- aef5cf2 Remove X-Frame-Options in favor of CSP frame-ancestors by Akron · 3 years, 5 months ago
- cce055c Fix error message in case of server error by Akron · 3 years, 5 months ago
- dc0b3ab Show settings only on demand by Akron · 3 years, 5 months ago
- ff08811 Fix rendering error in not authenticated oauth route by Akron · 3 years, 5 months ago
- 1d09b53 Add settings menu by default by Akron · 3 years, 5 months ago
- 276afc0 Update client list API according to API change by Akron · 3 years, 5 months ago
- e997bb5 Improve localization of OAuth2 client and token management by Akron · 3 years, 6 months ago
- 7fb78d6 Deprecate JWT flow in favor of OAuth2 flow by Akron · 3 years, 6 months ago
- ad011bb Disable caching in auth routes by Akron · 3 years, 6 months ago
- 041ca4d Reorganize OAuth endpoints by Akron · 3 years, 6 months ago
- c1aaf93 Allow to revoke tokens by Akron · 3 years, 6 months ago
- aa5cf80 Fix bug where missing documentation raises exceptions in Mojo >= 9.0 by Akron · 3 years, 6 months ago
- 2c2ddbd Introduce autorotating secrets for security by Akron · 3 years, 9 months ago
- abdf9a9 Added query reference plugin to connect and mock query reference api endpoints by Akron · 3 years, 11 months ago
- 3b3a434 Update dependency to recent version of Mojo by Akron · 3 years, 6 months ago
- bc94a9c List tokens of a client by Akron · 3 years, 7 months ago
- dc50c89 Update OAuth2 management parameters to follow the new scheme of Kustvakt by Akron · 3 years, 7 months ago
- 69481a4 Added tests for Mojo >= 9.11 compat by Akron · 3 years, 8 months ago
- 83209f7 Issue a new token for a public client by Akron · 3 years, 10 months ago
- 0e983a0 Add frame-src to Piwik plugin as * may be overwritten by Akron · 3 years, 9 months ago
- 1011daf Make mailto: embedding CSP compliant by Akron · 3 years, 9 months ago
- 08952df Move tracking asset to simplify proxy configuration by Akron · 3 years, 9 months ago
- 30e7bc7 Introduce Kalamar::Request by Akron · 3 years, 9 months ago
- 690066c Enable guided tour with CSP switched on by Akron · 3 years, 10 months ago
- 0a4d36e Support CSP in Matomo/Piwik plugin by Akron · 3 years, 10 months ago
- 8dda1c6 Add CSP compliance to plugins by Akron · 3 years, 10 months ago
- cb5c171 Make notifications framework CSP compliant by Akron · 3 years, 10 months ago
- 52b32d0 Introduce X-XSS-Protection header by Akron · 3 years, 10 months ago
- 88fc41c Introduce X-Frame-Origin header by Akron · 3 years, 10 months ago
- 5b6d727 Improve CORS by Akron · 3 years, 10 months ago
- 807225b Send 'nosniff' header (fixes #97) by Akron · 3 years, 10 months ago
- 1bee5a4 Introduce HSTS header for https_only conf by Akron · 3 years, 10 months ago
- b7b91c5 Remove no-js declaration in nonce-enabled inline script by Akron · 3 years, 10 months ago
- a24af0a Add citation configuration in form of a test by Akron · 3 years, 11 months ago
- eb53ac3 Added nonce helper to CSP plugin by Akron · 3 years, 10 months ago
- 354f453 Establish CSP plugin by Akron · 3 years, 10 months ago
- 8f8deda Remove default endpoint from config file by Akron · 3 years, 10 months ago
- bc6b3f2 Introduce CSP headers to Kalamar (start of #72) by Akron · 3 years, 10 months ago
- 337f15d Introduce CORS headers in proxy by Akron · 3 years, 10 months ago
- 8f9aae5 Update for recent version of Mojolicious by Akron · 4 years ago
- e208d30 Remove email support from login (fixes #99) by Akron · 4 years ago
- c58bfc4 Fix pipes behaviour in mock server to be consistent with Kustvakt by Akron · 4 years, 2 months ago
- ccd9d7d Introduce 'Plugins' plugin to embed external services by Akron · 4 years, 2 months ago
- 88c26b1 Exclude search results from robot indices (closes #120) by Akron · 4 years, 3 months ago
- 7b9a196 Forward pipe to backend by Akron · 4 years, 5 months ago
- 18a2a27 Fixes a test that weirdly fails in recent versions of Mojolicious by Akron · 4 years, 5 months ago
- f1f1df3 Merge "Fix order of promises in login to not wrongfully congratulate on failing login" by Akron · 4 years, 6 months ago
- 3b3c7af Fix order of promises in login to not wrongfully congratulate on failing login by Akron · 4 years, 6 months ago
- 3e0fdc1 Test for long passwords (as this surprisingly broke in older versions) by Akron · 4 years, 6 months ago
- 27031aa Encourage login on zero matches (fixes #67) by Akron · 4 years, 7 months ago
