of concept mitigation of BREACH 2013-08-07 16:09:05 -07:00
support Proof of concept mitigation of BREACH 2013-08-07 16:09:05 -07:00
webroot Update pinboard view styles, move to PHUI 2013-08-07 10:58:09 -07:00
.arcconfig Use JsShrink if jsxmin is not available 2013-05-18 17:04:22 -07:00
.divinerconfig Centralize rendering of application mail bodies 2012-07-16 19:01:43 -07:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Ignore and README for support/bin 2013-04-03 12:58:39 -07:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Increment year. 2013-01-03 05:45:08 -08:00
README Update README 2013-07-03 12:08:37 -07:00

Phabricator is an open source collection of web applications which make it
easier to write, review, and share source code. Phabricator was developed at
Facebook.

It's pretty high-quality and usable, but under active development so things 
may change quickly.

You can learn more about the project and find links to documentation and
resources at: http://phabricator.org/

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.