1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-15 03:12:41 +01:00
No description
Find a file
epriestley f9ac534f25 Support CSRF for logged-out users
Summary: Fixes T4339. If you're anonymous, we use a digest of your session key to generate a CSRF token. Otherwise, everything works normally.

Test Plan: Logged out, logged in, tweaked CSRF in forms -- I'll add some inlines.

Reviewers: btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T4339

Differential Revision: https://secure.phabricator.com/D8046
2014-01-23 14:03:54 -08:00
bin Begin construction of bin/celerity map 2013-12-31 18:02:41 -08:00
conf Remove session limits and sequencing 2014-01-15 17:27:59 -08:00
externals Add a common password blacklist 2014-01-23 14:01:18 -08:00
resources Add dates to notifications page 2014-01-22 20:09:32 -08:00
scripts Fix typo 2014-01-15 10:03:50 -08:00
src Support CSRF for logged-out users 2014-01-23 14:03:54 -08:00
support Disable SimpleXML entity loader in Phabricator 2014-01-23 14:00:44 -08:00
webroot Add dates to notifications page 2014-01-22 20:09:32 -08:00
.arcconfig Use JsShrink if jsxmin is not available 2013-05-18 17:04:22 -07:00
.divinerconfig Centralize rendering of application mail bodies 2012-07-16 19:01:43 -07:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Drive all Celerity operations from the new map 2013-12-31 18:04:25 -08:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Increment year. 2013-01-03 05:45:08 -08:00
README Revert errant commit of example change from an earlier test. 2013-12-17 08:38:42 -08:00

Phabricator is an open source collection of web applications which make it
easier to write, review, and share source code. Phabricator was developed at
Facebook.

It's pretty high-quality and usable, but under active development so things 
may change quickly.

You can learn more about the project and find links to documentation and
resources at: http://phabricator.org/

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.