iarv/znc
1
0
Fork 0
mirror of https://github.com/znc/znc.git synced 2026-05-07 13:54:47 +02:00
Code Issues Packages Projects Releases Wiki Activity
5,061 Commits 6 Branches 90 Tags
724ec2fc1d44e9bd0942378081b657eabdefe228
Commit Graph

60 Commits

Author SHA1 Message Date
dgw 8d5427cf9b Welcome to 2019 
What are we going to do today, Brain?

The same thing we do every year, Pinky: Update all the copyright
headers!

[Skip CI]
 2019-01-01 17:05:05 -06:00
Falk Seidel d647eaabc0 Welcome to 2018 
The same procedure as last year, Miss Sophie?
The same procedure as every year, James.

[skip ci]
 2018-01-19 19:38:58 +00:00
Adam Williams dca012f0b7 Use SameSite=strict cookies consistently (#1450) 2017-10-20 15:31:46 +01:00
Phansa 3189ce7f8a Welcome to 2017 
Welcome to 2017

temp

temp2
 2017-03-12 20:34:26 -04:00
Alexey Sokolov 6fbab7b44c Add CIDR support to TrustedProxy setting 
Fix #1219
 2016-12-25 13:00:02 +00:00
Latchezar Tzvetkoff a9a7f17910 Allow modules to override CSRF protection. 
Useful for Web APIs and all other kinds of things.

API changes:
	- Added public CHTTPSock::GetURI() method
	- Added public CModule::ValidateWebRequestCSRFCheck() method
	- Made CWebSock::GetCSRFCheck() method public so it can be accessed
	  from CModule
	- Added public CWebSock::ValidateCSRFCheck() method

Other changes:
	- Added a Sample Web API module (modules/samplewebapi.cpp) and a
	  simple web form with no CSRF check.

Implements feature request #1180.
 2016-10-05 09:29:40 +01:00
Falk Seidel 8f73840e74 Welcome to 2016 
🎆  Happy 2016 🎆
 2016-01-01 20:11:21 +01:00
Alexey Sokolov a8cd5625bc Merge branch '1.6.x' 2015-12-30 16:13:58 +00:00
Alexey Sokolov 901ead89d5 Fix 404 when accessing web UI with the prefix, but without ending / 
Thanks, txtsd
 2015-12-30 16:13:19 +00:00
Alexey Sokolov d185d6f22d clang-format: switch tabs to spaces 
I like tabs, but I have to admit that spaces make source code more
consistent, because every editor/viewer tends to render tabs differently :(
 2015-12-07 00:53:30 +00:00
Alexey Sokolov 3861b6a583 Fix several comments broken by clang-format 2015-12-07 00:53:01 +00:00
Alexey Sokolov 33b0627d75 Add clang-format configuration. 
For now, it uses tabs like before, to make the diff easier to read/check.
One of following commits will switch it to spaces.
 2015-12-07 00:53:01 +00:00
RealRancor 41f83e8de4 Set HttpOnly for session cookie 2015-09-11 16:51:07 +02:00
J-P Nurmi 21ed56f46a Prefer EndsWith(s) over Right(n) == s 2015-08-14 13:52:12 +02:00
J-P Nurmi 4995e7517e Prefer StartsWith(s) over Left(n) == s 2015-08-14 13:51:44 +02:00
J-P Nurmi d39b20b505 Fix sources to include their respective header 2015-07-14 19:05:23 +02:00
Alexey Sokolov f909dc568a Merge branch '1.6.x' 2015-07-07 20:08:01 +01:00
Pavel Djundik 3bc7b820ac Don't print local ip address on 404 page, fixes #944 
(cherry picked from commit 01279a4efa)
 2015-07-07 20:07:02 +01:00
Alexey Sokolov 144f7984e4 Don't require CSRF token for POSTs if the request uses HTTP Basic auth. 
See #946
 2015-04-16 20:57:29 +01:00
Alexey Sokolov 7719213ea6 Merge branch '1.6.x' 2015-04-16 20:32:58 +01:00
Alexey Sokolov 7c64eba693 Last commit broke async auth, e.g. via imapauth. Fix it. 
See #946
 2015-04-16 20:31:31 +01:00
Alexey Sokolov 0b205db494 Merge branch '1.6.x' 2015-04-16 01:24:43 +01:00
Alexey Sokolov eedcd4c4de Fix rare conflict of HTTP-Basic auth and cookies. 
Fix #946
 2015-04-16 01:21:57 +01:00
Alexey Sokolov e61ee6096f Merge pull request #907 from jpnurmi/weffc++ 
Use member initialization lists [-Weffc++] (#270)
 2015-03-01 12:58:50 -08:00
J-P Nurmi 1d09b41540 Last batch of C++11 range-based for loops (#816) 2015-03-01 21:36:28 +01:00
J-P Nurmi 1d2650d450 Use member initialization lists [-Weffc++] (#270) 2015-03-01 15:00:10 +01:00
J-P Nurmi 5a338d91cb CHTTPSock: C++11 range-based for loops 2015-02-26 09:31:35 +01:00
J-P Nurmi 00b1a7eedf Use CString::StartsWith() 
Replace the use of deprecated CString::Equals(str,bool,int) by
CString::StartsWith(str,cs) which is more pleasant to read.
 2015-02-18 00:42:25 +01:00
Falk Seidel 2e29d49a53 Welcome to 2015 2014-12-31 11:28:38 +01:00
Alexey Sokolov a0ec20b110 Fix HTTP basic auth. 
It looks like it was broken since we implemented cookies...
 2014-12-30 21:35:39 +00:00
J-P Nurmi b822ea8e16 Fix #725: CHTTPSock memory leak - missing deflateEnd() call 2014-10-29 00:19:40 +01:00
J-P Nurmi ef4caae6d1 const correctness fixes 2014-10-03 09:14:12 +02:00
Alexey Sokolov 2a656f539d If web requests starts not with URI prefix, redirect to root of the prefix 
Before it shown the right result even with wrong path (without prefix),
but it worked only with ZNC directly, not via reverse proxy.

