Kevin Chung 6e8c7aaa50 Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827) ...

* Require CSRF-Token header on state changing API requests
* Require CSRF nonces on more than just POSTs, 
* Replace usage of `fetch()` with custom `CTFd.fetch()` implementation

2019-01-10 22:38:37 -05:00

..

admin

Fix CTF resets in mysql (#785)

2018-12-06 20:43:14 -05:00

api

Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827)

2019-01-10 22:38:37 -05:00

challenges

Fix divison-by-zero when adding requirement to dynamic challenge (#782)

2018-12-08 00:36:29 -05:00

teams

2.0.0 (#741)

2018-11-19 23:16:14 -05:00

users

Fix subdirectory deployments in a generic manner (#802)

2018-12-16 13:18:08 -05:00

utils

Default SameSite session cookie setting to Lax (#824)

2019-01-08 02:52:51 -05:00

__init__.py

Starting to write tests

2017-01-07 02:44:31 -05:00

helpers.py

Require CSRF-Token header on state changing API requests, require CSRF nonces on more than just POSTs, replace usage of fetch() with custom CTFd.fetch() implementation (#827)

2019-01-10 22:38:37 -05:00

test_plugin_utils.py

Adds plugin functions to register javascript and CSS in the admin panel. Move global plugin script/stylesheet lists into application factory specific lists. Closes #804 (#805)

2018-12-15 13:48:21 -05:00

test_themes.py

Fix subdirectory deployments in a generic manner (#802)

2018-12-16 13:18:08 -05:00