Age | Commit message (Collapse) | Author | |
---|---|---|---|
2024-01-08 | Add support for domain level redirects | Naman Jagdish Gala | |
2023-11-30 | Update dependencies to latest version | Janis Altherr | |
2023-10-18 | Remove FF_CONFIGURABLE_ROOT_DIR Feature Flag | janis | |
2023-10-17 | Support for Mutual TLS | Av1o | |
2023-06-08 | Use pages root directory from API | Janis Altherr | |
2023-04-27 | Make gitlabstub API responses more explicit | Kassio Borges | |
2023-04-04 | Redirect to unique domain | Kassio Borges | |
2022-07-26 | Fixes acme redirection issues when using a wildcard redirect | Filip Aleksic | |
Changelog: fixed | |||
2022-07-05 | Remove rate limits feature flags | feistel | |
Changelog: removed | |||
2022-07-04 | Replace custom extraEnv with native t.setEnv | feistel | |
2022-07-04 | Merge branch 'feat/gitlabstub-tls' into 'master' | Jaime Martinez | |
feat: add tls support to gitlab stub server See merge request gitlab-org/gitlab-pages!809 | |||
2022-07-04 | Merge branch 'refactor/test-ping' into 'master' | Jaime Martinez | |
refactor: use healthcheck path during test ping See merge request gitlab-org/gitlab-pages!795 | |||
2022-07-01 | Add tls support to gitlab stub server | feistel | |
2022-06-30 | Merge branch 'fix/domainresolver-test-race' into 'master' | Jaime Martinez | |
test: fix Flaky TestDomainResolverError race Closes #787 See merge request gitlab-org/gitlab-pages!806 | |||
2022-06-29 | Refactor test ping to use healthcheck path | feistel | |
2022-06-29 | Merge branch 'fix/invalid-writeheader' into 'master' | Jaime Martinez | |
test: prevent invalid writeheader code 0 during tests See merge request gitlab-org/gitlab-pages!802 | |||
2022-06-28 | Fix invalid writeheader code 0 race during tests | feistel | |
2022-06-28 | Fix Flaky TestDomainResolverError race | feistel | |
2022-06-28 | Merge branch 'fix/test-acme-sigsev' into 'master' | Jaime Martinez | |
test: check for errors in acme tests before passing the body See merge request gitlab-org/gitlab-pages!797 | |||
2022-06-27 | Fix TestSlowRequests test | feistel | |
we do not log the error anymore. | |||
2022-06-22 | Check for errors in acme tests before passing the body | feistel | |
2022-06-22 | Serve 404 if ctx is canceled while resolving a domain | feistel | |
2022-06-17 | Extract gitlab stub server in a separate package | feistel | |
2022-06-02 | Use TLSConfig and remove IsHTTPS in Metrics config | Vishal Tak | |
Add unit tests and move acceptance tests | |||
2022-06-02 | Add support for tls for metrics | Vishal Tak | |
Changelog: added | |||
2022-05-30 | Merge branch 'feat/unix-sock' into 'master' | Vladimir Shushlin | |
feat: add support for socket listeners See merge request gitlab-org/gitlab-pages!758 | |||
2022-05-30 | Add acceptance tests for socket listeners | feistel | |
2022-04-25 | Replace os.Setenv with testing.SetEnv | feistel | |
2022-04-05 | Merge branch 'refactor/specialized-require' into 'master' | Jaime Martinez | |
test: replace require.Equal with specialized assertions See merge request gitlab-org/gitlab-pages!685 | |||
2022-04-01 | Merge branch 'security-validate-session-host' into 'master' | Vladimir Shushlin | |
fix: validate that session was issued on the same host See merge request gitlab-org/security/gitlab-pages!28 | |||
2022-03-24 | fix: validate that session was issued on the same host | Vladimir Shushlin | |
Currently, sessions are valid across all domains. And our auth tokens are also valid for all pages projects user has access to. This means that cookie from one website can be reused on the another. Attackers can steal cookies in many different ways. The easiest way would be to setup a validated custom domain, then proxy all requests to pages server, but log the cookies. Once you have a cookie for attackers domain, you can reuse it on any other pages domain the target user has access to. This commit saves current domain in the session and validates it when reading the session. Changelog: security | |||
2022-03-14 | update go-proxyproto and fix tests | vtak | |
2022-02-24 | test: replace require.Equal with specialized assertions | feistel | |
2022-02-22 | Merge branch 'reject-tls-2' into 'master' | Vladimir Shushlin | |
feat: add rate limits on the TLS connection level See merge request gitlab-org/gitlab-pages!700 | |||
2022-02-22 | feat: Always apply TLS limits even without ServerName | Vladimir Shushlin | |
2022-02-21 | feat: Add TLS rate limits | Vladimir Shushlin | |
Changelog: added | |||
2022-02-21 | Merge branch 'set-timeout-in-tests' into 'master' | Jaime Martinez | |
refactor: Always set request timeout in tests See merge request gitlab-org/gitlab-pages!699 | |||
2022-02-18 | refactor: Always set request timeout in tests | Vladimir Shushlin | |
2022-02-16 | reset: go back to initial commit. | yigithankardas | |
2022-02-02 | lint: fix linter issues | feistel | |
2022-01-25 | Merge branch 'refactor/test-tmp' into 'master' | Vladimir Shushlin | |
test: replace tmpdir workaround with native T tmp See merge request gitlab-org/gitlab-pages!598 | |||
2022-01-25 | Merge branch 'cleanup/gitlab-server-stub' into 'master' | Alessio Caiazza | |
test: cleanup gitlab server stub and stubOpts See merge request gitlab-org/gitlab-pages!652 | |||
2022-01-24 | test: replace tmpdir workaround with native T tmp | feistel | |
2022-01-24 | lint: fix gci issues | feistel | |
2022-01-20 | feat: implement graceful shutdown | feistel | |
Changelog: added | |||
2022-01-12 | Merge branch '630-add-rate-limiting-per-domain-name' into 'master' | Jaime Martinez | |
Add rate limiting per domain name See merge request gitlab-org/gitlab-pages!635 | |||
2022-01-11 | feat: add domain rate-limiter | Vladimir Shushlin | |
Changelog: added | |||
2021-12-24 | feat: enable Etag caching | Vladimir Shushlin | |
Changelog: added | |||
2021-12-22 | test: cleanup gitlab server stub and stubOpts | feistel | |
2021-12-21 | fix: wait for process to exit in acceptance tests | Vladimir Shushlin | |