TRKJ/gitea
2
0
Fork 0
mirror of https://gitee.com/gitea/gitea synced 2025-11-04 00:20:25 +08:00
Code Issues Packages Projects Releases Wiki Activity

Change action GETs to POST (#10462)

Browse Source 
* Change action GETs to POST

* submite = submit + smite

* No more # href

* Fix test

* Match other tests

* Explicit csrf

Signed-off-by: jolheiser <john.olheiser@gmail.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
This commit is contained in:
John Olheiser
2020-02-25 14:28:47 -06:00
committed by GitHub
parent 4427a936b4
commit c161bb013e
11 changed files with 79 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
routers/routes/routes.go
View File

@@ -502,7 +502,7 @@ func RegisterRoutes(m *macaron.Macaron) {
}, reqSignIn)
m.Group("/:username", func() {
m.Get("/action/:action", user.Action)
m.Post("/action/:action", user.Action)
}, reqSignIn)
if macaron.Env == macaron.DEV {
@@ -534,7 +534,7 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Get("/^:type(issues|pulls)$", user.Issues)
m.Get("/milestones", reqMilestonesDashboardPageEnabled, user.Milestones)
m.Get("/members", org.Members)
m.Get("/members/action/:action", org.MembersAction)
m.Post("/members/action/:action", org.MembersAction)
m.Get("/teams", org.Teams)
}, context.OrgAssignment(true))
@@ -542,8 +542,8 @@ func RegisterRoutes(m *macaron.Macaron) {
m.Group("/:org", func() {
m.Get("/teams/:team", org.TeamMembers)
m.Get("/teams/:team/repositories", org.TeamRepositories)
m.Route("/teams/:team/action/:action", "GET,POST", org.TeamsAction)
m.Route("/teams/:team/action/repo/:action", "GET,POST", org.TeamsRepoAction)
m.Post("/teams/:team/action/:action", org.TeamsAction)
m.Post("/teams/:team/action/repo/:action", org.TeamsRepoAction)
}, context.OrgAssignment(true, false, true))
m.Group("/:org", func() {
@@ -681,7 +681,7 @@ func RegisterRoutes(m *macaron.Macaron) {
})
}, reqSignIn, context.RepoAssignment(), context.UnitTypes(), reqRepoAdmin, context.RepoRef())
m.Get("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action)
m.Post("/:username/:reponame/action/:action", reqSignIn, context.RepoAssignment(), context.UnitTypes(), repo.Action)
m.Group("/:username/:reponame", func() {
m.Group("/issues", func() {
@@ -735,7 +735,7 @@ func RegisterRoutes(m *macaron.Macaron) {
Post(bindIgnErr(auth.CreateMilestoneForm{}), repo.NewMilestonePost)
m.Get("/:id/edit", repo.EditMilestone)
m.Post("/:id/edit", bindIgnErr(auth.CreateMilestoneForm{}), repo.EditMilestonePost)
m.Get("/:id/:action", repo.ChangeMilestonStatus)
m.Post("/:id/:action", repo.ChangeMilestonStatus)
m.Post("/delete", repo.DeleteMilestone)
}, context.RepoMustNotBeArchived(), reqRepoIssuesOrPullsWriter, context.RepoRef())
m.Group("/milestone", func() {