From 4ce40fe5606a33a5d80cc8ec34e8afa3820ce718 Mon Sep 17 00:00:00 2001 From: Catherine Date: Tue, 23 Jun 2026 10:32:47 +0000 Subject: [PATCH] Clarify docs on forge authorization for previews. --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 7d9ac9c..29b8e65 100644 --- a/README.md +++ b/README.md @@ -150,7 +150,7 @@ The authorization flow for content updates (`PUT`, `PATCH`, `DELETE`, `POST` req - **Index repository:** If the request URL is `scheme://./`: a *matching* clone URL is computed by templating `[[wildcard]].clone-url` with `` and ``, where `` is computed by templating `[[wildcard]].index-repo` with ``; and a *matching* branch is specified by `[[wildcard]].index-repo-branch`. - **Project repository:** If the request URL is `scheme://.//`: a *matching* clone URL is computed by templating `[[wildcard]].clone-url` with `` and ``; and a *matching* branch is `pages`. 5. **Forge Authorization (wildcard):** If the method is `PUT` or `PATCH` or `DELETE`, and (unless the method is `DELETE`) the body contains an archive, and a `[[wildcard]]` configuration section exists such that `[[wildcard]].domain` is a suffix of the site hostname (compared label-wise), and `[[wildcard]].authorization` is defined, and the request includes a `Forge-Authorization:` header, and the header (when forwarded as `Authorization:`) grants push permissions to a repository at the *matching* clone URL (as defined above) as determined by an API call to the forge, the request is authorized. -6. **Forge Authorization (wildcard, preview):** If the method is `PUT` or `PATCH` or `DELETE`, and (unless the method is `DELETE`) the body contains an archive, and a `[[wildcard]]` configuration section exists such that `[[wildcard]].preview-domain` is a suffix of the site hostname (compared label-wise), and `[[wildcard]].authorization` is `forgejo`, and the request includes a `Forge-Authorization:` header, and the header (when forwarded as `Authorization:`) is mapped by the forge (via the `/api/v1/actions/run` endpoint) to a Forgejo Actions workflow run, and the workflow run corresponds to a *matching* pull request, the request is authorized. +6. _(requires Forgejo 16 and a feature flag)_ **Forge Authorization (wildcard, preview):** If the method is `PUT` or `PATCH` or `DELETE`, and (unless the method is `DELETE`) the body contains an archive, and a `[[wildcard]]` configuration section exists such that `[[wildcard]].preview-domain` is a suffix of the site hostname (compared label-wise), and `[[wildcard]].authorization` is `forgejo`, and the request includes a `Forge-Authorization:` header, and the header (when forwarded as `Authorization:`) is mapped by the forge (via the `/api/v1/actions/run` endpoint) to a Forgejo Actions workflow run, and the workflow run corresponds to a *matching* pull request, the request is authorized. - If the request URL is `scheme://./@/`: a *matching* pull request has a number `` and belongs to the repository with a clone URL computed by templating `[[wildcard]].clone-url` with `` and ``. 7. **Forge Authorization (DNS allowlist):** If the method is `PUT` or `PATCH` or `DELETE`, and (unless the method is `DELETE`) the body contains an archive, and the request URL is `scheme:///`, and a TXT record lookup at `_git-pages-forge-allowlist.` returns a set of well-formed absolute URLs, and the request includes a `Forge-Authorization:` header, and the header (when forwarded as `Authorization:`) grants push permissions to a repository at any of the URLs in the TXT records as determined by an API call to the forge, the request is authorized. 8. **Default Deny:** Otherwise, the request is not authorized.