Now it won't work with ZNC directly too.
 2014-06-10 21:55:38 +01:00
uu1101 f6a881eeb2 Redirect to URIPrefix for paths outside the prefix 2014-02-16 12:45:10 +01:00
uu1101 c0974d9910 Don't support relative redirects 2014-02-16 12:45:10 +01:00
uu1101 d796fc8312 Add prefix on redirects and strip it on requests 2014-02-16 12:45:09 +01:00
uu1101 88c85b0396 Add URIPrefix listener option 2014-02-16 12:45:09 +01:00
Falk Seidel f19b4caa43 Welcome to 2014 - year 10 with ZNC 2013-12-31 10:10:55 +01:00
Alexey Sokolov 3e56f093f2 X-Forwarded-For: verify the whole chain, from the end 2013-11-14 22:37:36 +04:00
Alexey Sokolov ccbc469168 Merge commit 'refs/pull/349/head' of github.com:znc/znc 2013-11-14 08:27:50 +04:00
Martin Nowack eda4426085 Request secure cookie transmission for HTTPS 
If cookies are not marked as secure, they can be sent
back by the client on unencrypted channels, disclosing
information. With this fix, clients are requested to
send cookies back on a secure channel in case HTTPS is
used.
 2013-08-01 15:14:54 +02:00
Alexey Sokolov b2dcad5fd4 Change ZNC license to Apache 2.0 
The following people agreed with the change, in alphabetical order:
(people who approved in several ways are listed only once)
By email:
- Adam (from Anope)
- Austin Morton
- Brian Campbell
- Christian Walde
- Daniel Holbert
- Daniel Wallace
- Falk Seidel
- Heiko Hund
- Ingmar Runge
- Jim Hull
- Kyle Fuller
- Lee Aylward
- Martin Martimeo
- Matt Harper
- Michael J Edgar
- Michael Ziegler
- Nick Bebout
- Paul Driver
- Perry Nguyen
- Philippe (cycomate)
- Reuben Morais
- Roland Hieber
- Sebastian Ramacher
- Stefan Rado
- Stéphan Kochen
- Thomas Ward
- Toon Schoenmakers
- Veit Wahlich
- Wulf C. Krueger

By IRC:
- CNU
- Jonas Gorski
- Joshua M. Clulow
- Prozac/SHiZNO
- SilverLeo
- Uli Schlachter

At https://github.com/znc/znc/issues/311 :
- Alexey Sokolov
- Elizabeth Myers
- flakes
- Jens-Andre Koch
- Jyzee
- KindOne/ineedalifetoday
- Lee Williams
- Mantas Mikulėnas
- md-5
- Reed Loden

At the last few pull requests' comments:
- Allan Odgaard
- Jacob Baines
- Lluís Batlle i Rossell
- ravomavain
- protomouse

The following commits' authors didn't respond:
Trivial changes:
- f70f1086fd
- 4ca8b50e45

The changes which are not presented in master anymore:
- 5512ed2ea0
- 960a4498f7
- 0f739de2c0
- 7f53cc810b

Fix #311
Fix #218
 2013-06-14 00:43:34 +04:00
Alexey Sokolov 99895c77df Rewrite printing timestamps in znc -D 
Previous commit doing it was 0f739de2c0
 2013-06-04 23:13:17 +04:00
Alexey Sokolov 6569508522 Merge commit 'refs/pull/306/head' of github.com:znc/znc 2013-05-12 08:59:01 +04:00
Siyo 7ee853afaa Fixed redundant removal of trailing spaces 2013-05-10 15:02:21 +02:00
Siyo 3d5ba6af3e Whitelisted X-Forwarded-For header support 2013-05-10 14:19:58 +02:00
Ingmar Runge b0101a6df1 Get rid of empty CHTTPSock::WriteFileGzipped method if there's no zlib. It's still in the header, but this does not have any negative side effects. 2013-03-10 00:28:19 +01:00
Ingmar Runge ea94795646 HTTPSock: Gzip compression for static files (text/* mime types + files 
with .js extension) and dynamic HTML responses (if gzip is available and
the compression method is supported by the requesting HTTP client).
 2013-03-08 09:49:45 +01:00
KindOne 2db7307ac3 Remove unneeded headers. 2013-03-08 01:47:57 +07:00
Un1matr1x 3a34593359 The same procedure as last year, Miss sophie? 
Same procedure as every year, James.
 2012-12-31 12:44:31 +01:00