gitlab-ce

History

Imre Farkas 038d530565 Remove ability to revoke active session Session ID is used as a parameter for the revoke session endpoint but it should never be included in the HTML as an attacker could obtain it via XSS.		2019-02-27 11:45:27 +01:00
..
account_spec.rb	…
active_sessions_spec.rb	Remove ability to revoke active session	2019-02-27 11:45:27 +01:00
chat_names_spec.rb	…
emails_spec.rb	…
gpg_keys_spec.rb	…
keys_spec.rb	…
oauth_applications_spec.rb	…
password_spec.rb	…
personal_access_tokens_spec.rb	…
user_changes_notified_of_own_activity_spec.rb	…
user_edit_profile_spec.rb	…
user_manages_applications_spec.rb	…
user_manages_emails_spec.rb	…
user_visits_notifications_tab_spec.rb	…
user_visits_profile_account_page_spec.rb	…
user_visits_profile_authentication_log_spec.rb	…
user_visits_profile_preferences_page_spec.rb	…
user_visits_profile_spec.rb	…
user_visits_profile_ssh_keys_page_spec.rb	…