tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-08-26 03:18:28 +00:00
Code Releases Activity

Change action GETs to POST (#10462) (#10464)

Browse Source 
* Change action GETs to POST

* submite = submit + smite

* No more # href

* Fix test

* Match other tests

* Explicit csrf

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
This commit is contained in:
John Olheiser
2020-02-25 15:08:21 -06:00
committed by GitHub
parent 3abb25166c
commit 4cb18601ff
11 changed files with 79 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
routers/routes/routes.go
View File

@@ -485,7 +485,7 @@ func RegisterRoutes(m *macaron.Macaron) {
}, reqSignIn)
m.Group("/:username", func() {
m.Get("/action/:action", user.Action)
m.Post("/action/:action", user.Action)
}, reqSignIn)
if macaron.Env == macaron.DEV {
@@ -517,7 +517,7 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Get("/^:type(issues|pulls)$", user.Issues)
m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones)
m.Get("/members", org.Members)
m.Get("/members/action/:action", org.MembersAction)
m.Post("/members/action/:action", org.MembersAction)
m.Get("/teams", org.Teams)
}, context.OrgAssignment(true))
@@ -525,8 +525,8 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Group("/:org", func() {
m.Get("/teams/:team", org.TeamMembers)
m.Get("/teams/:team/repositories", org.TeamRepositories)
m.Route("/teams/:team/action/:action", "GET,POST", org.TeamsAction)
m.Route("/teams/:team/action/repo/:action", "GET,POST", org.TeamsRepoAction)
m.Post("/teams/:team/action/:action", org.TeamsAction)
m.Post("/teams/:team/action/repo/:action", org.TeamsRepoAction)
}, context.OrgAssignment(true, false, true))
m.Group("/:org", func() {
@@ -660,7 +660,7 @@ func RegisterRoutes(m *macaron.Macaron) {
})
}, reqSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoAdmin, context.RepoRef())
m.Get("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action)
m.Post("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action)
m.Group("/:username/:reponame", func() {
m.Group("/issues", func() {
@@ -714,7 +714,7 @@ func RegisterRoutes(m *macaron.Macaron) {
Post(bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
m.Get("/:id/edit", repo.EditMilestone)
m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
m.Get("/:id/:action", repo.ChangeMilestonStatus)
m.Post("/:id/:action", repo.ChangeMilestonStatus)
m.Post("/delete", repo.DeleteMilestone)
}, context.RepoMustNotBeArchived(), reqRepoIssuesOrPullsWriter, context.RepoRef())
m.Group("/milestone", func() {