forgejo

mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-06-02 08:50:50 +00:00

History

Lunny Xiao e97e883ad5 Add reverseproxy auth for API back with default disabled (#26703 ) This feature was removed by #22219 to avoid possible CSRF attack. This PR takes reverseproxy auth for API back but with default disabled. To prevent possbile CSRF attack, the responsibility will be the reverseproxy but not Gitea itself. For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`, they should know what they are doing. --------- Co-authored-by: Giteabot <teabot@gitea.io>	2023-09-07 08:31:46 +00:00
..
app.example.ini	Add reverseproxy auth for API back with default disabled (#26703 )	2023-09-07 08:31:46 +00:00

Add reverseproxy auth for API back with default disabled (#26703 )

This feature was removed by #22219 to avoid possible CSRF attack.

This PR takes reverseproxy auth for API back but with default disabled.

To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.

For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.

---------

Co-authored-by: Giteabot <teabot@gitea.io>

2023-09-07 08:31:46 +00:00

app.example.ini

Add reverseproxy auth for API back with default disabled (#26703 )

2023-09-07 08:31:46 +00:00