Merge 7381a313dd into a40192dc12

[skip ci] Updated translations via Crowdin
OIDC: case-insensitive comparison for auth scheme Basic (#31706 )
2024-07-27 17:17:08 +02:00 · 2024-07-27 13:15:37 +08:00 · 2024-07-27 00:27:00 +00:00 · 2024-07-26 19:51:45 +00:00 · 2024-07-23 20:17:45 +02:00
4 changed files with 15 additions and 7 deletions
--- a/.eslintrc.yaml
+++ b/.eslintrc.yaml
@ -568,7 +568,7 @@ rules:
  no-jquery/no-param: [2]
  no-jquery/no-parent: [0]
  no-jquery/no-parents: [2]
-  no-jquery/no-parse-html-literal: [0]
+  no-jquery/no-parse-html-literal: [2]
  no-jquery/no-parse-html: [2]
  no-jquery/no-parse-json: [2]
  no-jquery/no-parse-xml: [2]
--- a/options/locale/locale_pt-PT.ini
+++ b/options/locale/locale_pt-PT.ini
@ -2981,6 +2981,10 @@ emails.not_updated=Falhou a modificação do endereço de email solicitado: %v
 emails.duplicate_active=Este endereço de email já está a ser usado por outro utilizador.
 emails.change_email_header=Modificar propriedades do email
 emails.change_email_text=Tem a certeza que quer modificar este endereço de email?
+emails.delete=Eliminar email
+emails.delete_desc=Tem a certeza que quer eliminar este endereço de email?
+emails.deletion_success=O endereço de email foi eliminado.
+emails.delete_primary_email_error=Não pode eliminar o email principal.

 orgs.org_manage_panel=Gestão das organizações
 orgs.name=Nome
--- a/routers/web/auth/oauth.go
+++ b/routers/web/auth/oauth.go
@ -327,7 +327,7 @@ func getOAuthGroupsForUser(ctx go_context.Context, user *user_model.User) ([]str

 func parseBasicAuth(ctx *context.Context) (username, password string, err error) {
 	authHeader := ctx.Req.Header.Get("Authorization")
-	if authType, authData, ok := strings.Cut(authHeader, " "); ok && authType == "Basic" {
+	if authType, authData, ok := strings.Cut(authHeader, " "); ok && strings.EqualFold(authType, "Basic") {
 		return base.BasicAuthDecode(authData)
 	}
 	return "", "", errors.New("invalid basic authentication")
@ -661,7 +661,7 @@ func AccessTokenOAuth(ctx *context.Context) {
 	// if there is no ClientID or ClientSecret in the request body, fill these fields by the Authorization header and ensure the provided field matches the Authorization header
 	if form.ClientID == "" || form.ClientSecret == "" {
 		authHeader := ctx.Req.Header.Get("Authorization")
-		if authType, authData, ok := strings.Cut(authHeader, " "); ok && authType == "Basic" {
+		if authType, authData, ok := strings.Cut(authHeader, " "); ok && strings.EqualFold(authType, "Basic") {
 			clientID, clientSecret, err := base.BasicAuthDecode(authData)
 			if err != nil {
 				handleAccessTokenError(ctx, AccessTokenError{
--- a/web_src/js/features/repo-editor.ts
+++ b/web_src/js/features/repo-editor.ts
@ -1,7 +1,7 @@
 import $ from 'jquery';
 import {htmlEscape} from 'escape-goat';
 import {createCodeEditor} from './codeeditor.ts';
-import {hideElem, queryElems, showElem} from '../utils/dom.ts';
+import {hideElem, queryElems, showElem, createElementFromHTML} from '../utils/dom.ts';
 import {initMarkupContent} from '../markup/content.ts';
 import {attachRefIssueContextPopup} from './contextpopup.ts';
 import {POST} from '../modules/fetch.ts';
@ -61,7 +61,7 @@ export function initRepoEditor() {
    });
  }

-  const filenameInput = document.querySelector('#file-name');
+  const filenameInput = document.querySelector<HTMLInputElement>('#file-name');
  function joinTreePath() {
    const parts = [];
    for (const el of document.querySelectorAll('.breadcrumb span.section')) {
@ -80,8 +80,12 @@ export function initRepoEditor() {
        const value = parts[i];
        if (i < parts.length - 1) {
          if (value.length) {
-            $(`<span class="section"><a href="#">${htmlEscape(value)}</a></span>`).insertBefore($(filenameInput));
-            $('<div class="breadcrumb-divider">/</div>').insertBefore($(filenameInput));
+            filenameInput.before(createElementFromHTML(
+              `<span class="section"><a href="#">${htmlEscape(value)}</a></span>`,
+            ));
+            filenameInput.before(createElementFromHTML(
+              `<div class="breadcrumb-divider">/</div>`,
+            ));
          }
        } else {
          filenameInput.value = value;
Author	SHA1	Message	Date
silverwind	74e1691bc9	Merge `7381a313dd` into `a40192dc12`	2024-07-27 13:15:37 +08:00
GiteaBot	a40192dc12	[skip ci] Updated translations via Crowdin	2024-07-27 00:27:00 +00:00
Shivaram Lingamneni	e1cf760d2f	OIDC: case-insensitive comparison for auth scheme `Basic` (#31706 ) @kylef pointed out on https://github.com/go-gitea/gitea/pull/31632 that [RFC7617](https://www.rfc-editor.org/rfc/rfc7617.html#section-2) mandates case-insensitive comparison of the scheme field `Basic`. #31632 copied a case-sensitive comparison from https://github.com/go-gitea/gitea/pull/6293. This PR fixes both comparisons. The issue only affects OIDC, since the implementation for normal Gitea endpoints is already correct: `930ca92d7c/services/auth/basic.go (L55-L58)`	2024-07-26 19:51:45 +00:00
silverwind	7381a313dd	Enable `no-jquery/no-parse-html-literal` and fix violation	2024-07-23 20:17:45 +02:00