Commit graph

2395 commits

Author SHA1 Message Date
snipe 9301c56a77 Fixes #4069 - include request handler 2017-09-29 16:17:35 -07:00
snipe e37503c734 Fixes #4075 - this is janky and should be revisited 2017-09-29 16:09:24 -07:00
snipe 878bde67ac Few more issue template tweaks 2017-09-29 15:59:04 -07:00
snipe 314d6fa4c5 Expanded issue template 2017-09-29 15:55:58 -07:00
snipe 43ff66e4d9 More UI tweaking for meta statuses 2017-09-29 15:24:33 -07:00
snipe 2ea91266c0 Init lightbox 2017-09-29 14:26:00 -07:00
snipe a0bd9bce39 Commented out security headers - might req apache module 2017-09-29 14:00:05 -07:00
snipe 5223ec1dbb Clearer status listing in the sidenav 2017-09-29 12:13:15 -07:00
snipe 4eda2a2f96 *ahem* 2017-09-29 12:03:12 -07:00
snipe fe1975067a Hopefully clearer status label meta info 2017-09-29 12:03:02 -07:00
snipe b9e79c27a8 Added nonce to basic blade 2017-09-29 05:49:26 -07:00
snipe b8ed6a53b6 For #3998 - Added nonce to all.js 2017-09-29 04:53:24 -07:00
snipe efd71f8bfe For #3998 - Disable CSP if debug=true
To avoid all the nonce hell from debugbar
2017-09-29 04:53:09 -07:00
snipe 05a8ba9a8e Fix weird url if license checkout fails 2017-09-29 04:37:33 -07:00
snipe 9ce2d1f560 Merge branch 'csp-middleware' into develop 2017-09-29 04:14:33 -07:00
snipe c6069b905b Bumped version 2017-09-29 03:47:50 -07:00
snipe 2e76620cf8 More specific required check 2017-09-29 03:44:23 -07:00
snipe a4b30279ee Fixes #4067 - Make unrequired custom fields nullable 2017-09-29 03:30:13 -07:00
snipe faf3802971 Fixes #4011 - do not send email to user on license checkout 2017-09-29 02:00:49 -07:00
snipe 7fe2a1f802 Fixes #4051 - use delete method for deleting user files 2017-09-29 01:48:16 -07:00
snipe ba8bcce8eb Hopefully fixes #4020 2017-09-29 01:21:08 -07:00
snipe aab409dec2 Fixes #4061 - bulk checkout error 2017-09-28 22:22:21 -07:00
snipe d9824a0454 Bumped version 2017-09-28 21:20:37 -07:00
snipe 42c2a66946 Small UI tweaks for accessories 2017-09-28 21:18:16 -07:00
snipe 4d32f2b337 Fixes #4059 - accessories view 2017-09-28 21:18:00 -07:00
snipe 0e29744ec2 Don’t try to send an email if the user doesn’t have an email address 2017-09-28 20:57:33 -07:00
snipe 51236a2ad9 Fixes #4056 - check for assets before deleting user 2017-09-28 19:57:52 -07:00
snipe 46d87849f4 Added content security middleware 2017-09-28 19:45:15 -07:00
snipe 507f1f196c Added integrity hashes 2017-09-28 18:46:16 -07:00
snipe b60febeea2 Removed space in XSS header because safari was getting angry 2017-09-28 18:45:54 -07:00
snipe b3e0d8f675 Disallow / in robots 2017-09-28 17:47:48 -07:00
snipe 9b84a0d516 *eyeroll* 2017-09-28 17:34:47 -07:00
snipe adac5ac544 Check for valid asset 2017-09-28 17:32:37 -07:00
snipe 1775995f26 Is this space necessary? Getting weird results from netsparker 2017-09-28 17:25:04 -07:00
snipe 26a7701cda Added referrer-policy header 2017-09-28 17:12:58 -07:00
snipe a34085f1d9 Added mode=block to XSSProtect header 2017-09-28 16:28:27 -07:00
snipe 915c19ebda Merge branch 'develop' of github.com:snipe/snipe-it into develop 2017-09-28 16:03:41 -07:00
snipe 7fded367c4 Adds rel="noopener" to footer links 2017-09-28 16:03:36 -07:00
Daniel Meltzer 0a4743210c Pass urls to vue. Should fix subdirectory issues. (#4054) 2017-09-28 16:03:04 -07:00
Daniel Meltzer af19e5d976 Fix old route (#4053)
Looks like we missed in the v4 port.  Fixes the unrelated issue in #4052
2017-09-28 16:02:50 -07:00
snipe 3d7277398c Fixes #4057 - sig file in lightbox 2017-09-28 15:13:05 -07:00
snipe a7ad48a02a Make fields nullable for licenses 2017-09-27 22:11:20 -07:00
snipe 0fb4ff77f4 Restoring older SnipeModel attribute setters
In case needed by API - needs investigation
2017-09-27 16:39:20 -07:00
snipe ac83dba2bb Fixes #4034 - save login note 2017-09-27 16:35:54 -07:00
snipe 979ecf961d Added back button to oauth page 2017-09-27 16:33:51 -07:00
snipe 13dcdf41b8 Fixes #4045 - missing back button 2017-09-27 16:32:37 -07:00
snipe fc96fa756e Fix redirect default on password reset 2017-09-27 16:23:21 -07:00
snipe ea9a502152 Added empty regsitration controller
When using the default Laravel auth routes, it expects a registration controller, even though we don’t have a concept of registration. This blank controller just prevents route caching from throwing errors.
2017-09-27 16:23:01 -07:00
snipe d844734b6c Use named login route 2017-09-27 16:22:02 -07:00
snipe ec8a3d2e56 Fixes #4027 - proper redirect on fieldset delete 2017-09-27 16:02:29 -07:00