peezy-tech/jojo
2
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo.git synced 2026-05-12 22:10:25 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
jojo/routers
History
Gusted 37973790dc fix: verify code challenge of S256 
We do not know for sure, but it is quite likely someone assumed implicit
fallthrough. This meant that if someone used S256 for PKCE, it simply
did not verify the code challenge and always accepted it.

PKCE only started working recently as it was broken for a long time
already, forgejo/forgejo!8678
2026-03-06 11:20:50 -07:00
..
api [v11.0/forgejo] 2025-11-21 combined security patches (#10039) 2025-11-21 04:31:31 +01:00
common [v11.0/forgejo] chore: branding import path (#7354) 2025-03-27 20:13:05 +00:00
install [v11.0/forgejo] chore: branding import path (#7354) 2025-03-27 20:13:05 +00:00
private fix(sec): only degrade permission check for git push 2025-05-02 07:05:38 +02:00
utils [PORT] drop utils.IsExternalURL (and expand IsRiskyRedirectURL tests) (#3167) 2024-04-15 13:03:08 +00:00
web fix: verify code challenge of S256 2026-03-06 11:20:50 -07:00
init.go [v11.0/forgejo] chore: branding import path (#7354) 2025-03-27 20:13:05 +00:00