cgit/filters, branch v0.10

auth: document tweakables in lua script

2014-01-17T14:34:44Z

Signed-off-by: Jason A. Donenfeld

auth: have cgit calculate login address

2014-01-16T22:21:54Z

This way we're sure to use virtual root, or any other strangeness encountered. Signed-off-by: Jason A. Donenfeld

auth: lua string comparisons are time invariant

2014-01-16T18:47:35Z

By default, strings are compared by hash, so we can remove this comment. Signed-off-by: Jason A. Donenfeld

authentication: use hidden form instead of referer

2014-01-16T11:13:39Z

This also gives us some CSRF protection. Note that we make use of the hmac to protect the redirect value. Signed-off-by: Jason A. Donenfeld

auth: add basic authentication filter framework

2014-01-16T01:28:12Z

This leverages the new lua support. See filters/simple-authentication.lua for explaination of how this works. There is also additional documentation in cgitrc.5.txt. Though this is a cookie-based approach, cgit's caching mechanism is preserved for authenticated pages. Very plugable and extendable depending on user needs. The sample script uses an HMAC-SHA1 based cookie to store the currently logged in user, with an expiration date. Signed-off-by: Jason A. Donenfeld

email-gravatar: fix html syntax issues

2014-01-15T13:43:02Z

an attribute value specification must be an attribute value literal unless SHORTTAG YES is specified

email-gravatar: do not scale icons up

2014-01-14T17:57:51Z

Signed-off-by: Jason A. Donenfeld

filter: allow returning exit code from filter

2014-01-14T17:09:52Z

Filters can now indicate a status back to cgit by means of the exit code for exec, or the return value from close for Lua. Signed-off-by: Jason A. Donenfeld

email-gravatar: fix html syntax issues

2014-01-14T12:55:44Z

* make ampersand a html entity * add required alt attribute * add required img end tag

email-gravatar.py: fix UTF-8

2014-01-14T12:55:35Z