gitea/modules/setting
wxiaoguang 998cea5888
Use secure cookie for HTTPS sites (#26999)
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
2023-09-11 17:03:51 +08:00
..
actions.go Artifacts retention and auto clean up (#26131) 2023-09-06 07:41:06 +00:00
actions_test.go Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581) 2023-06-30 07:26:36 +00:00
admin.go
api.go
asset_dynamic.go
asset_static.go
attachment.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
attachment_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
cache.go
camo.go
config_env.go Remove last newline from config file (#26468) 2023-08-12 15:28:35 +00:00
config_env_test.go Remove last newline from config file (#26468) 2023-08-12 15:28:35 +00:00
config_provider.go Fix INI parsing for value with trailing slash (#26995) 2023-09-10 16:15:51 +00:00
config_provider_test.go Fix INI parsing for value with trailing slash (#26995) 2023-09-10 16:15:51 +00:00
cors.go
cron.go Replace `interface{}` with `any` (#25686) 2023-07-04 18:36:08 +00:00
cron_test.go Rewrite queue (#24505) 2023-05-08 19:49:59 +08:00
database.go Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413) 2023-06-21 10:49:25 +00:00
database_sqlite.go
database_test.go
federation.go
git.go Use `[git.config]` for reflog cleaning up (#24958) 2023-05-28 01:07:14 +00:00
git_test.go Use `[git.config]` for reflog cleaning up (#24958) 2023-05-28 01:07:14 +00:00
highlight.go
i18n.go
incoming_email.go
indexer.go Allow skipping forks and mirrors from being indexed (#23187) 2023-05-25 16:13:47 +08:00
indexer_test.go
lfs.go Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
lfs_test.go Display deprecated warning in admin panel pages as well as in the log file (#26094) 2023-07-26 03:53:37 +00:00
log.go Clarify the logger's MODE config option (#26267) 2023-08-01 18:28:23 +00:00
log_test.go Replace `interface{}` with `any` (#25686) 2023-07-04 18:36:08 +00:00
mailer.go Make mailer SMTP check have timed context (#24751) 2023-05-16 22:55:51 +02:00
mailer_test.go Remove unnecessary code (#24610) 2023-05-10 04:57:06 +00:00
markup.go Add .livemd as a markdown extension (#22730) 2023-04-26 11:22:54 -04:00
metrics.go
migrations.go
mime_type_map.go
mirror.go Avoid polluting the config (#25345) 2023-06-18 16:10:44 +00:00
oauth2.go Handle base64 decoding correctly to avoid panic (#26483) 2023-08-14 10:30:16 +00:00
other.go Refactor `setting.Other` and remove unused `SHOW_FOOTER_BRANDING` (#24270) 2023-04-22 19:38:25 -04:00
packages.go Avoid creating directories when loading config (#25944) 2023-07-18 07:32:36 -05:00
packages_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
path.go Update path related documents (#25417) 2023-07-19 11:22:57 +02:00
path_test.go Refactor path & config system (#25330) 2023-06-21 13:50:26 +08:00
picture.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
project.go
proxy.go
queue.go Calculate MAX_WORKERS default value by CPU number (#26177) 2023-07-27 16:40:35 +08:00
repository.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
repository_archive.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
repository_archive_test.go Fix all possible setting error related storages and added some tests (#23911) 2023-06-14 11:42:38 +08:00
security.go Update minimum password length requirements (#25946) 2023-08-21 19:27:50 +00:00
server.go Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974) 2023-07-21 12:14:20 +00:00
service.go Add reverseproxy auth for API back with default disabled (#26703) 2023-09-07 08:31:46 +00:00
service_test.go Fix allowed user types setting problem (#26200) 2023-07-28 12:15:39 -04:00
session.go Use secure cookie for HTTPS sites (#26999) 2023-09-11 17:03:51 +08:00
setting.go Make "install page" respect environment config (#25648) 2023-07-09 22:43:37 +00:00
setting_test.go
ssh.go Expanded minimum RSA Keylength to 3072 (#26604) 2023-08-28 00:53:16 +00:00
storage.go Fix storage path logic especially for relative paths (#26441) 2023-08-13 22:09:25 +02:00
storage_test.go Fix storage path logic especially for relative paths (#26441) 2023-08-13 22:09:25 +02:00
task.go
time.go Remove unused setting `time.FORMAT` (#24430) 2023-04-29 22:51:43 +02:00
ui.go Remove the service worker (#25010) 2023-05-31 02:07:04 +00:00
webhook.go