tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-07-22 02:08:36 +00:00
Code Releases Activity

Improve OAuth2 provider (correct Issuer, respect ENABLED) (#34966)

Browse Source 
1. Make "Issuer" strictly follow the spec (see comment)
2. Make "/.well-known/openid-configuration" respond 404 if the OAuth2
provider is not enabled.

Then by the way, remove the JSEscape template helper because it is not
needed any more.
This commit is contained in:
wxiaoguang
2025-07-06 13:36:45 +08:00
committed by GitHub
parent 429efc8b4f
commit 3533263ced
10 changed files with 80 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/templates/helper_test.go
View File

@@ -57,10 +57,6 @@ func TestSubjectBodySeparator(t *testing.T) {
"Insufficient\n--\nSeparators")
}
func TestJSEscapeSafe(t *testing.T) {
assert.EqualValues(t, `\u0026\u003C\u003E\'\"`, jsEscapeSafe(`&<>'"`))
}
func TestSanitizeHTML(t *testing.T) {
assert.Equal(t, template.HTML(`<a href="/" rel="nofollow">link</a> xss <div>inline</div>`), SanitizeHTML(`<a href="/">link</a> <a href="javascript:">xss</a> <div style="dangerous">inline</div>`))
}