forgejo/routers
Giteabot d2efd2bf73
Require repo scope for PATs for private repos and basic authentication (#24362) (#24364)
Backport #24362 by @jolheiser

> The scoped token PR just checked all API routes but in fact, some web
routes like `LFS`, git `HTTP`, container, and attachments supports basic
auth. This PR added scoped token check for them.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-04-26 20:57:51 -04:00
..
api Require repo scope for PATs for private repos and basic authentication (#24362) (#24364) 2023-04-26 20:57:51 -04:00
common Support sanitising the URL by removing extra slashes in the URL (#21333) (#23300) 2023-03-05 02:14:12 -05:00
install Set X-Gitea-Debug header once (#23361) (#23381) 2023-03-09 06:33:05 +08:00
private Refactor the setting to make unit test easier (#22405) 2023-02-20 00:12:01 +08:00
utils Implement FSFE REUSE for golang files (#21840) 2022-11-27 18:20:29 +00:00
web Require repo scope for PATs for private repos and basic authentication (#24362) (#24364) 2023-04-26 20:57:51 -04:00
init.go Refactor setting.Database.UseXXX to methods (#23354) (#23356) 2023-03-07 20:11:44 +08:00