dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,565 Commits 18 Branches 72 Tags
d052d1e06c20f5ea5eba45309f05b17c9967573c
Commit Graph

594 Commits

Author SHA1 Message Date
mdipierro f0eb120bba Merge pull request #1904 from n1k9/master 
Modify dispacher for differente response element name
 2018-04-29 19:49:10 -05:00
Nicola Gramola 43e2ed2fc7 Modify dispacher for differente response element name 2018-04-19 08:57:25 +02:00
mdipierro 1e450ed1d6 Merge pull request #1888 from BuhtigithuB/fix/recapchat-v1-deprecated 
Close #1887 - remove Recaptcha V1
 2018-04-18 21:59:13 -05:00
mdipierro cec14c741a fixed no-email edit in profile 2018-04-02 23:53:05 -05:00
Richard Vézina ff44821f05 Close #1887 - remove Recaptcha V1 2018-03-26 16:21:21 -04:00
mdipierro a679210649 fixed aws email 2018-03-20 09:14:05 -05:00
mdipierro 2752aba471 allow sending raw emails with server='aws' 2018-03-15 17:14:00 -05:00
ilvalle ad3c69155b fix few urllib.urlencode, close #1841 2018-02-04 09:58:16 +01:00
Roald Osinga 9bf8ca9c3b made cas_provider response py3 compatible 2018-01-05 11:49:20 +01:00
mdipierro 4a2a02d1fe fixed display of computed fields 2017-12-02 12:52:15 -06:00
mdipierro 551c19bcaf Merge pull request #1761 from josedesoto/issue/update_role_on_update_profile 
Update groups on edit profile
 2017-11-13 21:14:02 -06:00
Leonel Câmara 925f928843 Copy all CRYPT attributes thanks @abastardi 2017-11-08 11:53:29 +00:00
Leonel Câmara 228d3c41b6 Fixes #1800 2017-11-07 23:34:35 +00:00
Jose de Soto 5f4c47729b Removed a tab and replaced by spaces 2017-09-21 10:17:17 +02:00
Jose de Soto e8cf50326d When profile is updated self._update_session_user(user) set session.user_groups to None. self.update_groups() needs to be done. 2017-09-13 11:21:03 +02:00
mdipierro 213c4ee7d1 fixed use of whitespaces 2017-08-01 10:26:33 -05:00
mdipierro 7088b74d42 Merge pull request #1705 from josedesoto/enhancement/1557 
Enhancement/1557
 2017-08-01 09:46:55 -05:00
Jose de Soto d5167f2ed6 change_password_url parameter for alternate login methods 2017-07-31 19:00:24 +02:00
Jose de Soto 1014d3e86e new parameter to auto create or not users with alternate login methods 2017-07-31 18:33:15 +02:00
Jan Kotyz 19efbfecfa Fixes 1700 2017-07-27 11:27:41 +02:00
Leonel Câmara b7b8a009f2 Fixes #1680 2017-07-14 20:17:30 +01:00
mdipierro 453123a8ed Merge pull request #1652 from BuhtigithuB/improve/pep8-tools-py 
Enhance tools.py PEP8 compliancy
 2017-07-10 14:11:11 -05:00
mdipierro f657b42f65 fixed undefined variable 2017-07-02 01:34:05 -05:00
mdipierro 1c0b498880 fixed undefined variable 2017-07-02 01:32:25 -05:00
Richard Vézina 583d106104 Fix docstring py3 compatibility issues print -> print() 2017-06-21 11:33:00 -04:00
Richard Vézina 7ada2cf89a Enhance tools.py PEP8 compliancy 2017-06-21 11:27:54 -04:00
mdipierro 0674111129 fixes #1579, thanks Nico 2017-06-20 14:29:47 -05:00
mdipierro 18b755b8da fixed #1583, thanks matclab 2017-06-20 14:24:35 -05:00
Leonel Câmara 376c12a225 Fixes #1628 2017-06-05 23:35:41 +01:00
mdipierro baa129f871 Merge pull request #1527 from leonelcamara/authapi2 
Auth refactor
 2017-05-01 09:13:18 -05:00
BrenBarn 86a2c529b9 Change to modify Service instead of adding FlexibleService 2017-01-31 14:13:43 -08:00
BrenBarn 55592e7c6e Add FlexibleService, which allows @service-style methods that accept varargs 2017-01-31 11:48:28 -08:00
Martin Doucha e7cab3b975 Add Auth and Crud messages when updating language files 2016-12-20 18:54:20 +01:00
Leonel Câmara bf5ec0d7cf Fixed a long standing bug in login_user which was using 'password' instead of settings.password_field 
Fixes #636
 2016-11-20 19:38:21 +00:00
Giuseppe Chiesa 2c70a858f1 implemented base support for CASv3 2016-11-17 13:30:11 +01:00
mdipierro 091d9c74b0 Merge pull request #1525 from michele-comitini/confirm_registration_redirect_fix 
keep the _next while doing the redirect
 2016-11-14 08:27:39 -06:00
Leonel Câmara 02f0bdb8d3 Auth refactor, extracted many methods into a base class for more generic auth mechanisms. 
Partially addresses #1526
Includes a solution for IS_LOWER and IS_UPPER validator problems I mentioned in #1353
 2016-11-05 16:37:22 +00:00
Michele Comitini 6b1225da02 keep the _next while doing the redirect 2016-11-04 09:59:49 +01:00
Mathieu Clabaut 2d4817841f Allow for firstname and lastname in verify_email message 2016-11-01 11:31:01 +01:00
niphlod 40d6a72b90 fixes #1455 2016-09-21 22:35:04 +02:00
kelson fe058bf817 fixed auth.add_membership succeeding with invalid group_id/user_id 2016-08-17 17:17:34 -04:00
Giovanni Barillari 0528a347b3 Updated pyDAL to 16.08 2016-08-13 15:38:55 +02:00
mdipierro 35eaba1096 removed duplicated code, using pydal's _compat.py 2016-08-01 03:39:22 -05:00
niphlod cae10a68c0 fixed most of py3 warnings, output is much cleaner this way 2016-07-18 23:45:28 +02:00
Jason Bohrer 0c4d254a9c Changed tuple to list 
The comparison between parts[1:3] and ('', host) would return false because a list and a tuple were being compared.
 2016-07-01 13:26:23 -04:00
mdipierro d9c2f778ee fixed auth next open redirect 2016-07-01 02:22:15 -05:00
Th3R3p0 d95acb6897 Fixed open redirect security vulnerability. The previous filter searched for two forward slashes "//" in the "_next” parameter and if the two forward slashes were found it would check the URI and determine if the hostname matched the hostname of the web server. If not, it would change the next variable to the None. However, browsers don't require two forward slashes. As a feature, browsers accept typos such as http:google.com or http:/google.com and redirect to http://google.com. This can be used to leverage an open redirect attack even with the current filter. This commit fixes the open redirect vulnerability in the _next get parameter. Thanks to jnbrex for helping debug/write the patch for this vulnerability. 2016-06-30 17:24:47 -04:00
Alex Artigues f87c3e260c Fix next redirect if only one / exists 2016-06-29 20:54:13 -04:00
ilvalle 48209f5bdf fix compileapp 2016-06-13 20:20:49 +02:00
ilvalle 7259516627 fix tools 2016-06-13 20:20:44 +02:00