- 7c87c1a Establish 'after_search' hook by Akron · 4 years, 7 months ago
- 4cdc4fc Add content area behind search results in templates by Akron · 4 years, 7 months ago
- e8fdc81 Merge "Declare proxy as stable and enable by default" by Akron · 4 years, 7 months ago
- 8a21b4d Declare proxy as stable and enable by default by Akron · 4 years, 7 months ago
- 17de86e Add OAuth client information page by Akron · 4 years, 7 months ago
- 1a9d5be Added support for OAuth2 client unregistration by Akron · 4 years, 8 months ago
- 3c390c4 Improve status codes and support HTML match responses by Akron · 4 years, 8 months ago
- 0f1b93b Added support for OAuth2 client listing by Akron · 4 years, 8 months ago
- 5999212 Initial token management by Akron · 5 years ago
- d00b427 Improve proxy for redirects by Akron · 4 years, 10 months ago
- 07d8de6 Document the API URI by Akron · 4 years, 10 months ago
- 90be03b Support X-Forwarded-Host name for proxy by Akron · 4 years, 10 months ago
- 23ab047 Make proxy timeouts configurable by Akron · 5 years ago
- b5b70d0 Catch timeouts in proxy by Akron · 5 years ago
- 909ed08 Fixed matchID transformation to deal with textSigles having dashes by Akron · 5 years ago
- f7ec444 Added settings and navi helpers by Akron · 5 years ago
- d512ea6 Generalized the usage of the navigation helper by introducing a 'realm' parameter by Akron · 5 years ago
- 3cfa26d Added 'realm' parameter to 'embedded_link_to' helper by Akron · 5 years ago
- 254fe21 Simplified documentation routing by Akron · 5 years ago
- 9490e3b Generalize documentation helpers by Akron · 5 years ago
- 41a190a Cleanup helper plugins to separate page helpers from functional helpers by Akron · 5 years ago
- 4cefe1f Revoke refresh token on logout (cherrypicked) by Akron · 5 years ago
- cdfd9d5 Implement token refresh mechanism by Akron · 5 years ago
- 4c7cf95 Fix pagination by not repeating page value in URL by Akron · 5 years ago
- 91a7685 Fix treatment of legacy 'collection' parameter by Akron · 5 years ago
- a130fa5 Emit 'after_render' hook in proxy to make requests accessible for post processing by Akron · 5 years ago
- 0c4cd22 Rename all cookies to be instance-independent (Requires relogin) - fixes #94 by Akron · 5 years ago
- 1bd65d9 Updated annotation documentation by Akron · 5 years ago
- b7876a8 Enable experimental proxy via configuration option 'experimental_proxy' by Akron · 5 years ago
- 5fa61e9 Update API for statistics (replace corpusQuery parameters with cq) by Akron · 5 years ago
- cd42a14 Deprecated 'collection' parameter in favor of 'cq' - fixes #92 by Akron · 5 years ago
- 56b3d0d Close connections in proxy as a workaround for problematic connection handling in embedding proxies by Akron · 5 years ago
- 35adb0e Merge "When authorization header exists, do not introduce token (required for proxying)" by Akron · 5 years ago
- 63d963b Added experimental proxy route to backend api - fixes #91 by Akron · 5 years ago
- 4796e00 When authorization header exists, do not introduce token (required for proxying) by Akron · 5 years ago
- 8bbbecf Added token refresh helper for OAuth2 by Akron · 5 years ago
- 33f5c67 Optionally replace JWT request flow with OAuth2 user credential flow by Akron · 5 years ago
- 7eb32c6 Remove deprecated auth_support support by Akron · 5 years ago
- 951a995 Fix path for plugin server demo by Akron · 6 years ago
- 751e9e4 Deal with large numerical values in statistics - fixes #87 by Akron · 6 years ago
- a3c353c Mark total results for cache in case of timeout - fixes #84 by Akron · 6 years ago
- 3d67306 Fix handling of login errors by Akron · 6 years ago
- 1b1a271 Make doc navigation extensible by Akron · 6 years ago
- bc33beb Introduce #search element as required in failure template by Akron · 6 years ago v0.31
- 2d01d29 content_block_ok is not enough to check for existing sidebar content by Akron · 6 years ago
- c82b1bc Introduce headerButtonGroup content_block by Akron · 6 years ago
- a9c8b0e Added 'sidebar' content block and make login form part of Auth plugin by Akron · 6 years ago
- 864c293 Decoupled authentication from core and introduced as a plugin by Akron · 6 years ago
- b89863a Set custom action titles for Ajax request to improve Piwik integration by Akron · 6 years ago v0.30
- 7c75841 Support piwik.embed directive by Akron · 6 years ago