Age | Commit message (Expand) | Author |
---|---|---|
2015-10-13 | Only render 404 page from /public | Valery Sizov |
2015-05-11 | Don't symbolize params. | Douwe Maan |
2015-04-20 | Fixed the Rails/ActionFilter cop | Jeroen van Baarsen |
2015-03-10 | Reject access to group/project avatar if the user doesn't have access. | Douwe Maan |
2015-03-03 | Add brakeman rake task and improve code security | Dmitriy Zaporozhets |
2015-02-24 | Merge branch 'master' into extend_markdown_upload | Douwe Maan |
2015-02-24 | Allow non authenticated access to avatars | Dmitriy Zaporozhets |
2015-02-20 | Merge branch 'extend_markdown_upload' into generic-uploads | Douwe Maan |
2015-02-20 | Use controllers to serve uploads, with XSS prevention and access control. | Douwe Maan |