Nigel Kukard 24f94abc32 fix(auth:basic): improved API basic auth handling to avoid exceptions ... Currently passing an invalid Basic auth header (random string base64 encoded) would result in an exception being raised due to a `username, password = auth_header.split()`. I refactored the code in this decorator by checking explicitly that we are doing basic authentication then by checking the number of entries returned by the split. I also added exception handling for invalid UTF-8 code sequences. Tested with a fuzzer. Tested with valid and invalid credentials. This fixes #1447.		2023-03-14 23:19:40 +00:00
..
lib	Revert "Revert "Clean up dashboard zone tabs""	2023-03-06 08:30:00 -05:00
models	Make the OTP label the same as the site_name #1237	2023-03-13 18:54:49 +01:00
routes	Merge branch 'dev' into custom_current_user	2023-03-12 17:23:44 +02:00
services	Finished adding new OAuth Server Metadata URL setting to Google, GitHub, and Microsoft OAuth service configuration features.	2023-03-12 09:13:54 -04:00
static	Diff-ify changelog view for zone changes	2023-03-03 13:22:29 +01:00
templates	Re-arranged side navigation to include the "Global Search" feature regardless of user role as the global search feature is now accessible to all users.	2023-03-12 10:27:04 -04:00
__init__.py	Read flask session type from environment variable and create sessions table if not exist.	2023-03-08 17:05:32 +02:00
assets.py	Re-formatted the assets.py file to current PEP8 standards.	2023-03-11 08:48:19 -05:00
decorators.py	fix(auth:basic): improved API basic auth handling to avoid exceptions	2023-03-14 23:19:40 +00:00
default_config.py	Tweaked PR to include the latest asset build changes for CSS minimizer. Also updated the default session storage to use SQLAlchemy instead of the file system.	2023-03-10 16:34:55 -05:00
swagger-spec.yaml	Updated the unknown state	2022-05-23 16:46:11 +00:00