1959 commits

Author	SHA1	Message	Date
snipe	7ccb41371e	Removed unoptimized images directive ... securityheaders.com is claiming it’s onrecognized, even though I got that directive from their site, so… whatever. ¯\_(ツ)_/¯	2020-06-23 01:09:39 -07:00
snipe	2e60a457bf	Dumb fix for feature-policy being dumb.	2020-06-23 01:07:00 -07:00
snipe	00b051b8c7	Added a few more comments	2020-06-23 00:26:09 -07:00
snipe	05b3a9ad7e	Config variable for HSTS	2020-06-22 23:17:27 -07:00
snipe	4fb880384f	Changed comment	2020-06-22 22:37:14 -07:00
snipe	43042ad841	Consolidated ReferrerPolicy into new SecurityHeaders file	2020-06-22 22:35:59 -07:00
snipe	a716382ac4	Removed CSP middleware (it’s added in the general header)	2020-06-22 22:33:37 -07:00
snipe	36c8f7f4f1	Additional security headers	2020-06-22 22:31:01 -07:00
snipe	946129f206	Made quote style consistent	2020-06-22 20:45:20 -07:00
snipe	d1aa11ec89	Fix for weird padlock display in asset listing with encrypted custom fields	2020-06-22 20:29:19 -07:00
snipe	2ac1c1636c	Better handle the logic to determine if we should display the license checkout blade	2020-06-16 16:12:57 -07:00
snipe	d14ab7e3e1	Porting change from #8053 to master ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-27 00:22:44 -07:00
snipe	f88683766b	Roll back previous change ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-14 00:55:47 -07:00
snipe	e4385c0f8c	Fixes #8051 regression ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-14 00:48:30 -07:00
snipe	0550fe0ffa	Fix for session fixation vulnerability ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-12 10:31:54 -07:00
snipe	95cc48e422	Added option to disable backup in import ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-11 20:41:10 -07:00
snipe	bb42109c0c	Added a clarifying comment ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-11 18:10:45 -07:00
snipe	b9e821c0e6	Small fix for Group Functional Tests ... Signed-off-by: snipe <snipe@snipe.net>	2020-05-11 18:07:14 -07:00
snipe	e009fbe59f	Converted table heading icons in People to CSS glyphs ... Signed-off-by: snipe <snipe@snipe.net>	2020-04-24 04:04:53 -07:00
snipe	5bb4f271aa	Fixed #7987 - allow toggle of required/optional in custom fields/fieldsets ... Signed-off-by: snipe <snipe@snipe.net>	2020-04-24 00:47:19 -07:00
snipe	154db9a416	This literally never fucking worked. Ever. Shoot me.	2020-04-09 22:20:05 -07:00
snipe	cf9d0201e0	Catch weird edge case where target wouldn’t have an ID (?!)	2020-04-09 20:23:02 -07:00
snipe	5707df0239	Check that location isset in checkout	2020-04-09 18:32:34 -07:00
snipe	197a84be94	Commented out rtd_location_id override - why did we do that?	2020-04-09 14:17:39 -07:00
snipe	b4fa4c77d7	Check for rtd_location_id before trying to assign	2020-04-09 14:14:30 -07:00
snipe	cfec142c3b	Better handle models without a fieldset in the asset request [RB 9935]	2020-04-09 11:18:54 -07:00
snipe	f8a72db696	Changed LDAP 600 to 500, clearer error messages on LDAP test	2020-04-09 09:55:44 -07:00
snipe	206bd675f2	Pulled slack validation out of setting model validation so it doesn’t fail mysteriously on other pages	2020-04-08 15:07:02 -07:00
snipe	a0f7fdc57a	Merge branch 'fixes/accessibility_fixes' ... # Conflicts: # public/css/build/all.css # public/css/dist/all.css # public/js/build/all.js # public/js/build/vue.js # public/js/build/vue.js.map # public/js/dist/all.js # public/mix-manifest.json # resources/assets/js/components/importer/importer-file.vue	2020-04-08 11:19:42 -07:00
snipe	79232fc434	Fixed #7947 - Added rtd_location_id to API search	2020-04-08 11:00:04 -07:00
snipe	0b3f511534	Fixed compact() errors	2020-04-07 17:26:56 -07:00
snipe	893944403e	Check for location_id being set before trying to set it on checkout via API	2020-04-06 15:54:40 -07:00
snipe	d7873f257d	Fixed CSP for importer	2020-04-06 14:18:45 -07:00
snipe	bdddab5b8b	Added role=“option” to option items, additional icon font fixes	2020-04-02 18:17:21 -07:00
snipe	e7c1418314	Fixed possible typo in CSP	2020-04-01 19:47:42 -07:00
snipe	4dcc1ffdbc	More form labels	2020-04-01 02:22:24 -07:00
snipe	7d466f3584	Update user uploads for more data to work with recport	2020-04-01 02:22:16 -07:00
snipe	6174f9b93f	Check that there is actually a filed ID submitted	2020-04-01 01:25:31 -07:00
snipe	a467a6999e	Use upload modal	2020-03-31 22:50:07 -07:00
snipe	f0ef06ebe1	Added more alt tags	2020-03-27 15:35:29 -07:00
snipe	6066c249d5	Moved gate to the top of the method	2020-03-06 16:01:13 -08:00
Ivan Nieto	025ea93f05	Fix for when a user with the correct permissions couldn't update Manufacturers. (#7882) ... * Changed the ability name from 'edit' to 'update'. Changed the order of execution: first checks if the manufacturer exists, then checks permissions * Handles the update method, that also has the ability parameter as edit instead of update" q * Revert "Handles the update method, that also has the ability parameter as edit instead of update"" This reverts commit d7dc0e451e. * Handles the update method, that also has the ability parameter as 'edit' instead of 'update'	2020-03-06 15:59:51 -08:00
snipe	54fd8f81ff	Added permissions on user api (#7883) ... * Add permissions to user edit API * Add user permissions on user create/update API endpoint	2020-03-06 15:28:46 -08:00
snipe	ca43554327	Fixes search by serial or tag even if they have slashes in them (#7879) ... * Fixes search by serial or tag even if they have slashes in them * Added support for url param byTag and bySerial * Fixed typo comments * Sojme additional comments to clarify use-cases * Updated comments for clarity	2020-03-06 14:55:20 -08:00
snipe	8b2f8ef3cb	Spelling is hard :(	2020-03-04 22:19:59 -08:00
snipe	15518852aa	Added validation to reject email addresses over 250 characters	2020-03-04 22:08:07 -08:00
Godfrey Martinez	0e0fe967e4	BadMethodCallException Method update does [ch10544] (#7804)	2020-02-10 19:27:23 -08:00
snipe	192917cc84	Slightly better fix for requestable import bug	2020-02-10 17:34:32 -08:00
snipe	81880645ed	Possible requestable fix	2020-02-10 11:40:39 -08:00
snipe	9eb4b0dda7	Disallow 0 as a number for labels per page	2020-02-04 19:14:58 -08:00