| Sat, 09 Nov 2019 00:30:37 -0500 |
John Rouillard |
issue2550919 - Anti-bot signup using 4 second delay
|
| Sun, 20 Oct 2019 20:56:56 -0400 |
John Rouillard |
fix rate limit headers - were ints/floats need to be strings
|
| Sat, 06 Jul 2019 13:12:58 -0400 |
John Rouillard |
Fix problem with cgi.escape being depricated a different way. This way
|
| Fri, 14 Jun 2019 21:26:19 -0400 |
John Rouillard |
More extensive EditCSV testing.
|
| Tue, 11 Jun 2019 21:29:24 -0400 |
John Rouillard |
Call cgi.escape only on python 2. Replace with html.escapeif it can be
|
| Fri, 07 Jun 2019 13:50:57 -0400 |
John Rouillard |
Finish up login rate limit code. Set config item to 0 disables, make
|
| Fri, 17 May 2019 19:45:15 -0400 |
John Rouillard |
Rename Store class in rate_limit.py to Gcra. The name Store makes no
|
| Sat, 11 May 2019 17:50:00 -0400 |
John Rouillard |
Change access to config from dict to property. This makes doing the
|
| Sat, 11 May 2019 17:24:58 -0400 |
John Rouillard |
issue2550949: Rate limit password guesses/login attempts.
|
| Sun, 17 Mar 2019 19:00:43 -0400 |
John Rouillard |
python2/python3 normalization. When exporting CSV, sort lists as they
|
| Sat, 16 Feb 2019 15:17:21 -0500 |
John Rouillard |
issue2550833 enhance the export csv action to include the keys for
|
| Sun, 19 Aug 2018 15:11:05 +0100 |
Christof Meerwald |
fixed issue2550993 and added test case
|
| Thu, 16 Aug 2018 20:14:09 +0100 |
Christof Meerwald |
always encode query parameters in sorted order
|
| Sat, 04 Aug 2018 22:40:16 +0100 |
Christof Meerwald |
reworked random number use
|
| Sun, 22 Jul 2018 22:38:53 +0100 |
Christof Meerwald |
fixed incorrect usage of BytesIO
|
| Tue, 24 Jul 2018 23:04:42 +0000 |
Joseph Myers |
Python 3 preparation: update calls to dict methods.
|
| Tue, 24 Jul 2018 22:09:15 +0000 |
Joseph Myers |
Python 3 preparation: use != instead of <>.
|
| Tue, 24 Jul 2018 21:39:58 +0000 |
Joseph Myers |
Python 3 preparation: "raise" syntax.
|
| Sun, 08 Jul 2018 11:34:42 -0400 |
John Rouillard |
A real fix for the problem where:
|
| Sat, 07 Jul 2018 22:02:41 -0400 |
John Rouillard |
Force all uses of random to use SystemRandom and abort if
|
| Wed, 27 Jun 2018 12:01:28 +0200 |
Ralf Schlatterbeck |
Fix password reset
|
| Sat, 12 May 2018 21:28:02 -0400 |
John Rouillard |
Fix collision link to open in new window: target should be _blank not new.
|
| Fri, 20 Apr 2018 18:46:28 +0200 |
Ralf Schlatterbeck |
Fix commits although a Reject exception is raised
|
| Sat, 26 Aug 2017 20:48:57 -0400 |
John Rouillard |
Issue2550716 Email address displayed after password reset request (fix)
|
| Sat, 26 Aug 2017 20:47:06 -0400 |
John Rouillard |
Suppress the "... - nothing changed" status banner presented when a
|
| Sat, 26 Aug 2017 20:27:08 -0400 |
John Rouillard |
Issue2550716 Email address displayed after password reset request (fix)
|
| Thu, 10 Aug 2017 22:35:05 -0400 |
John Rouillard |
Suppress the "... - nothing changed" status banner presented when a
|
| Thu, 24 Aug 2017 22:21:37 -0400 |
Eric S. Raymond |
Use Python-3-compatible 'as' syntax for except statements
|
| Thu, 24 Aug 2017 17:27:49 -0400 |
Eric S. Raymond |
Fix token_split() so its one error throws ValueError w/out extra arg.
|
| Thu, 23 Mar 2017 21:08:30 -0400 |
John Rouillard |
Add nonce to embedded script references.
