diff options
| author | Rowan Bohde <rowan.bohde@gmail.com> | 2024-11-28 03:50:27 +0100 |
|---|---|---|
| committer | Earl Warren <contact@earl-warren.org> | 2024-12-03 10:19:22 +0100 |
| commit | 2e00ae4cddff6ba04fb52adc44b21293857f4267 (patch) | |
| tree | ba85bf1d629e101311d2122b535e3b4cc951dd90 /services | |
| parent | Add github compatible tarball download API endpoints (#32572) (diff) | |
| download | forgejo-2e00ae4cddff6ba04fb52adc44b21293857f4267.tar.xz forgejo-2e00ae4cddff6ba04fb52adc44b21293857f4267.zip | |
Validate OAuth Redirect URIs (#32643)
This fixes a TODO in the code to validate the RedirectURIs when adding
or editing an OAuth application in user settings.
This also includes a refactor of the user settings tests to only create
the DB once per top-level test to avoid reloading fixtures.
(cherry picked from commit 16a7d343d78807e39df124756e5d43a69a2203a3)
Conflicts:
services/forms/user_form.go
tests/integration/user_settings_test.go
simple conflicts
Diffstat (limited to 'services')
| -rw-r--r-- | services/forms/user_form.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/services/forms/user_form.go b/services/forms/user_form.go index afd3a42982..3ba8724c92 100644 --- a/services/forms/user_form.go +++ b/services/forms/user_form.go @@ -388,7 +388,7 @@ func (f *NewAccessTokenForm) GetScope() (auth_model.AccessTokenScope, error) { // EditOAuth2ApplicationForm form for editing oauth2 applications type EditOAuth2ApplicationForm struct { Name string `binding:"Required;MaxSize(255)" form:"application_name"` - RedirectURIs string `binding:"Required" form:"redirect_uris"` + RedirectURIs string `binding:"Required;ValidUrlList" form:"redirect_uris"` ConfidentialClient bool `form:"confidential_client"` } |