Commit történet

Szerző SHA1 Üzenet Dátum
  dflaven 7aa7552c8c #923: prevent XSS injection in forgot password page. 11 éve
  dflaven c3424e0e4f Make the Basic Authentication (login_mode=basic) work with non-ASCII characters (in the username as well as in the password), though this may depend on the browser... 11 éve
  romainq 80bac465b4 Fixed regression introduced with "forgot password": button to reset the user password labelled as "Send now!" 11 éve
  romainq ec9c11a5c8 The login web page must NOT be cached by the web browsers 12 éve
  romainq 5fb42b0290 Internal: failed authentication to return error 401 instead of prompting the end-user (to be exploited by the ajax calls) 12 éve
  romainq 030f809391 Cosmetics on the login web page 12 éve
  romainq d61e857b5d New feature: Forgot password -> email to reset (possibly disabled in the config file) 12 éve
  romainq 99037986ae Compiler: added brand management 12 éve
  dflaven 69a0bc3ee7 #732: Change password: exit after building the page in case of wrong "old" password 12 éve
  dflaven 904df7b800 Support non scalar posted parameters... 12 éve
  dflaven 1869fd0fea Preserve POSted parameters on the login web page (useful when the session expires) 12 éve
  romainq a2d6746d60 #634 Detection of HTTPS not working with nginx (iTop always considering the current connection as being secure) 12 éve
  romainq eafa11ecfe Updated copyright (2012) and license (LGPL changed to AGPL) 13 éve
  romainq d0bb4288d2 Config: use app_icon_url to change the hyperlink used when clicking on the main icon 13 éve
  dflaven 59fb31a6e1 Added the ability to display a custom welcome/disclaimer message at the bottom of the login form. 13 éve
  dflaven 8efc46c91e Fix for Trac#519 - change password bug ! 13 éve
  dflaven 648af437b5 Fixed absolute/relative path issues in the JS and href places 13 éve
  romainq 8b6fec98fb Setup based on either compiled modules or xml datamodel files (or both). 13 éve
  dflaven eff5aff0a6 Added self-registering / user synchronization extensibility 13 éve
  dflaven f14d813aac Make sure that the path/href base is correct to display the page (images, CSS...) 13 éve
  dflaven db2209624a - New way to handle sessions compatible with multiple environments 13 éve
  dflaven ac08cc566e Use the default language when creating a new user from CAS 13 éve
  dflaven c07df38add Support patterns for the definition of casMemberOf groups. 13 éve
  dflaven 5f089842e6 Automatic synchro of CAS users 14 éve
  romainq 9e4db3f3b0 #484 Fixed issue with IIS ("Wrong password" at first prompt) 14 éve
  dflaven 32a4ceba39 More fixes for Trac#446: XSS vulnerabilities with vectors containing double quotes 14 éve
  romainq 8dba345e7d #446 XSS vector on the login web page 14 éve
  dflaven 253a2ee596 Fixed Trac#446: XSS vulnerabilities... to be tested ! 14 éve
  dflaven 8c96ea3aa5 CAS authentication improvements: 14 éve
  dflaven ec174a7ab8 Use absolute URLs as much as possible to be independent from the page being executed... 14 éve