From 076fc98d981aea3533eea363ca1c7e43f77b9802 Mon Sep 17 00:00:00 2001 From: slene Date: Sun, 23 Mar 2014 01:44:02 +0800 Subject: add csrf check --- public/js/app.js | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) (limited to 'public') diff --git a/public/js/app.js b/public/js/app.js index f179342f..df755727 100644 --- a/public/js/app.js +++ b/public/js/app.js @@ -2,6 +2,39 @@ var Gogits = { "PageIsSignup": false }; +(function($){ + // extend jQuery ajax, set csrf token value + var ajax = $.ajax; + $.extend({ + ajax: function(url, options) { + if (typeof url === 'object') { + options = url; + url = undefined; + } + options = options || {}; + url = options.url; + var csrftoken = $('meta[name=_csrf]').attr('content'); + var headers = options.headers || {}; + var domain = document.domain.replace(/\./ig, '\\.'); + if (!/^(http:|https:).*/.test(url) || eval('/^(http:|https:)\\/\\/(.+\\.)*' + domain + '.*/').test(url)) { + headers = $.extend(headers, {'X-Csrf-Token':csrftoken}); + } + options.headers = headers; + var callback = options.success; + options.success = function(data){ + if(data.once){ + // change all _once value if ajax data.once exist + $('[name=_once]').val(data.once); + } + if(callback){ + callback.apply(this, arguments); + } + }; + return ajax(url, options); + } + }); +}(jQuery)); + (function ($) { Gogits.showTab = function (selector, index) { -- cgit v1.2.3 From 1a16b3e99a0be7dbfeba1e683d253a22db5d1af5 Mon Sep 17 00:00:00 2001 From: FuXiaoHei Date: Sun, 23 Mar 2014 16:06:07 +0800 Subject: repo options ui --- public/css/gogs.css | 8 ++++++-- templates/repo/setting.tmpl | 36 +++++++++++++++++++++++++++++++++++- 2 files changed, 41 insertions(+), 3 deletions(-) (limited to 'public') diff --git a/public/css/gogs.css b/public/css/gogs.css index 78040bee..65a6c03d 100755 --- a/public/css/gogs.css +++ b/public/css/gogs.css @@ -346,6 +346,10 @@ html, body { border-left: 4px solid #DD4B39; } +#gogs-repo-setting-container .form-horizontal label { + line-height: 30px; +} + /* gogits user ssh keys */ #gogs-ssh-keys .list-group-item { @@ -575,12 +579,12 @@ html, body { min-width: 200px; } -#gogs-repo-clone .dropdown-menu{ +#gogs-repo-clone .dropdown-menu { width: 400px; padding: 20px; } -#gogs-repo-clone .input-group{ +#gogs-repo-clone .input-group { margin-bottom: 15px; } diff --git a/templates/repo/setting.tmpl b/templates/repo/setting.tmpl index 38c3fd3b..719547b1 100644 --- a/templates/repo/setting.tmpl +++ b/templates/repo/setting.tmpl @@ -19,7 +19,41 @@
- +
+ {{.CsrfTokenHtml}} + +
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+
+ +
+
+
-- cgit v1.2.3