From 37fcc8daf2d7d86e4d0f8baaeab0b2e11e5ec8d0 Mon Sep 17 00:00:00 2001 From: Unknwon Date: Fri, 30 Jan 2015 18:05:20 -0500 Subject: modules/base: add RenderCommitMessage with XSS-safe and special links - update russian locale --- gogs.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'gogs.go') diff --git a/gogs.go b/gogs.go index 5711452d..a3c749ce 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.5.12.0120 Beta" +const APP_VER = "0.5.12.0130 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) -- cgit v1.2.3 From 32152d23633c3bf3a1704212a53012d4937e519f Mon Sep 17 00:00:00 2001 From: Unknwon Date: Sat, 31 Jan 2015 15:27:57 -0500 Subject: routers/repo: set raw page content type to 'text/plain' #828 --- README.md | 1 + conf/locale/TRANSLATORS | 3 ++- gogs.go | 2 +- routers/repo/download.go | 8 ++++---- templates/.VERSION | 2 +- 5 files changed, 9 insertions(+), 7 deletions(-) (limited to 'gogs.go') diff --git a/README.md b/README.md index f85e7354..226f2c87 100644 --- a/README.md +++ b/README.md @@ -13,6 +13,7 @@ Gogs(Go Git Service) is a painless self-hosted Git Service written in Go. - Due to testing purpose, data of [try.gogs.io](https://try.gogs.io) has been reset in **Jan 28, 2015** and will reset multiple times after. Please do **NOT** put your important data on the site. - Demo site [try.gogs.io](https://try.gogs.io) is running under `dev` branch. +- If you think there are vulnerabilities in the project, please talk private to **u@gogs.io**, thanks! #### Other language version diff --git a/conf/locale/TRANSLATORS b/conf/locale/TRANSLATORS index 38e4ddc2..c848b05e 100644 --- a/conf/locale/TRANSLATORS +++ b/conf/locale/TRANSLATORS @@ -1,6 +1,7 @@ # This file lists all PUBLIC individuals having contributed content to the translation. # Order of name is meaningless. +Christoph Kisfeld Thomas Fanninger Ɓukasz Jan Niemier -Lafriks \ No newline at end of file +Lafriks diff --git a/gogs.go b/gogs.go index a3c749ce..bdd3a821 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.5.12.0130 Beta" +const APP_VER = "0.5.12.0131 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/routers/repo/download.go b/routers/repo/download.go index 6367c40e..c5e18e00 100644 --- a/routers/repo/download.go +++ b/routers/repo/download.go @@ -25,16 +25,16 @@ func ServeBlob(ctx *middleware.Context, blob *git.Blob) error { buf = buf[:n] } - contentType, isTextFile := base.IsTextFile(buf) + _, isTextFile := base.IsTextFile(buf) _, isImageFile := base.IsImageFile(buf) - ctx.Resp.Header().Set("Content-Type", contentType) + ctx.Resp.Header().Set("Content-Type", "text/plain") if !isTextFile && !isImageFile { ctx.Resp.Header().Set("Content-Disposition", "attachment; filename="+path.Base(ctx.Repo.TreeName)) ctx.Resp.Header().Set("Content-Transfer-Encoding", "binary") } ctx.Resp.Write(buf) - io.Copy(ctx.Resp, dataRc) - return nil + _, err = io.Copy(ctx.Resp, dataRc) + return err } func SingleDownload(ctx *middleware.Context) { diff --git a/templates/.VERSION b/templates/.VERSION index 1674af9a..ab97c4a1 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.5.12.0130 Beta \ No newline at end of file +0.5.12.0131 Beta \ No newline at end of file -- cgit v1.2.3 From 3d9cda2d98940102b1bdffc053e036cc696b9f8e Mon Sep 17 00:00:00 2001 From: Unknwon Date: Sun, 1 Feb 2015 08:46:53 -0500 Subject: public/ng: fix auto-completion #832 --- gogs.go | 2 +- public/js/app.js | 16 ---------------- public/ng/js/gogs.js | 2 +- templates/.VERSION | 2 +- 4 files changed, 3 insertions(+), 19 deletions(-) (limited to 'gogs.go') diff --git a/gogs.go b/gogs.go index bdd3a821..423d3019 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.5.12.0131 Beta" +const APP_VER = "0.5.12.0201 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/public/js/app.js b/public/js/app.js index 23b629e3..61539148 100644 --- a/public/js/app.js +++ b/public/js/app.js @@ -1052,22 +1052,6 @@ function initRepoSetting() { return; } Gogits.getUsers($this.val(), $this.next()); - /*$.ajax({ - url: '/api/v1/users/search?q=' + $this.val(), - dataType: "json", - success: function (json) { - if (json.ok && json.data.length) { - var html = ''; - $.each(json.data, function (i, item) { - html += '
