mediagoblin.git - MediaGoblin is a free software media publishing platform that anyone can run, with Plyr player for default, search and without nodejs

	Commit message (Collapse)	Author	Age	Files	Lines
*	Fix left over from variable renaming.	Elrond	2013-04-09	1	-1/+4
\|
*	Harden It's Dangerous key management.	Brett Smith	2013-03-24	1	-20/+45
\| \| \| \| \| \| \| \| \| \|	The previous code was theoretically subject to timing attacks, where an attacker could read the key in between the time it was saved to the file and when the chmod happened. This version prevents that by using umasks to ensure the files always have the right permissions. This version also avoids using a key that cannot be saved due to some system setup bug.
*	Improve fs security for itsdangerous secret.	Elrond	2013-03-22	1	-2/+6
\| \| \| \|	Set mode 700 on the directory, mode 600 on the file.
*	Docs for get_timed_signer_url.	Elrond	2013-03-22	1	-0/+26
\|
*	Basic itsdangerous infrastructure.	Elrond	2013-03-22	1	-0/+55
	Implement the basic infrastructure for using itsdangerous in mediagoblin. Usage instructions will follow.