mirrors/git-pages
1
0
Fork 0
mirror of https://codeberg.org/git-pages/git-pages.git synced 2026-05-25 08:32:05 +00:00
Code Issues Packages Projects Releases Wiki Activity
125 Commits 2 Branches 13 Tags
51606aac9887da2271cd2d04589f1f623f8599b5
Commit Graph

18 Commits

Author SHA1 Message Date
Catherine
5765fa7ffa Proxy requests for unknown sites via wildcard fallback URL (if any). 2025-09-21 02:39:44 +00:00
Catherine
d5302e4358 [breaking-change] Allow multiple wildcard domains to be configured. 2025-09-21 00:29:51 +00:00
Catherine
bd294982b2 Disallow Host: values starting with a dot. 
Although these should never appear in first place, allowing them
to proceed into application logic may cause conflicts with reserved
manifest names.
 2025-09-20 07:41:34 +00:00
Catherine
15b2f1ea39 Allow zip and tar archive uploads PUT request. 2025-09-20 07:16:10 +00:00
Catherine
e92b48b99f Expose site manifest to authorized clients. 
As the rules for serving a site get more complex, being able to see
the git-pages' view of the site structure will become increasingly
valuable.

Unauthorized clients are rejected to make enumeration more difficult.
While git-pages isn't designed to serve sensitive data, it is prudent
to recognize that someone somewhere will do it anyway.
 2025-09-19 16:58:01 +00:00
Catherine
46d54503ee Fix DNS allowlist not applying to POST requests. 2025-09-19 14:10:26 +00:00
Catherine
9810a346f0 Refactor authorization code. NFC 2025-09-19 04:08:22 +00:00
Catherine
82bfe278bf [security] Restrict X-Pages-Branch to shared secret authorization only. 2025-09-19 00:57:54 +00:00
Catherine
512d5e928a Clearly indicate insecure mode at startup. 2025-09-19 00:36:35 +00:00
Catherine
af5deb60c6 [breaking-change] Accept multiple index repository patterns. 2025-09-18 23:51:20 +00:00
Catherine
3393c077b5 Add DNS allowlist authorization. 
Also, improve authorization docs and tighten rules for `INSECURE`.
 2025-09-18 21:53:55 +00:00
Catherine
929aedfd2c Use strings.Trim{Prefix,Suffix}. NFC 2025-09-18 20:05:59 +00:00
Catherine
3c46169ba6 Refactor authentication code. 2025-09-18 19:23:59 +00:00
miyuko
cf8abbca28 Wrap errors when calling fmt.Errorf. 2025-09-17 13:14:42 +01:00
Catherine
7fc81d3d97 [breaking-change] Rearchitect for better object store compatibility. 
Co-authored-by: bin <flumf@users.noreply.github.com>
 2025-09-17 05:59:50 +00:00
Catherine
8b8431201b Allow Authorization: Basic as a fallback for GitHub, etc. 2025-09-16 15:57:55 +00:00
Catherine
abaf6d993b Add support for a wildcard domain. 2025-09-15 08:11:30 +00:00
Catherine
b9a26e528f Put sources under src/. 2025-09-15 04:51:51 +00:00