yesod

Author	SHA1	Message	Date
Michael Snoyman	db3beff4f3	Some CPP for Cabal API changes	2016-11-23 15:19:27 +02:00
Michael Snoyman	03307a8cc8	Fix dependency problems for older snapshots	2016-11-23 15:05:41 +02:00
Michael Snoyman	83d3a12a23	Rewrite yesod devel based on Stack #1304 Please see ChangeLog for explanation.	2016-11-23 13:59:56 +02:00
Maximilian Tagher	54cc4205d8	Merge pull request #1302 from psibi/csrf-fix yesod-auth: Fix CSRF security vulnerability in registerHelper function	2016-11-22 10:49:26 -08:00
Sibi Prabakaran	696faa3fd0	req is not needed.	2016-11-20 13:43:01 +05:30
Sibi Prabakaran	10850f5cee	Use checkCsrfHeaderOrParam instead of manual check	2016-11-20 13:32:15 +05:30
Sibi Prabakaran	7f17d829b3	Fix CSRF security vulnerability in registerHelper function Return a 403 status code if the csrf tokens are matched. This currently affects two endpoints: During registration and during password reset forms. This curl request demonstrates how this can be exploited to register new email: curl -i --header "Accept: application/json" --request POST -F "email=sibi@psibi.in" http://localhost:3005/auth/page/email/register With the patch applied, it will respond with this: {"message":"Permission Denied. A valid CSRF token wasn't present in HTTP headers or POST parameters. Because the request could have been forged, it's been rejected altogether. Check the Yesod.Core.Handler docs of the yesod-core package for details on CSRF protection."}	2016-11-20 03:59:32 +05:30
Michael Snoyman	10a751cdbc	Version bump for #1296	2016-11-14 07:04:36 +02:00
Andrew Martin	2d6e5cea02	Added a ToValue instance for Enctype	2016-11-13 14:59:21 -05:00
Michael Snoyman	cc395c2ecf	Another extra-dep	2016-11-11 07:05:07 +02:00
Michael Snoyman	b09866c9ad	conduit-extra extra-dep	2016-11-11 06:53:48 +02:00
Michael Snoyman	253beb3107	Merge branch 'master' of https://github.com/paul-rouse/yesod into paul-rouse-master	2016-11-11 06:52:42 +02:00
Paul Rouse	a46dcbedc2	Revised don't keep partial autogen file when exception occurs	2016-11-10 22:07:20 +00:00
Michael Snoyman	fec96bc57c	Merge pull request #1290 from yesodweb/languages-checks-setLanguage languages reflects setLanguage	2016-11-10 11:31:33 +02:00
Paul Rouse	4ab830c4d9	Don't keep partial autogen file when exception occurs	2016-11-09 09:31:28 +00:00
Michael Snoyman	b074279832	Fix test suite compilation	2016-11-06 12:08:05 +02:00
Michael Snoyman	cc15bc6580	Version bump and close #1286	2016-11-06 06:40:46 +02:00
Michael Snoyman	036b020c8c	Merge branch '1286-yesod-static-apply-middleware'	2016-11-06 06:40:01 +02:00
Michael Snoyman	bbca01ce71	languages reflects setLanguage	2016-11-04 11:10:26 +02:00
Michael Snoyman	f9927530b4	Updated resolver	2016-10-31 12:47:50 +02:00
Michael Snoyman	e92c1f0c3e	yesod-static applies Yesod middlewares #1286	2016-10-31 12:47:14 +02:00
Michael Snoyman	e2e546df4d	Travis update	2016-10-24 19:43:36 +03:00
Michael Snoyman	14ef94b8d1	Version bump for #1287	2016-10-24 19:42:09 +03:00
