Infrastructure/ghost
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2025-01-27 22:49:56 -05:00
Code Issues Activity
ghost/core/server/api/v2
History
Fabien O'Carroll b3f66c6c91 Blacklisted private member settings for HTTP calls 
no-issue

Previously it was possible to fetch the private key and session secret
for the members service, this is a security issue as we do not have
specific permissions for individual settings yet, and could have
possibly exposed secrets to admin integrations.
2019-04-16 14:39:01 +02:00
..
utils 🐛 Fixed Admin API v2 wasn't returning preview url 2019-03-21 19:08:38 +01:00
actions.js Added v2 actions endpoint 2019-02-06 21:36:09 +01:00
authors-public.js Renamed authors ctrl to authors-public 2019-02-26 08:33:10 +01:00
config.js Added "useGravatar" to config endpoint in Admin API v2 2019-02-25 15:39:47 +01:00
db.js 🐛 Fixed broken content import in Admin API v2 (#10299) 2018-12-20 11:01:48 +01:00
images.js Renamed uploads to images 2019-02-24 11:18:45 +07:00
index.js Reverted & Solved apiType differently 2019-02-26 08:33:10 +01:00
integrations.js
invites.js Removed x_by fields from API v2 response 2019-01-03 16:38:52 +01:00
mail.js Updated docs links to best equivalents (#10386) 2019-01-17 06:57:37 +00:00
members.js Added Admin API for deleting members (#10673) 2019-04-13 10:38:56 +05:30
notifications.js
oembed.js Added oembed controller to v2 api (#10057) 2018-11-02 09:32:26 +01:00
pages-public.js Separated pages & posts in Admin API v2 (#10494) 2019-02-22 10:17:14 +07:00
pages.js Fixed previews not reflecting changes to scheduled posts on Ghost(Pro) (#10601) 2019-03-12 18:35:54 +00:00
posts-public.js Separated pages & posts in Admin API v2 (#10494) 2019-02-22 10:17:14 +07:00
posts.js Fixed previews not reflecting changes to scheduled posts on Ghost(Pro) (#10601) 2019-03-12 18:35:54 +00:00
preview.js Separated pages & posts in Admin API v2 (#10494) 2019-02-22 10:17:14 +07:00
redirects.js Migrated redirects controller to API v2 (#10053) 2019-01-07 11:32:53 +00:00
roles.js
session.js
settings-public.js 🗑Deprecated ghost_head & ghost_foot in favour of codeinjection_* for Settings API v2 (#10380) 2019-01-15 13:03:17 +01:00
settings.js Blacklisted private member settings for HTTP calls 2019-04-16 14:39:01 +02:00
site.js Added public /site endpoint to Admin API v2 2019-02-25 13:24:19 +01:00
slack.js Added slack controller to v2 API (#10086) 2018-11-06 23:20:43 +01:00
slugs.js
subscribers.js 🐛 Fixed files staying in temp directory after upload is done 2019-01-30 09:24:29 +00:00
tags-public.js Added plugin based author and public tag models in API v2 (#10284) 2019-01-03 20:30:35 +01:00
tags.js Skiped 'all' validations for posts/tags endpoints 2019-02-15 12:19:49 +00:00
themes.js Added back "theme.uploaded" analytics event (#10450) 2019-02-05 17:38:40 +01:00
users.js Separated pages & posts in Admin API v2 (#10494) 2019-02-22 10:17:14 +07:00
webhooks.js Required "event" & "target_url" for webhook creation 2019-02-07 23:21:59 +01:00