1. 30 Jan, 2020 2 commits
  2. 18 Aug, 2019 1 commit
    • Eli Schwartz's avatar
      Move permission for LIST_COMMENTS to dev/tu block · 3ac958ac
      Eli Schwartz authored
      In commit 3578e77a we implemented
      listing of comments from the account details page , but this was
      intended to only be available to TUs and Devs. As the comment says:
      "display the comment list if they're a TU/dev"
      
      The credential checking code, however, set this credential for all
      users, contrary to the intention of the commit.
      
      In order to preserve the ability to list a person's own comments, also
      declare the allowed uids based on the profile being viewed.
      3ac958ac
  3. 06 Aug, 2018 1 commit
  4. 27 Apr, 2017 1 commit
  5. 28 Feb, 2017 1 commit
  6. 20 Jan, 2017 2 commits
  7. 25 Jun, 2016 1 commit
  8. 08 Jun, 2016 1 commit
  9. 07 Feb, 2016 2 commits
  10. 20 Sep, 2015 1 commit
  11. 08 Aug, 2015 2 commits
  12. 27 Jun, 2015 2 commits
  13. 09 Jun, 2015 1 commit
  14. 31 May, 2015 1 commit
  15. 04 Feb, 2015 1 commit
  16. 27 Dec, 2014 1 commit
  17. 13 Dec, 2014 1 commit
  18. 29 Jul, 2014 1 commit
  19. 25 Jul, 2014 1 commit
  20. 15 Jul, 2014 1 commit
  21. 27 Aug, 2013 1 commit
  22. 22 Aug, 2013 1 commit
  23. 24 Apr, 2013 1 commit
  24. 19 Mar, 2013 1 commit
  25. 10 Feb, 2013 3 commits
  26. 30 Jan, 2013 1 commit
  27. 29 Nov, 2012 1 commit
    • canyonknight's avatar
      Fix account editing and hijacking vulnerability · 87fe4701
      canyonknight authored
      
      
      Checks are in place to avoid users getting account editing forms
      they shouldn't have access to. The appropriate checks before
      editing the account in the backend are not in place.
      
      This vulnerability allows a user to craft malicious POST data to
      edit other user accounts, thereby allowing account hijacking.
      
      Add a new flexible function can_edit_account() to determine if
      a user has appropriate permissions. Run the permission check before
      processing any account information in the backend.
      Signed-off-by: default avatarcanyonknight <canyonknight@gmail.com>
      Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
      87fe4701
  28. 17 Sep, 2012 1 commit
  29. 06 Jul, 2012 4 commits
  30. 24 Jun, 2012 1 commit
    • canyonknight's avatar
      Implement token system to fix CSRF vulnerabilities · 2c93f0a9
      canyonknight authored
      
      
      Specially crafted pages can force authenticated users to unknowingly perform
      actions on the AUR website despite being on an attacker's website. This
      cross-site request forgery (CSRF) vulnerability applies to all POST data on
      the AUR.
      
      Implement a token system using a double submit cookie. Have a hidden form
      value on every page containing POST forms. Use the newly added check_token() to
      verify the token sent via POST matches the "AURSID" cookie value. Random
      nature of the token limits potential for CSRF.
      Signed-off-by: default avatarcanyonknight <canyonknight@gmail.com>
      Signed-off-by: default avatarLukas Fleischer <archlinux@cryptocrack.de>
      2c93f0a9