bjoernager/forgejo
bjoernager/forgejo
1
Fork 0
Code Issues Pull requests Activity

fix: validate input for default_{merge,update}_style (#7395)

Browse source 
- Add `binding:"In(...)"` to the `default_merge_style` and `default_update_style` fields to only accept recognized merge and update styles.
- Resolves https://codeberg.org/forgejo/forgejo/issues/7389
- Added integration test for the API (`binding` works in the exact same way for the API and web routes).

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/7395
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-committed-by: Gusted <postmaster@gusted.xyz>
This commit is contained in:
Gusted 2025-03-31 03:33:18 +00:00 committed by 0ko
parent 114cd6d4b6
commit 4b56c05e65
5 changed files with 248 additions and 216 deletions
Download patch file Download diff file Expand all files Collapse all files

4
routers/web/repo/setting/setting.go
View file

@ -105,6 +105,10 @@ func Units(ctx *context.Context) {
func UnitsPost(ctx *context.Context) {
form := web.GetForm(ctx).(*forms.RepoUnitSettingForm)
if ctx.HasError() {
ctx.Redirect(ctx.Repo.Repository.Link() + "/settings/units")
return
}
repo := ctx.Repo.Repository