pierre/wallabag
1
0
Fork 0
forked from wallabag/wallabag
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity
Files
aa06e8328eaac5cbdc7ac02d57a6d3a9f7c63b18
wallabag/tests/Wallabag/CoreBundle
History
Kevin Decherf aa06e8328e ConfigController: remove 2fa cancel step 
This change annoys me, however this endpoint was anyway problematic:
- it was vulnerable to a CSRF attack, see GHSA-56fm-hfp3-x3w3
- it is useless as we don't really handle a two-steps validation

Still, if you send an incorrect code during the "activation" phase a
flash error will pop up but the 2fa will stay enabled. This need rework
when possible.

Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
2023-09-30 00:49:58 +02:00
..
Command
Update all Doctrine deps
2022-12-16 10:29:42 +01:00
Controller
ConfigController: remove 2fa cancel step
2023-09-30 00:49:58 +02:00
Entity
Use lang attribute
2020-01-23 21:21:54 +01:00
Event
Replace GetResponseEvent by RequestEvent
2023-08-07 22:34:47 +01:00
fixtures
Add support to download SVG locally
2022-10-18 11:14:45 +02:00
Form/DataTransformer
Add missing TestCase namespace
2017-12-18 13:29:33 +01:00
GuzzleSiteAuthenticator
Upgrade to Symfony 4.4
2022-11-29 18:01:46 -08:00
Helper
Merge pull request #6562 from Simounet/fix/downloadimages-redirect-following
2023-05-31 15:04:02 +02:00
ParamConverter
Update to FOSUserBundle 3.1
2022-12-14 09:42:17 +01:00
Tools
Counting two characters together as a word in CJK
2019-01-06 01:21:13 +08:00
Twig
Move to controller as a service
2022-12-19 10:38:08 +01:00
WallabagCoreTestCase.php
Merge pull request #6813 from yguedidi/replace-client-by-kernelbrowser
2023-08-08 23:36:06 +02:00