public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
809a7078cfc81615c2c6aaf4b504b36629903014
grafana/pkg/middleware
History
Jev Forsberg aee6b20c7f Security: Fixes for CVE-2025-6197 and CVE-2025-6023 (#108282) 
fix(redirect): make validation of redirect uri stricter

Co-authored-by: volcanonoodle <114113189+volcanonoodle@users.noreply.github.com>
2025-07-17 15:06:16 -06:00
..
cookies
Hackaton: Add more unit tests, take 3 (#101525)
2025-03-05 08:00:12 +01:00
csrf
CSRF middleware: Add flag to skip login cookie check (#66806)
2023-04-24 10:11:08 -03:00
loggermw
Chore: Remove sensitive information from presigned URLs prior to logging (#87035)
2024-06-24 14:53:42 +02:00
requestmeta
instrumentation: rename team to grafana_team to improve alert routing. (#75860)
2023-10-03 12:25:01 +02:00
auth_test.go
RBAC: Remove accessControlOnCall feature toggle (#101222)
2025-02-25 13:44:40 +01:00
auth.go
CI: Bump golangci-lint to 2.0.2 (#103572)
2025-04-10 14:42:23 +02:00
csp.go
Feature: Trusted Types support (#64975)
2023-04-27 18:20:37 +02:00
dashboard_redirect_test.go
Chore: Remove endpoints that contain the slug field (#35104)
2021-06-03 16:20:13 +03:00
dashboard_redirect.go
Chore: Move ReqContext to contexthandler service (#62102)
2023-01-27 08:50:36 +01:00
gziper.go
Chore: Skip gzip for apiserver routes (#92245)
2024-08-21 23:47:58 +03:00
middleware_test.go
K8s: refactor build handler chain func to allow easier injection from enterprise (#100777)
2025-02-15 04:08:00 +02:00
middleware.go
CI: Bump golangci-lint to 2.0.2 (#103572)
2025-04-10 14:42:23 +02:00
org_redirect_test.go
Security: Fixes for CVE-2025-6197 and CVE-2025-6023 (#108282)
2025-07-17 15:06:16 -06:00
org_redirect.go
Security: Fixes for CVE-2025-6197 and CVE-2025-6023 (#108282)
2025-07-17 15:06:16 -06:00
quota_test.go
Authlib: Use types package rather than claims (#99243)
2025-01-21 12:06:55 +03:00
quota.go
Chore: Move ReqContext to contexthandler service (#62102)
2023-01-27 08:50:36 +01:00
recovery_test.go
Frontend: Reload the browser when backend configuration/assets change (#79057)
2024-01-04 08:00:07 +01:00
recovery.go
Grafana: Replace magic number with a constant variable in response status (#80132)
2024-02-27 18:39:51 +02:00
request_metadata_test.go
instrumentation: rename team to grafana_team to improve alert routing. (#75860)
2023-10-03 12:25:01 +02:00
request_metrics.go
Metrics: Add ability to disable classic histogram for HTTP metric (#88315)
2024-06-18 15:37:44 -04:00
request_test.go
Chore: Remove repetitive words (#84132)
2024-03-11 08:55:18 -04:00
request_tracing.go
Backend: Inject server-timing header to match initial loads with client-side telemetry (#94978)
2024-11-19 10:01:58 +02:00
subpath_redirect_test.go
ServeFromSubPath: Redirect to URL with subpath when subpath missing (#66724)
2023-04-24 09:55:55 +02:00
subpath_redirect.go
ServeFromSubPath: Redirect to URL with subpath when subpath missing (#66724)
2023-04-24 09:55:55 +02:00
testing.go
Chore: use any rather than interface{} (#74066)
2023-08-30 18:46:47 +03:00
validate_action_url_test.go
Canvas: Allow API calls to grafana origin (#91822)
2024-09-10 10:45:27 -04:00
validate_action_url.go
Canvas: Allow API calls to grafana origin (#91822)
2024-09-10 10:45:27 -04:00
validate_host.go
Chore: Move ReqContext to contexthandler service (#62102)
2023-01-27 08:50:36 +01:00