- Return same error in all cases for login endpoint.
- Log error details in server logs.
- Make most login errors take ~1s to prevent timing attacks.
- Don't return forgot password errors.
- Log password errors in server logs.
- Make most forgot password requests take ~1s to prevent timing attacks.
Fixes#531
* Add expense policy to Fleet handbook
* Removed stray "."
* capitalization, + added a couple of other culture points that stand out
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
* Add nav items for desktop width
* Finish desktop width navigation styles
* Add new assets
* Add mobile menu and graphic
* Add assets and new navigation
* trivial (just for consistency, in case we ever change where that points)
* Make image go away on small screens
* Update deploy-google-cloud-75x60@2x.png
Uploaded correct sized retina image.
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
Co-authored-by: mthomas-fleet <mthomas@fleetdm.com>
Make fleetctl preview available over HTTP
Run a second copy of the Fleet server listening over HTTP on
localhost:1337 so that the UI can be used without the errors displayed
with a self-signed TLS certificate. Osquery clients and fleetctl
continue to communicate with the existing Fleet server on
https://localhost:8412.
Closes#504
Co-authored-by: Mike McNeil <mikermcneil@users.noreply.github.com>
- This seems to be the maintained, trusted (by Homebrew, etc.) version
of go-bindata.
- Add tools.go file to pin version with go modules.
- Use go run to run the binary, making easier configuration for new developers.
This PR includes various fixes to anchor links used in the documentation.
There are certain characters GitHub doesn't support for the use of anchor links in markdown files. The general rule I've found is to only use a-z or A-Z characters in anchor links. All other characters should be removed.
For example, consider the section title How do I connect to the Mailhog simulated server?. The valid GitHub anchor link for this section is #how-do-i-connect-to-the-mailhog-simulated-server. Notice no ?.
Closes#494
- Download configuration on every run. This ensures that users always
get the latest version.
- Pull latest Docker containers on every run.
- Add stop and reset commands (for cleanup).
Fixes#378
This saves a few seconds per test by only creating 10 hosts rather than
1000. The tests required no further changes as they were not using more
than the first few created hosts.
