gitea/modules
silverwind cda44750cb
Attachments: Add extension support, allow all types for releases (#12465)
* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-10-05 01:49:33 -04:00
..
analyze Exclude generated files from language statistics (#11653) 2020-05-29 09:20:01 +03:00
auth hCaptcha Support (#12594) 2020-10-02 23:37:53 -04:00
avatar Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) 2020-09-06 20:53:33 +01:00
base Use a simple format for the big number on ui (#12822) 2020-09-16 00:07:18 -04:00
cache Allow common redis and leveldb connections (#12385) 2020-09-28 00:09:46 +03:00
charset Ensure that the detected charset order is set in chardet test (#12574) 2020-08-23 14:15:29 +01:00
context Return sample message for login error in api context (#12994) 2020-10-04 17:39:31 -04:00
convert [#13004] Add Timestamp to Tag list API (#13026) 2020-10-05 12:07:54 +08:00
cron Mirror System Notice reports are too frequent (#12438) 2020-08-05 21:40:36 +01:00
emoji Fix emoji detection in certain cases (#12320) 2020-07-25 16:40:04 +03:00
eventsource Move EventSource to SharedWorker (#12095) 2020-07-03 10:55:36 +01:00
generate Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
git Fix 500 on README in submodule (#13006) 2020-10-02 09:27:44 -04:00
gitgraph Render the git graph on the server (#12333) 2020-08-06 09:04:08 +01:00
graceful Set TLS minimum version to 1.2 (#12689) 2020-09-02 23:37:49 +01:00
hcaptcha hCaptcha Support (#12594) 2020-10-02 23:37:53 -04:00
highlight Escape failed highlighted code (#12685) 2020-09-02 16:19:42 -04:00
httplib Add golangci (#6418) 2019-06-12 15:41:28 -04:00
indexer fix: use Base36 for all code indexers (#12830) 2020-09-14 13:40:07 +03:00
lfs LFS support to be stored on minio (#12518) 2020-09-08 23:45:10 +08:00
log Re-attempt to delete temporary upload if the file is locked by another process (#12447) 2020-08-11 21:05:34 +01:00
markup fix: media links in org files not liked to media files (#12997) 2020-10-01 11:22:34 -04:00
metrics Prometheus endpoint (#5256) 2018-11-04 22:20:00 -05:00
migrations Hopefully support GH enterprise (#12863) 2020-09-21 10:36:51 -04:00
nosql Allow common redis and leveldb connections (#12385) 2020-09-28 00:09:46 +03:00
notification Fix repository create/delete event webhooks (#13008) 2020-10-02 10:37:46 +01:00
options Rename scripts to build and add revive command as a new build tool command (#10942) 2020-04-03 22:29:12 +03:00
password Check passwords against HaveIBeenPwned (#12716) 2020-09-08 17:06:39 -05:00
pprof Add golangci (#6418) 2019-06-12 15:41:28 -04:00
private Rename models.ProtectedBranchRepoID to models.EnvRepoID and ensure EnvPusherEmail is set (#12646) 2020-08-30 08:24:39 +01:00
process Only write to global gitconfig if necessary (#11876) 2020-06-13 17:47:31 -04:00
public fix go1.15 lint error in modules/public/public.go (#12707) 2020-09-04 16:15:54 +03:00
queue Fix the issue reported on #12385 (#12969) 2020-09-28 19:00:54 -04:00
recaptcha hCaptcha Support (#12594) 2020-10-02 23:37:53 -04:00
references Add spent time to referenced issue in commit message (#12220) 2020-09-04 11:37:37 -04:00
repofiles Add configurable Trust Models (#11712) 2020-09-20 00:44:55 +08:00
repository Completely quote AppPath and CustomConf paths (#12955) 2020-09-28 21:16:52 -04:00
secret Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
session Allow common redis and leveldb connections (#12385) 2020-09-28 00:09:46 +03:00
setting Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
ssh log.Fatal on failure to listen to SSH port (#10795) 2020-03-23 07:59:38 +00:00
storage Add default storage configurations (#12813) 2020-09-29 12:05:13 +03:00
structs [#13004] Add Timestamp to Tag list API (#13026) 2020-10-05 12:07:54 +08:00
svg Fix filepath basename on Windows for SVG bindata (#12241) 2020-07-13 21:16:40 +01:00
sync Fix missing unlock in uniquequeue (#9790) 2020-01-15 23:58:33 +02:00
task [API] Migration: Change ServiceType String (#12672) 2020-09-10 23:29:19 +01:00
templates Use a simple format for the big number on ui (#12822) 2020-09-16 00:07:18 -04:00
test Macaron 1.5 (#12596) 2020-08-27 22:47:17 -04:00
timeutil Fix timezone on issue deadline (#11697) 2020-06-05 18:51:10 -04:00
upload Attachments: Add extension support, allow all types for releases (#12465) 2020-10-05 01:49:33 -04:00
user Add gitea-vet (#10948) 2020-04-05 07:20:50 +01:00
util Completely quote AppPath and CustomConf paths (#12955) 2020-09-28 21:16:52 -04:00
validation [API] Get a single commit via Ref (#10915) 2020-04-07 22:54:46 -04:00
webhook Refactor webhook payload convertion (#12310) 2020-09-04 22:57:13 -04:00