mattermost

mirror of https://github.com/mattermost/mattermost.git synced 2026-02-11 14:54:34 -05:00

Author	SHA1	Message	Date
Ben Schumacher	b2df9be70b	Fix errcheck linter errors in helpers (#31578 )	2025-11-12 13:00:51 +01:00
Jesse Hallam	605f9c4da5	preserve Authorization headers if not used to resolve a session (#34203 )	2025-10-30 16:27:22 -03:00
Alejandro García Montoro	d3eb6cbf1c	Revert "MM-13657: Set ExperimentalStrictCSRFEnforcement to true by default (#33444 )" (#34112 ) Some checks failed API / build (push) Has been cancelled Details Server CI / Compute Go Version (push) Has been cancelled Details Web App CI / check-lint (push) Has been cancelled Details Web App CI / check-i18n (push) Has been cancelled Details Web App CI / check-types (push) Has been cancelled Details Web App CI / test (push) Has been cancelled Details Web App CI / build (push) Has been cancelled Details Server CI / Check mocks (push) Has been cancelled Details Server CI / Check go mod tidy (push) Has been cancelled Details Server CI / check-style (push) Has been cancelled Details Server CI / Check serialization methods for hot structs (push) Has been cancelled Details Server CI / Vet API (push) Has been cancelled Details Server CI / Check migration files (push) Has been cancelled Details Server CI / Generate email templates (push) Has been cancelled Details Server CI / Check store layers (push) Has been cancelled Details Server CI / Check mmctl docs (push) Has been cancelled Details Server CI / Postgres with binary parameters (push) Has been cancelled Details Server CI / Postgres (push) Has been cancelled Details Server CI / Postgres (FIPS) (push) Has been cancelled Details Server CI / Generate Test Coverage (push) Has been cancelled Details Server CI / Run mmctl tests (push) Has been cancelled Details Server CI / Run mmctl tests (FIPS) (push) Has been cancelled Details Server CI / Build mattermost server app (push) Has been cancelled Details * Revert "MM-13657: Set ExperimentalStrictCSRFEnforcement to true by default (#33444)" This reverts commit `257eec43ed`. * Fix call to checkCSRFToken * Adapt test that relied on strict CSRF enforcement This test was added after https://github.com/mattermost/mattermost/pull/33444, so it assumed strict CSRF enforcement to be enabled. When reverting that PR, we need to adapt the test to account for both cases. * Fix newer tests to use older setting	2025-10-10 19:15:45 +02:00
Ben Schumacher	ac90cdbb97	[MM-63805] Don't throw a MFA warning for unauthenticated plugin requests (#30795 ) * Don't throw a MFA warning for unauthenticated requests * Always clean Authorization header * Remove log message from GetSession * Rewrite ServePluginPublicRequest for clarity * Move CSRF validation into seperate method * Update test * linter * Fix logger access * Add log message if check fails * Improve error messanges for internal errors * linter fixes * Add comprehensive tests * Cleanup tests and token parser * Add case-insensitive authentication header tests Tests authentication with lowercase 'bearer' and uppercase 'TOKEN' prefixes to ensure header parsing is case-insensitive. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com> * casing * Update server/channels/app/plugin_requests.go Co-authored-by: Eva Sarafianou <eva.sarafianou@gmail.com> --------- Co-authored-by: Claude <noreply@anthropic.com>	2025-08-18 11:17:33 +02:00
Agniva De Sarker	efaa6264cc	MM-53032: Fix module path after repo rename (#23689 ) It was a good decision in hindsight to keep the public module as 0.x because this would have been a breaking change again. https://mattermost.atlassian.net/browse/MM-53032 ```release-note Changed the Go module path from github.com/mattermost/mattermost-server/server/v8 to github.com/mattermost/mattermost/server/v8. For the public facing module, it's path is also changed from github.com/mattermost/mattermost-server/server/public to github.com/mattermost/mattermost/server/public ```	2023-06-11 10:54:35 +05:30
Jesse Hallam	bb02b35048	Expose public/ API as submodule (#23345 ) * model -> public/model * plugin -> public/plugin * public/model/utils -> public/utils * platform/shared/mlog -> public/shared/mlog * platform/shared/i18n -> public/shared/i18n * platform/shared/markdown -> public/shared/markdown * platform/services/timezones -> public/shared/timezones * channels/einterfaces -> einterfaces * expose public/ submodule * go mod tidy * .github: cache-dependency-path, setup-go-work * modules-tidy for public/ too * remove old gomodtidy	2023-05-10 13:07:02 -03:00
Agniva De Sarker	b200a07881	v8.0 module release (#22975 ) https://mattermost.atlassian.net/browse/MM-52079 ```release-note We upgrade the module version to 8.0. The new module path is github.com/mattermost-server/server/v8. ``` Co-authored-by: Doug Lauder <wiggin77@warpmail.net>	2023-04-18 11:05:28 +05:30
Doug Lauder	c943ed6859	Mono repo -> Master (#22553 ) Combines the following repositories into one: https://github.com/mattermost/mattermost-server https://github.com/mattermost/mattermost-webapp https://github.com/mattermost/focalboard https://github.com/mattermost/mattermost-plugin-playbooks	2023-03-22 17:22:27 -04:00

8 commits