Pleroma

Commit Graph

Author	SHA1	Message	Date
Haelwenn (lanodan) Monnier	c4439c630f	Bump Copyright to 2021 grep -rl '# Copyright © .* Pleroma' * \| xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'	2021-01-13 07:49:50 +01:00
rinpatch	6ca709816f	Fix object spoofing vulnerability in attachments Validate the content-type of the response when fetching an object, according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects. content-type headers had to be added to many mocks in order to support this, some of this was done with a regex. While I did go over the resulting files to check I didn't modify anything unrelated, there is a possibility I missed something. Closes pleroma#1948	2020-11-12 15:25:33 +03:00
Alexander Strizhakov	b081080dd9	fixes after rebase	2020-10-13 16:44:02 +03:00

Author

SHA1

Message

Date

Haelwenn (lanodan) Monnier

c4439c630f

Bump Copyright to 2021

grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'

2021-01-13 07:49:50 +01:00

rinpatch

6ca709816f

Fix object spoofing vulnerability in attachments

Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948

2020-11-12 15:25:33 +03:00

Alexander Strizhakov

b081080dd9

fixes after rebase

2020-10-13 16:44:02 +03:00

3 Commits