greatbody
/
freeCodeCamp
mirror of https://github.com/freeCodeCamp/freeCodeCamp.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
25,851 Commits
3 Branches
0 Tags
959 MiB
Commit Graph

44 Commits (9aa04199fc004145b1c17e7002b91bc02df11f4d)

Author SHA1 Message Date
Oliver Eyton-Williams 5a80b83579
fix(api): csrf over http in development (#39114) 2020-06-22 15:57:20 +05:30
Oliver Eyton-Williams b3d5cde75e
fix(api): csurf to SameSite 'strict', https only (#39077) 
Lax and http are probably sufficient, but if the stricter versions work
there's no harm using them.
 2020-06-16 20:48:48 +05:30
Oliver Eyton-Williams b4926052f4
chore: refactor and simplify testing (#39050) 2020-06-13 14:57:15 +05:30
Oliver Eyton-Williams 4300ce44db
fix: prevent 403 reporting (#38449) 2020-03-26 22:22:57 +05:30
Oliver Eyton-Williams 38e7369b92 chore: remove rollbar, bump deps 2020-03-26 16:51:17 +05:30
Oliver Eyton-Williams 87ae387ecb fix: put error filtering in the handler 2020-03-26 16:51:17 +05:30
Oliver Eyton-Williams f378f54ac3 feat: enhance dev error reports 2020-03-26 16:51:16 +05:30
Oliver Eyton-Williams 10a6622546 feat(api): enable Sentry reporting 2020-03-26 16:51:16 +05:30
Mrugesh Mohapatra ef39ab0e20 fix(donate): allow calls to the API without auth 
This is also dependent on 170e3dbf4f
 2020-03-21 01:58:07 +05:30
Mrugesh Mohapatra 4ee032d664 feat(api): add and update webhooks routing 2020-03-19 17:18:53 +05:30
mrugesh 6f90efb20c
fix(api): update routes for authorization bypass (#38387) 2020-03-18 18:05:42 +01:00
mrugesh 933e289617
fix(api): add /auth paths to whitelist (#38383) 2020-03-18 13:19:42 +01:00
Oliver Eyton-Williams 23b899f50f fix(csrf): remove all csrf bypass 2020-03-17 23:28:23 +05:30
Ahmad Abdolsaheb 6c6eadfbe4 feat(donate): PayPal integration 2020-03-16 18:35:51 +05:30
mrugesh ac922ac04e
fix: add pass thru for some subdomains (#38315) 
* fix: add passthru for some subdomains

* fix: export whitelist correctly
 2020-03-04 00:02:04 +09:00
Josh Soref 004b99bf8f chore: fix typos in spelling (#38100) 
* spelling: accidentally

* spelling: announce

* spelling: assembly

* spelling: avoid

* spelling: backend

* spelling: because

* spelling: claimed

* spelling: candidate

* spelling: certification

* spelling: certified

* spelling: challenge

* spelling: circular

* spelling: it isn't

* spelling: coins

* spelling: combination

* spelling: compliant

* spelling: containers

* spelling: concise

* spelling: deprecated

* spelling: development

* spelling: donor

* spelling: error

* spelling: everything

* spelling: exceed

* spelling: exist

* spelling: falsy

* spelling: faulty

* spelling: forward

* spelling: handle

* spelling: indicates

* spelling: initial

* spelling: integers

* spelling: issealed

* spelling: javascript

* spelling: length

* spelling: maximum

* spelling: minimum

* spelling: mutable

* spelling: notifier

* spelling: coordinate

* spelling: passport

* spelling: perform

* spelling: permuter

* spelling: placeholder

* spelling: progressively

* spelling: semantic

* spelling: submission

* spelling: submit

* spelling: translations

* spelling: turquoise

* spelling: visualization

* spelling: without

* spelling: registration

* spelling: representation
 2020-02-08 23:59:10 +05:30
mrugesh 89ddd4bb7e
fix(api): error reporter should have explicit env check (#38000) 2020-01-01 10:53:11 +05:30
mrugesh f090730015
fix(api): send json messages for challenge routes (#37494) 2019-10-24 17:30:23 +05:30
Mrugesh Mohapatra e19e54a152 fix(api): remove the email verified middleware 2019-10-07 15:19:21 -07:00
Mrugesh Mohapatra 2116997f85 fix(api): remove the privacy middleware 2019-10-07 15:19:21 -07:00
Oliver Eyton-Williams 2785875941 fix: make public certs always viewable (#36723) 2019-08-30 16:18:49 +05:30
Mrugesh Mohapatra ac50216949 fix: NODE_ENV conflicts on pipelines 2019-08-19 01:37:32 +05:30
Mrugesh Mohapatra 56d78a1119 fix(server,client): CORS is a real nightmare 2019-08-17 17:01:10 +05:30
xyozio 657a5e2c16 cleanup: typos and remove commented out code (#36573) 2019-08-09 23:57:26 +05:30
Parth Parth 67028025d1 fix(client): Vague Error messages (#36047) 
Co-authored-by: Mrugesh Mohapatra <1884376+raisedadead@users.noreply.github.com>
 2019-06-19 20:01:03 +05:30
Bouncey 72a0d63aa0 fix: Centralise user deserialization 2019-03-05 15:57:46 +05:30
Bouncey 3e8bac4590 feat: Use new (tested) accessToken utils to authoize requests 2019-02-21 21:03:06 +05:30
Bouncey 36c4737998 chore: Add tests for jwt authorization 2019-02-21 21:03:06 +05:30
Valeriy fc8c71ad16 feat: use eslint with prettier to format code 2019-02-19 14:30:27 +05:30
Bouncey b13e5fb41a feat: Use prettier-eslint to format code 2019-02-19 14:30:27 +05:30
Bouncey c0104faa38 fix(ci): Fix lint errors thrown in CI 2019-02-19 14:30:27 +05:30
Bouncey 0ccd0a6f77 chore: Fix api linting 2019-02-19 14:30:27 +05:30
Bouncey 07266b7e43 chore: commit lint fixes for the api 2019-02-19 14:30:27 +05:30
Bouncey 354d3feaee fix: Allow un-authed loopback api calls 2019-02-16 12:27:23 +05:30
Mrugesh Mohapatra 02e6e711cf fix(donate): refactor handlers for charges 2019-02-14 14:14:10 +00:00
Bouncey 361ce5cd8e fix: Broken regex for short news links 2019-02-14 16:54:39 +05:30
Mrugesh Mohapatra fdc2219f81 feat: remove news from platform 2019-01-16 13:48:38 +00:00
Bouncey e378d566d9 fix: Use reportError in development 2018-12-04 17:42:12 +05:30
Stuart Taylor d327a5c36b Feat: News in the client app (#34392) 2018-11-29 15:12:15 +03:00
Bouncey c08bb95ea8 fix(auth): Fix auth flow for the client app 2018-10-24 18:27:34 +05:30
Stuart Taylor c4a0a37238 fix(dev): Remove jade middleware (#18437) 2018-10-12 06:49:20 -06:00
Bouncey b38ee544a3 fix(description): Adjust for new description format 2018-10-05 15:58:12 +01:00
Bouncey 2de2143457 feat(email-settings): Add email settings 2018-09-21 11:26:30 +01:00
Bouncey 46a217d0a5 chore(server): Move api-server in to it's own DIR 2018-09-03 17:47:48 +05:30