Michael Snoyman	d43783e978	Merge pull request #1287 from lamg/master Added Yesod.Form.I18n.Spanish	2016-10-24 19:41:21 +03:00
Luis Ángel Méndez Gort	e593cd04c8	Merge branch 'master' of https://github.com/lamg/yesod	2016-10-23 15:58:46 -04:00
Luis Ángel Méndez Gort	161f771904	Merge branch 'master' of https://github.com/lamg/yesod	2016-10-23 15:56:35 -04:00
Luis Ángel Méndez Gort	cef7566d08	Merge branch 'master' of https://github.com/lamg/yesod	2016-10-23 15:49:53 -04:00
Luis Ángel Méndez Gort	e1d3f0ab79	Yesod.Form.I18n.Spanish added	2016-10-23 15:49:21 -04:00
Luis Ángel Méndez Gort	b1cfb3bda4	Yesod.Form.I18n.Spanish added	2016-10-21 19:08:27 -04:00
Michael Snoyman	a28d4b16f5	Version bump and close #149	2016-10-14 13:59:57 +03:00
Michael Snoyman	6228ccc351	Don't use lazy I/O in embedDirAt #149	2016-10-14 05:53:07 +03:00
Michael Snoyman	1aed870e0b	Proper version bump for #1284	2016-10-07 17:03:54 +03:00
Michael Snoyman	c86efd3294	Merge branch '1284-yesod-bin-ghc-8'	2016-10-07 17:03:15 +03:00
Michael Snoyman	1753569e95	Version bump and close #1284	2016-10-06 14:38:09 +03:00
Michael Snoyman	69f07111c0	Do not pass a local package ID for GHC 8 #1284	2016-10-06 13:24:21 +03:00
Michael Snoyman	25bba1add1	Merge pull request #1283 from chreekat/comment-for-unsafe Comment on unsafePerformIO, close #1245	2016-10-05 03:35:04 +03:00
Bryan Richter	add9d4393a	Comment on unsafePerformIO, close #1245	2016-10-03 09:08:22 -07:00
Michael Snoyman	57d0dab991	Version bump for #1282	2016-09-28 09:59:58 +03:00
Michael Snoyman	8014208382	Merge pull request #1282 from erikd/master yesod-bin: Make it build with latest optparse-applicative	2016-09-28 09:59:16 +03:00
Erik de Castro Lopo	c736b309bb	yesod-bin: Make it build with latest optparse-applicative Done with CPP hackery so the lower bound can remain unchanged.	2016-09-28 07:59:04 +10:00
Michael Snoyman	977b0e1485	Fix Travis for LTS 7	2016-09-26 18:02:13 +03:00
Michael Snoyman	ec7b62c5dc	Travis: add GHC 8.0.1	2016-09-26 16:06:45 +03:00
Michael Snoyman	1029cc4e8e	Version bump for #1281	2016-09-26 14:45:01 +03:00
Michael Snoyman	7151b63a4d	Merge pull request #1281 from sru-systems/openbsd-wxneeded Link yesod-bin with wxneeded on OpenBSD.	2016-09-26 14:43:26 +03:00
Martijn Rijkeboer	0017b4441b	Link yesod-bin with wxneeded on OpenBSD.	2016-09-26 13:40:28 +02:00
Michael Snoyman	856e60eb9b	Version bump	2016-09-25 14:34:38 +03:00
Michael Snoyman	06a6fbd127	Merge pull request #1278 from Dridus/except-instances Add instance of MonadHandler and MonadWidget for ExceptT	2016-09-25 14:33:43 +03:00
Ross MacLeod	09c37eb916	Use #if MIN_VERSION_transformers(0,4,0) instead of __GLASGOW_HASKELL__ >= 710	2016-09-22 13:27:25 -04:00
Ross MacLeod	6de5d8f829	missed making the import of ExceptT conditional on GHC version as well	2016-09-22 13:23:10 -04:00
Ross MacLeod	58fb977276	Only emit MonadHandler and MonadWidget instance for ExceptT when GHC version >= 7.10, since that's the first version tied to transformers-0.4.0.0 which introduced ExceptT	2016-09-22 13:00:09 -04:00

1 2 3 4 5 ...

4233 Commits