Carpentier Pierre-Francois
636400b75f
Merge pull request #16 from jthiltges/escape
...
Protect against XSS vulnerabilities in URL redirection
2019-01-02 23:54:42 +01:00
John Thiltges
6f98076281
Protect against XSS vulnerabilities in URL redirection
...
- Switch from base64 to URL encoding for the passing the URL, using the built-in Mako filtering
- Apply HTML filtering to Mako output by default
- Disable HTML filtering for nested templates in adduser, modify, and selfmodify
2019-01-02 14:31:10 -06:00
Carpentier Pierre-Francois
1ed654c91b
Update README.rst
2018-02-07 19:54:23 +01:00
Carpentier Pierre-Francois
c329e53811
Update README.rst
2018-02-07 19:52:29 +01:00
Carpentier Pierre-Francois
05e3a0d665
Update README.rst
2017-10-26 10:08:16 +02:00
kakwa
4bd6314b3b
remove useless tests
2017-06-12 19:50:42 +02:00
kakwa
c5dae7039a
remove duplicated import in docs conf.py
2017-06-12 19:47:43 +02:00
kakwa
ca1f78173f
better documenation
2017-06-09 23:40:23 +02:00
kakwa
9ed6007b02
including fastcgi configuration example in the documentation
2017-06-09 23:25:58 +02:00
kakwa
4d696a29ef
adding example for unix socket in defautl conf
2017-06-09 23:24:20 +02:00
kakwa
45d64120ae
adding an nginx configuration exmaple for fastcgi
2017-06-09 23:09:11 +02:00
kakwa
00a4d22dd9
remove pip install method
2017-04-06 21:53:58 +02:00
kakwa
32c513f96e
change install method (pip install just doesn't work)
2017-04-06 21:37:02 +02:00
kakwa
7019cc2348
fix setup.py
2017-04-06 20:58:20 +02:00
kakwa
a404cf0b39
add auto message for tagging script
2017-04-06 20:57:42 +02:00
kakwa
9649803dd6
changelog
2017-04-06 20:52:55 +02:00
kakwa
eecccac106
fix import of version in docs/conf.py and setup.py
2017-04-06 20:46:58 +02:00
kakwa
f357adcd9a
put version in standalone file
...
this way, it avoids error due to missing imports
2017-04-06 20:34:32 +02:00
kakwa
e7998ced78
adding a simple tagging script
2017-04-06 20:28:44 +02:00
kakwa
8270988ed4
changelog + version bump + factorize version
2017-04-06 20:21:31 +02:00
kakwa
2e2453f309
fix camelcase
2017-04-06 01:26:54 +02:00
kakwa
bbb13454bf
more warning removal
2017-04-06 01:21:57 +02:00
kakwa
3378822d2e
fix some warnings
2017-04-06 01:20:51 +02:00
kakwa
6e526b6f15
hack to have a cleaner resize
2017-04-06 00:32:24 +02:00
kakwa
5b1803cb05
changelog + version bump
2017-04-05 23:48:08 +02:00
kakwa
de5f760c37
removing duplicate option in form select fields
2017-04-05 23:37:41 +02:00
kakwa
a33a46e8b8
add dynamic resizing to align input-group-addon
...
* add class to identify the 2 form columns
* add a js that calculate max width and resize all input-group-addon
spans
* load the js in the base template
2017-04-05 23:24:19 +02:00
kakwa
eb36830845
fixes
2017-03-16 03:03:59 +01:00
kakwa
3fd6dcee82
fix issue related to python-ldap returning lists
...
Before, no particular treatment was done on the user attributes.
This caused some issues because python-ldap systematically returns
the attribute value as a list (even if it's mono-valuated).
Now we recover the attributes used in the group attr templates,
and we "normalize" the user attributes before using it in add_to_groups
and del_from_groups.
By normalize, we mean, transforming the list to it's unique value.
In case the attribute doesn't exist or is multi-valuated, it raises an
error.
2017-03-16 02:45:23 +01:00
kakwa
55ce2bec5e
small cleaning
2017-03-16 02:40:23 +01:00
kakwa
e02a1a7f28
adding posixGroups in test ldap
2017-03-16 02:39:41 +01:00
kakwa
f9a3051328
Merge branch 'master' of https://github.com/kakwa/ldapcherry
2017-03-12 17:46:49 +01:00
kakwa
e4effc64ec
fixing log errors in auth "none" mode
...
replacing None by unknown as a default value in order to avoid
error in generating log msg because None is not a string
2017-03-12 17:45:01 +01:00
Carpentier Pierre-Francois
b3a361afee
remove broken download stats badge
2017-03-10 00:43:51 +01:00
kakwa
a802ce772a
adding documention of textfielf and better documenation for other types
2017-03-07 23:21:27 +01:00
kakwa
3a1966324d
adding more try catch for template debugging
2017-03-07 22:34:05 +01:00
kakwa
819e575a28
pep8ification
2017-03-07 22:23:11 +01:00
Carpentier Pierre-Francois
12bb597903
Merge pull request #6 from rooty0/feat/template-parse-error
...
adding support for display template parse error
2017-03-07 22:19:15 +01:00
Carpentier Pierre-Francois
7afe6c0ca7
Merge pull request #5 from rooty0/feat/add-textarea
...
adding textarea
2017-03-07 22:14:18 +01:00
Stan Rudenko
e1a27aa0a7
adding support for display template parse error
2017-03-02 19:06:54 -08:00
Stan Rudenko
f7f72c7e11
adding textarea
2017-03-02 18:47:49 -08:00
kakwa
e37b88dbda
fix some errors in unused code
2017-01-31 20:59:49 +01:00
kakwa
d7303da85f
fix test configuration
2017-01-24 03:06:48 +01:00
kakwa
44024dbd02
trying to add test on AD/DC for travis
2017-01-24 02:52:16 +01:00
kakwa
5a45a24055
proper exception in ldap backend
...
adding proper management of none existant user in group function
if user doesn't exist.
2016-08-01 19:57:51 +02:00
kakwa
0a4db74f1f
version bump
2016-07-31 13:14:31 +02:00
kakwa
f747252585
add changelog
2016-07-31 12:30:54 +02:00
kakwa
7f00264e32
improve robustness if user dn attribute contains something like ,cn=
2016-07-31 12:21:26 +02:00
kakwa
d820cceeb6
pep8
2016-07-31 11:41:42 +02:00
kakwa
d4235bc33c
better behavior if user doesn't exist in one backend
2016-07-31 11:39:28 +02:00