mirrors/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2024-12-28 18:40:29 +00:00
Code Issues Projects Releases Wiki Activity
wallabag/tests/Wallabag/CoreBundle
History
Kevin Decherf aa06e8328e ConfigController: remove 2fa cancel step 
This change annoys me, however this endpoint was anyway problematic:
- it was vulnerable to a CSRF attack, see GHSA-56fm-hfp3-x3w3
- it is useless as we don't really handle a two-steps validation

Still, if you send an incorrect code during the "activation" phase a
flash error will pop up but the 2fa will stay enabled. This need rework
when possible.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
..
Command Update all Doctrine deps 2022-12-16 10:29:42 +01:00
Controller ConfigController: remove 2fa cancel step 2023-09-30 00:49:58 +02:00
Entity Use lang attribute 2020-01-23 21:21:54 +01:00
Event Replace GetResponseEvent by RequestEvent 2023-08-07 22:34:47 +01:00
fixtures Add support to download SVG locally 2022-10-18 11:14:45 +02:00
Form/DataTransformer Add missing TestCase namespace 2017-12-18 13:29:33 +01:00
GuzzleSiteAuthenticator Upgrade to Symfony 4.4 2022-11-29 18:01:46 -08:00
Helper Merge pull request #6562 from Simounet/fix/downloadimages-redirect-following 2023-05-31 15:04:02 +02:00
ParamConverter Update to FOSUserBundle 3.1 2022-12-14 09:42:17 +01:00
Tools Counting two characters together as a word in CJK 2019-01-06 01:21:13 +08:00
Twig Move to controller as a service 2022-12-19 10:38:08 +01:00
WallabagCoreTestCase.php Merge pull request #6813 from yguedidi/replace-client-by-kernelbrowser 2023-08-08 23:36:06 +02:00