| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Fix CSP violation on login page by moving inline script to external file | Adam Mathes | 9 days | 2 | -5/+13 |
| | | |||||
| * | Fix scroll-to-read functionality across all UIs (V1, V2, V3) | Adam Mathes | 9 days | 1 | -139/+156 |
| | | |||||
| * | Enhance CSRF protection for login page | Adam Mathes | 9 days | 1 | -1/+6 |
| | | | | | | | | | | | Login form now includes a CSRF token from the cookie as a hidden form field. The CSRF middleware accepts tokens from either the X-CSRF-Token header (for JS clients) or the csrf_token form field (for HTML forms). Removed /login from the CSRF exclusion list so login POSTs are now validated. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> | ||||
| * | Fix restricted login access and modernize login page | Adam Mathes | 9 days | 1 | -20/+131 |
| | | | | | | | | | - Close NK-oqd24q: Fix login access for v3/api - Update web.go to exclude /login/ from CSRF check during initial submission - Modernize web/static/login.html with new CSS and structure - Add web/login_test.go to verify CSRF exclusion - Created NK-ngokc3 for further CSRF enhancements | ||||
| * | Audit and reduce Go dependencies: replace go.rice with embed, pflag with flag | Adam Mathes | 12 days | 13 | -0/+1225 |
 |
index : neko | |
| self-hosted, single user rss reader | git@adammathes.com |
| aboutsummaryrefslogtreecommitdiffstats |