BigW Consortium Gitlab
- To prevent an attacker from enumerating the `/users` API to get a list of all the admins. - Display the `is_admin?` flag wherever we display the `private_token` - at the moment, there are two instances: - When an admin uses `sudo` to view the `/user` endpoint - When logging in using the `/session` endpoint
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
api/schemas | Loading commit data... | |
config | Loading commit data... | |
container_registry | Loading commit data... | |
emails | Loading commit data... | |
project_services/campfire | Loading commit data... | |
trace | Loading commit data... | |
GoogleCodeProjectHosting.json | Loading commit data... | |
banana_sample.gif | Loading commit data... | |
blockquote_fence_after.md | Loading commit data... | |
blockquote_fence_before.md | Loading commit data... | |
ci_build_artifacts.zip | Loading commit data... | |
ci_build_artifacts_metadata.gz | Loading commit data... | |
dk.png | Loading commit data... | |
doc_sample.txt | Loading commit data... | |
domain_blacklist.txt | Loading commit data... | |
logo_sample.svg | Loading commit data... | |
markdown.md.erb | Loading commit data... | |
metrics.json | Loading commit data... | |
pages.tar.gz | Loading commit data... | |
pages.zip | Loading commit data... | |
pages.zip.meta | Loading commit data... | |
pages_empty.tar.gz | Loading commit data... | |
pages_empty.zip | Loading commit data... | |
pages_empty.zip.meta | Loading commit data... | |
rails_sample.jpg | Loading commit data... | |
sanitized.svg | Loading commit data... | |
unsanitized.svg | Loading commit data... | |
video_sample.mp4 | Loading commit data... |