Inicio Explorar Axuda
Rexistro Iniciar sesión
SKZH
/
ITSSTOOLS
3
0
Fork 0
Ficheiros Incidencias 0 Pull Requests 0 Wiki
Árbore: 7aa7552c8c
Ramas Etiquetas

Commit History

Autor SHA1 Mensaxe Data
  dflaven 7aa7552c8c #923: prevent XSS injection in forgot password page. %!s(int64=11) %!d(string=hai) anos
  dflaven c3424e0e4f Make the Basic Authentication (login_mode=basic) work with non-ASCII characters (in the username as well as in the password), though this may depend on the browser... %!s(int64=11) %!d(string=hai) anos
  romainq 80bac465b4 Fixed regression introduced with "forgot password": button to reset the user password labelled as "Send now!" %!s(int64=11) %!d(string=hai) anos
  romainq ec9c11a5c8 The login web page must NOT be cached by the web browsers %!s(int64=11) %!d(string=hai) anos
  romainq 5fb42b0290 Internal: failed authentication to return error 401 instead of prompting the end-user (to be exploited by the ajax calls) %!s(int64=11) %!d(string=hai) anos
  romainq 030f809391 Cosmetics on the login web page %!s(int64=12) %!d(string=hai) anos
  romainq d61e857b5d New feature: Forgot password -> email to reset (possibly disabled in the config file) %!s(int64=12) %!d(string=hai) anos
  romainq 99037986ae Compiler: added brand management %!s(int64=12) %!d(string=hai) anos
  dflaven 69a0bc3ee7 #732: Change password: exit after building the page in case of wrong "old" password %!s(int64=12) %!d(string=hai) anos
  dflaven 904df7b800 Support non scalar posted parameters... %!s(int64=12) %!d(string=hai) anos
  dflaven 1869fd0fea Preserve POSted parameters on the login web page (useful when the session expires) %!s(int64=12) %!d(string=hai) anos
  romainq a2d6746d60 #634 Detection of HTTPS not working with nginx (iTop always considering the current connection as being secure) %!s(int64=12) %!d(string=hai) anos
  romainq eafa11ecfe Updated copyright (2012) and license (LGPL changed to AGPL) %!s(int64=12) %!d(string=hai) anos
  romainq d0bb4288d2 Config: use app_icon_url to change the hyperlink used when clicking on the main icon %!s(int64=12) %!d(string=hai) anos
  dflaven 59fb31a6e1 Added the ability to display a custom welcome/disclaimer message at the bottom of the login form. %!s(int64=13) %!d(string=hai) anos
  dflaven 8efc46c91e Fix for Trac#519 - change password bug ! %!s(int64=13) %!d(string=hai) anos
  dflaven 648af437b5 Fixed absolute/relative path issues in the JS and href places %!s(int64=13) %!d(string=hai) anos
  romainq 8b6fec98fb Setup based on either compiled modules or xml datamodel files (or both). %!s(int64=13) %!d(string=hai) anos
  dflaven eff5aff0a6 Added self-registering / user synchronization extensibility %!s(int64=13) %!d(string=hai) anos
  dflaven f14d813aac Make sure that the path/href base is correct to display the page (images, CSS...) %!s(int64=13) %!d(string=hai) anos
  dflaven db2209624a - New way to handle sessions compatible with multiple environments %!s(int64=13) %!d(string=hai) anos
  dflaven ac08cc566e Use the default language when creating a new user from CAS %!s(int64=13) %!d(string=hai) anos
  dflaven c07df38add Support patterns for the definition of casMemberOf groups. %!s(int64=13) %!d(string=hai) anos
  dflaven 5f089842e6 Automatic synchro of CAS users %!s(int64=14) %!d(string=hai) anos
  romainq 9e4db3f3b0 #484 Fixed issue with IIS ("Wrong password" at first prompt) %!s(int64=14) %!d(string=hai) anos
  dflaven 32a4ceba39 More fixes for Trac#446: XSS vulnerabilities with vectors containing double quotes %!s(int64=14) %!d(string=hai) anos
  romainq 8dba345e7d #446 XSS vector on the login web page %!s(int64=14) %!d(string=hai) anos
  dflaven 253a2ee596 Fixed Trac#446: XSS vulnerabilities... to be tested ! %!s(int64=14) %!d(string=hai) anos
  dflaven 8c96ea3aa5 CAS authentication improvements: %!s(int64=14) %!d(string=hai) anos
  dflaven ec174a7ab8 Use absolute URLs as much as possible to be independent from the page being executed... %!s(int64=14) %!d(string=hai) anos

Posterior Anterior