mirror of https://github.com/gogs/gogs.git
security: fix vulnerability in changing username
Reported by João Arnaut.pull/4264/head
parent
c2f0711db0
commit
e6dbfd918c
2
gogs.go
2
gogs.go
|
@ -16,7 +16,7 @@ import (
|
|||
"github.com/gogits/gogs/modules/setting"
|
||||
)
|
||||
|
||||
const APP_VER = "0.10.7.0306"
|
||||
const APP_VER = "0.10.8.0307"
|
||||
|
||||
func init() {
|
||||
setting.AppVer = APP_VER
|
||||
|
|
|
@ -90,7 +90,7 @@ func (f *SignIn) Validate(ctx *macaron.Context, errs binding.Errors) binding.Err
|
|||
// \/ \/ \/ \/ \/
|
||||
|
||||
type UpdateProfile struct {
|
||||
Name string `binding:"OmitEmpty;MaxSize(35)"`
|
||||
Name string `binding:"Required;AlphaDashDot;MaxSize(35)"`
|
||||
FullName string `binding:"MaxSize(100)"`
|
||||
Email string `binding:"Required;Email;MaxSize(254)"`
|
||||
Website string `binding:"Url;MaxSize(100)"`
|
||||
|
|
|
@ -1 +1 @@
|
|||
0.10.7.0306
|
||||
0.10.8.0307
|
|
@ -25,7 +25,7 @@
|
|||
</div>
|
||||
<div class="required field {{if .Err_Email}}error{{end}}">
|
||||
<label for="email">{{.i18n.Tr "email"}}</label>
|
||||
<input id="email" name="email" value="{{.SignedUser.Email}}">
|
||||
<input id="email" name="email" value="{{.SignedUser.Email}}" required>
|
||||
</div>
|
||||
<div class="field {{if .Err_Website}}error{{end}}">
|
||||
<label for="website">{{.i18n.Tr "settings.website"}}</label>
|
||||
|
|
Loading…
Reference in New Issue