habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
29892c2bdeefa2841016c9abfbb6340b1f4b942f
authentik/website
History
Jens L b0fbd576fc security: cure53 fix (#6039) 
* ATH-01-001: resolve path and check start before loading blueprints

This is even less of an issue since 411ef239f6, since with that commit we only allow files that the listing returns

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: fix missing user filter for webauthn device

This prevents an attack that is only possible when an attacker can intercept HTTP traffic and in the case of HTTPS decrypt it.

* ATH-01-008: fix web forms not submitting correctly when pressing enter

When submitting some forms with the Enter key instead of clicking "Confirm"/etc, the form would not get submitted correctly

This would in the worst case is when setting a user's password, where the new password can end up in the URL, but the password was not actually saved to the user.

* ATH-01-004: remove env from admin system endpoint

this endpoint already required admin access, but for debugging the env variables are used very little

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-003 / ATH-01-012: disable htmlLabels in mermaid

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-005: use hmac.compare_digest for secret_key authentication

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-009: migrate impersonation to use API

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-010: rework

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-014: save authenticator validation state in flow context

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

bugfixes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* ATH-01-012: escape quotation marks

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* add website

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update release ntoes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* update with all notes

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

* fix format

Signed-off-by: Jens Langhammer <jens@goauthentik.io>

---------

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-06-22 22:25:04 +02:00
..
blog
website/blog: update hackathon post with final date (#6038)
2023-06-22 16:28:45 +02:00
developer-docs
website/devdocs: draft for hackathon page (#5973)
2023-06-16 10:25:37 -05:00
docs
security: cure53 fix (#6039)
2023-06-22 22:25:04 +02:00
help
root: fix linting errors
2021-07-18 20:54:34 +02:00
integrations
website: add Firezone integration (#5945)
2023-06-22 13:26:48 +02:00
netlify/functions
website: handle go-get requests statically (#5821)
2023-05-31 12:51:45 +02:00
src
website: fix go-import
2023-06-20 12:32:43 +02:00
static
web: bump storybook from 7.0.18 to 7.0.20 in /web (#5896)
2023-06-08 11:08:07 +02:00
test
website: add sidebar item tests, bump node version to latest LTS
2023-02-09 22:06:07 +01:00
.gitignore
website: copy static files instead of linking them to prevent cache issues
2022-12-23 15:18:21 +01:00
.prettierignore
website: format docs with prettier (#2833)
2022-05-09 21:22:41 +02:00
.prettierrc.json
Migrate to Docusaurus (#329)
2020-11-15 22:42:02 +01:00
babel.config.js
Migrate to Docusaurus (#329)
2020-11-15 22:42:02 +01:00
docusaurus.config.js
website: automatically add PR links to release notes (#5682)
2023-05-18 22:59:43 +00:00
docusaurus.docs-only.js
website: automatically add PR links to release notes (#5682)
2023-05-18 22:59:43 +00:00
netlify.toml
website: handle go-get requests statically (#5821)
2023-05-31 12:51:45 +02:00
package-lock.json
website: bump postcss from 8.4.23 to 8.4.24 in /website (#5783)
2023-05-29 12:06:34 +02:00
package.json
website: bump postcss from 8.4.23 to 8.4.24 in /website (#5783)
2023-05-29 12:06:34 +02:00
README.md
website: cleanup readme
2022-09-18 18:45:05 +02:00
sidebars.js
security: cure53 fix (#6039)
2023-06-22 22:25:04 +02:00
sidebarsDev.js
website/devdocs: draft for hackathon page (#5973)
2023-06-16 10:25:37 -05:00
sidebarsIntegrations.js
website: add Firezone integration (#5945)
2023-06-22 13:26:48 +02:00

README.md

Website

This website is built using Docusaurus 2, a modern static website generator.

Installation

npm ci

Local Development

npm run watch

This command starts a local development server and open up a browser window. Most changes are reflected live without having to restart the server.

Build

npm run build

This command generates static content into the build directory and can be served using any static contents hosting service.