|
| Sat, 18 Mar 2017 16:59:01 -0400 |
John Rouillard |
issue 2550690 - Adding anti-csrf measures to roundup following
|
| Wed, 08 Mar 2017 22:04:15 -0500 |
rouilj |
Three sets of changes:
|
| Fri, 09 Dec 2016 09:49:25 +0100 |
Ralf Schlatterbeck |
Store template name with saved query
|
| Mon, 15 Aug 2016 20:53:37 -0400 |
John Rouillard |
issue2550755: exceptions.NotFound(msg) msg is not reported to user in cgi.
|
| Sat, 23 Jul 2016 17:21:14 -0400 |
John Rouillard |
Fixed a couple of failing tests for *LoginRedirect in test_actions.py after url validation. Also raise ValueError from examine_url if base url is None.
|
| Sat, 23 Jul 2016 15:22:06 -0400 |
John Rouillard |
rename clean_url method to examine_url. the method doesn't realy clean anything, it throws a ValueError if it finds a problem
|
| Sat, 23 Jul 2016 14:00:49 -0400 |
John Rouillard |
I realized that the __came_from and __redirect_to url parameters I
|
| Fri, 22 Jul 2016 16:32:01 -0400 |
John Rouillard |
issue1842687: Keywords: After creating, stay in "Create New" mode.
|
| Sun, 03 Jul 2016 12:32:35 -0400 |
John Rouillard |
issue2550785: Using login from search (or logout) fails. when
|
| Sun, 03 Jul 2016 10:38:47 -0400 |
John Rouillard |
Added a new cgi action restore. The opposite of (and a clone of) the existing retire action.
|
| Sat, 25 Jun 2016 22:28:19 -0400 |
John Rouillard |
Validate values for Integer and Numeric type filter parameters rather than
|
| Mon, 20 Jun 2016 22:04:32 -0400 |
John Rouillard |
- allow user to recover account password using an entry in the
|
| Sat, 28 Mar 2015 20:26:32 +0200 |
Chau Nguyen |
issue564 from meta tracker
|
| Sun, 05 Jun 2016 00:17:26 -0400 |
John Rouillard |
Add support for an integer type to join the existing number type.
|
| Wed, 11 Feb 2015 00:44:16 +1100 |
John Kristensen |
Remove roundup.anypy.io_
|
| Wed, 06 Jan 2016 16:02:34 +1100 |
John Kristensen |
Fix exception handling to be python2.5 compatible
|
| Sat, 10 Oct 2015 23:35:51 +1100 |
John Kristensen |
Display errors containing HTML with RejectRaw (issue2550847)
|
| Sun, 21 Jun 2015 21:20:10 +0200 |
Ralf Schlatterbeck |
Fix form-parsing for multilinks
|
| Mon, 31 Mar 2014 18:19:23 +0200 |
Ralf Schlatterbeck |
Different approach to fix XSS in issue2550817
|
| Mon, 14 May 2012 17:46:15 +0200 |
Bernhard Reiter |
Committed edited fix for issue2550712 by Cedric Krier.
|
| Mon, 14 May 2012 14:17:07 +0200 |
Ralf Schlatterbeck |
Fix another XSS with the ok- and error message, see issue2550724.
|
| Fri, 15 Jul 2011 12:36:47 +0000 |
Ralf Schlatterbeck |
Fix StringIO issue2550713:
|
| Fri, 15 Apr 2011 08:09:59 +0000 |
Ralf Schlatterbeck |
Add new config-option 'password_pbkdf2_default_rounds'...
|
| Thu, 14 Apr 2011 18:10:58 +0000 |
Ralf Schlatterbeck |
Add new config-option 'migrate_passwords' in section 'web'...
|
| Fri, 10 Sep 2010 06:31:30 +0000 |
Richard Jones |
fixed registration, issue2550665 (thanks Timo Paulssen)
|
| Fri, 26 Feb 2010 00:38:53 +0000 |
Richard Jones |
more modernisation
|
| Sat, 30 Jan 2010 22:58:25 +0000 |
Richard Jones |
fix non-instant rego
|
| Fri, 29 Jan 2010 05:46:59 +0000 |
Richard Jones |
fixes to make registration work again
|
| Mon, 21 Dec 2009 12:00:57 +0000 |
Ralf Schlatterbeck |
Proper handling of 'Create' permissions in both mail gateway...
|
| Mon, 14 Dec 2009 19:43:44 +0000 |
Ralf Schlatterbeck |
Fix linking of an existing item to a newly created item...
|
