-
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Describe the Issue
When trying to set a cookie via the Set-Cookie response header, Postman will trim lea…
-
At the time of writing, the state of `servant-auth` has a margin of improvement when it comes to both design, security and supported authentication schemes. I would like to take the time with industri…
-
Here is the simple form which doesn't have any csrf tokens to send to the server:
```html
Test API authentication
Sub…
beibl updated
4 years ago
-
Taking about 5s ~ 10s to load. In one of the case, it takes 67.9s.
Solution steps:
[ ]. *mitigation*: change diffing query from pre-render to post-render.
[ ]. *solution*: find out why diff takes…
-
```
What steps will reproduce the problem?
1. According to the servlet spec, sessions must be explicitly turned on in
code (a call to getSession(true) must be executed)
2. GAE follows the spec, so en…
-
I have a fairly large repo with 41,000 commits, 2,400 tags, and 15,000 total PRs and issues. I ran `gren changelog --generate` for 7 hours overnight and it never moved past the "Getting tags" state.
…
-
I got a 403 error when I am trying to export a diagram to png file
The first request curl was copied from chrome:
```
curl 'http://localhost:8888/export' \
-H 'Connection: keep-alive' \
…
-
Cross site request forgery (CSRF), also known as XSRF, Sea Surf or Session Riding, is an attack vector that tricks a web browser into executing an unwanted action in an application to which a user is …
-
I reverse-engineered a bit to understand the Members message IDs.
Defined in Members `lib/class.membersevent.php`:
```
const MEMBER_ERRORS = 104;
const MEMBER_INVALID = 105;
const SECTION_INVALID =…
-
### Comment:
## elevator pitch
Provide a low-barrier way to make precise, pre-validated admin requests.
## motivation
After looking at the GH PR templates feature (suggested in #535), I wa…