  • ' + item.username + '
    • '; - }); - $this.next().toggleShow(); - $this.next().find('ul').html(html); - } else { - $this.next().toggleHide(); - } - } - });*/ }).on('focus', function () { if (!$(this).val()) { $(this).next().toggleHide(); diff --git a/public/ng/js/gogs.js b/public/ng/js/gogs.js index ff38bda9..f0bb7633 100644 --- a/public/ng/js/gogs.js +++ b/public/ng/js/gogs.js @@ -608,7 +608,7 @@ function initTeamMembersList() { $ul.toggleShow(); } }).next().next().find('ul').on("click", 'li', function () { - $('#org-team-members-add').val($(this).text()); + $('#org-team-members-add').val($(this).find('.username').text()); $ul.toggleHide(); }); } diff --git a/templates/.VERSION b/templates/.VERSION index ab97c4a1..6e3c63ed 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.5.12.0131 Beta \ No newline at end of file +0.5.12.0201 Beta \ No newline at end of file -- cgit v1.2.3 From bfce0def25bab777d9287136c60e6e30e9f18591 Mon Sep 17 00:00:00 2001 From: Unknwon Date: Mon, 2 Feb 2015 23:04:36 -0500 Subject: modules/base: fix README filename checker, fix #877 --- gogs.go | 2 +- modules/base/markdown.go | 8 +++++++- templates/.VERSION | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) (limited to 'gogs.go') diff --git a/gogs.go b/gogs.go index 423d3019..1f0f15b8 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.5.12.0201 Beta" +const APP_VER = "0.5.12.0202 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/modules/base/markdown.go b/modules/base/markdown.go index c7369ab9..d3f3e5fe 100644 --- a/modules/base/markdown.go +++ b/modules/base/markdown.go @@ -63,12 +63,18 @@ func IsImageFile(data []byte) (string, bool) { return contentType, false } +// IsReadmeFile returns true if given file name suppose to be a README file. func IsReadmeFile(name string) bool { name = strings.ToLower(name) if len(name) < 6 { return false + } else if len(name) == 6 { + if name == "readme" { + return true + } + return false } - if name[:6] == "readme" { + if name[:7] == "readme." { return true } return false diff --git a/templates/.VERSION b/templates/.VERSION index 6e3c63ed..aa8ee543 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.5.12.0201 Beta \ No newline at end of file +0.5.12.0202 Beta \ No newline at end of file -- cgit v1.2.3 From f706102890af33c14aa9afc7e62a4c2dd52bd2a4 Mon Sep 17 00:00:00 2001 From: Unknwon Date: Wed, 4 Feb 2015 20:04:01 -0500 Subject: models: sanitize user full name when update settings --- gogs.go | 2 +- models/user.go | 1 + templates/.VERSION | 2 +- 3 files changed, 3 insertions(+), 2 deletions(-) (limited to 'gogs.go') diff --git a/gogs.go b/gogs.go index 1f0f15b8..5e69bd68 100644 --- a/gogs.go +++ b/gogs.go @@ -17,7 +17,7 @@ import ( "github.com/gogits/gogs/modules/setting" ) -const APP_VER = "0.5.12.0202 Beta" +const APP_VER = "0.5.12.0204 Beta" func init() { runtime.GOMAXPROCS(runtime.NumCPU()) diff --git a/models/user.go b/models/user.go index f16fbca3..2da0881c 100644 --- a/models/user.go +++ b/models/user.go @@ -477,6 +477,7 @@ func UpdateUser(u *User) error { } u.Avatar = avatar.HashEmail(u.AvatarEmail) + u.FullName = base.Sanitizer.Sanitize(u.FullName) _, err = x.Id(u.Id).AllCols().Update(u) return err } diff --git a/templates/.VERSION b/templates/.VERSION index aa8ee543..40246b9e 100644 --- a/templates/.VERSION +++ b/templates/.VERSION @@ -1 +1 @@ -0.5.12.0202 Beta \ No newline at end of file +0.5.12.0204 Beta \ No newline at end of file -- cgit v1.2.3