github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-17 21:17:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
9425ca8b7d0d121ae4d32a03beae34e7da0fb7fe
zot/pkg/api
T
History
Andrei Aaron 9425ca8b7d fix(auth): prevent open redirect via callback_ui (#3844) 
Validate callback_ui and default invalid values to /.
Allow absolute callback_ui only when its origin is allowlisted via http.auth.openid.callbackAllowOrigins (and externalUrl).
Add/adjust unit + controller tests and update examples/docs for relative vs allowlisted absolute redirect

Signed-off-by: Andrei Aaron <andreifdaaron@gmail.com>
2026-03-08 08:13:16 +02:00
..
config
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
constants
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
errors
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
authn_test.go
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
authn.go
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
authz.go
Introduce support for OIDC workload identity federation (#3711)
2026-01-24 21:03:53 -08:00
bearer_aws_secrets_manager_test.go
feat(jwt-asm): support AWS Secrets Manager for JWT verification (#3763)
2026-02-03 09:25:38 -08:00
bearer_aws_secrets_manager.go
feat(jwt-asm): support AWS Secrets Manager for JWT verification (#3763)
2026-02-03 09:25:38 -08:00
bearer_oidc_test.go
feat(oidc): support per-issuer CA (#3760)
2026-02-01 23:57:27 +02:00
bearer_oidc.go
feat(jwt-asm): support AWS Secrets Manager for JWT verification (#3763)
2026-02-03 09:25:38 -08:00
bearer_test.go
feat(jwt-asm): support AWS Secrets Manager for JWT verification (#3763)
2026-02-03 09:25:38 -08:00
bearer.go
feat(jwt-asm): support AWS Secrets Manager for JWT verification (#3763)
2026-02-03 09:25:38 -08:00
controller_internal_test.go
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
controller_test.go
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
controller.go
feat(tls): implement dynamic TLS certificate reloading with file watching (#3792)
2026-02-15 13:01:50 -08:00
cookiestore.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
htpasswd_test.go
test: fix some coverage issues, refactored some of the pagination logic to accomplish this (#3674)
2025-12-23 19:06:13 +02:00
htpasswd.go
fix: add support for sha256 and sha512 in htpasswd (#3497)
2025-11-09 15:28:29 +02:00
ldap.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
mtls_test.go
fix: do not reject requests having an Authorization header if basic auth is disabled (#3673)
2025-12-23 11:30:22 +02:00
proxy_test.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
proxy.go
fix(auth): prevent open redirect via callback_ui (#3844)
2026-03-08 08:13:16 +02:00
recovery.go
fix: migrate to Go module v2 for proper semantic versioning (#3462)
2025-10-16 22:43:47 -07:00
routes_test.go
refactor(test): new apis for creating temporary files (#3605)
2025-12-05 09:54:38 +02:00
routes.go
feat(tls): implement dynamic TLS certificate reloading with file watching (#3792)
2026-02-15 13:01:50 -08:00
runtime_windows.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
runtime.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
session.go
chore: update golangci-lint and fix all issues (#3575)
2025-11-22 23:36:48 +02:00
tls_config_watcher.go
feat(tls): implement dynamic TLS certificate reloading with file watching (#3792)
2026-02-15 13:01:50 -08:00