b5350cccf7
Add rack-attack throttler for all logins
...
We have a built-in bruteforce protection for built-in users. When users
are being created from LDAP on-the-fly, these limits cannot apply, as we
do not have a user object yet.
Instead, we can provide a more generous throttler to block attempts
2026-05-29 12:33:28 +02:00
8f698a7d7c
[chore] added specific sec-fetch-site to rate limit spec
2026-05-12 08:13:14 +02:00
94032f48b2
Fix lost password redirects
2025-12-09 11:21:56 +01:00
0b87e7543f
Freeze string literals in specs
...
Rolling out frozen string literals further by freezing all
string literals in core specs.
2025-05-05 09:29:55 +02:00
4911b8a149
remove years from copyrights (except for COPYRIGHT file)
2024-07-31 15:02:49 +02:00
32d4a2c727
Merge pull request #15951 from opf/support-have-http-status-with-rack-mock-response
...
Conform with RSpecRails/HaveHttpStatus cop
2024-06-24 18:41:03 +02:00
a885fef2bd
Conform to RSpecRails/HaveHttpStatus cop
...
With a hack to get `have_http_status` to work with `Rack::MockResponse`.
2024-06-24 17:50:57 +02:00
3660031344
adapt spec setup
2024-06-21 13:34:02 +02:00
3b2121f733
Revert "Merge remote-tracking branch 'origin/release/13.4' into dev"
...
This reverts commit 40b2bbeb09b4c6cb17cc
2024-03-21 11:31:17 +01:00
7787e457a3
Revert "Merge branch 'dev' into release/13.4"
...
This reverts commit a901541269e573ca00b7
2024-03-20 20:19:08 +01:00
9e4934cd0a
change quotes using rubocop --only Style/StringLiterals,Style/QuotedSymbols -a
2024-03-20 18:05:22 +01:00
8fa8584538
Run rubocop --autocorrect on all files
...
Only the safe cops have run. rubocop version is 1.59.0.
2024-01-05 15:27:09 +01:00
c795874f7f
Update copyright year for 2024
...
command used: `rg -l 'Copyright \(C\) 2012-202\d the OpenProject' | xargs -n 100 sed -i -r 's/Copyright \(C\) 2012-202. the OpenProject/Copyright (C) 2012-2024 the OpenProject/'`
2024-01-02 16:23:54 +01:00
c174414829
Move rate limiting from saas to core
2023-11-07 13:07:26 +01:00
Oliver Günther