From b76107bb240c54ba4d4c8e1d2badd412e5c473fa Mon Sep 17 00:00:00 2001
From: James Moger <james.moger@gitblit.com>
Date: Tue, 04 Nov 2014 17:23:50 -0500
Subject: [PATCH] Whitelist the "target" link attribute in the XSS filter

---
 src/main/java/com/gitblit/manager/IAuthenticationManager.java |   22 ++++++++++++++++++++++
 1 files changed, 22 insertions(+), 0 deletions(-)

diff --git a/src/main/java/com/gitblit/manager/IAuthenticationManager.java b/src/main/java/com/gitblit/manager/IAuthenticationManager.java
index 2665b43..3600b32 100644
--- a/src/main/java/com/gitblit/manager/IAuthenticationManager.java
+++ b/src/main/java/com/gitblit/manager/IAuthenticationManager.java
@@ -85,7 +85,18 @@
 	 * @param user
 	 * @since 1.4.0
 	 */
+	@Deprecated
 	void setCookie(HttpServletResponse response, UserModel user);
+
+	/**
+	 * Sets a cookie for the specified user.
+	 *
+	 * @param request
+	 * @param response
+	 * @param user
+	 * @since 1.6.1
+	 */
+	void setCookie(HttpServletRequest request, HttpServletResponse response, UserModel user);
 
 	/**
 	 * Logout a user.
@@ -93,9 +104,20 @@
 	 * @param user
 	 * @since 1.4.0
 	 */
+	@Deprecated
 	void logout(HttpServletResponse response, UserModel user);
 
 	/**
+	 * Logout a user.
+	 *
+	 * @param request
+	 * @param response
+	 * @param user
+	 * @since 1.6.1
+	 */
+	void logout(HttpServletRequest request, HttpServletResponse response, UserModel user);
+
+	/**
 	 * Does the user service support changes to credentials?
 	 *
 	 * @return true or false

--
Gitblit v1.9.1