Pleroma

History

rinpatch 6ca709816f Fix object spoofing vulnerability in attachments Validate the content-type of the response when fetching an object, according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects. content-type headers had to be added to many mocks in order to support this, some of this was done with a regex. While I did go over the resulting files to check I didn't modify anything unrelated, there is a possibility I missed something. Closes pleroma#1948		2020-11-12 15:25:33 +03:00
..
activity_pub	Fix object spoofing vulnerability in attachments	2020-11-12 15:25:33 +03:00
admin_api	Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into alexgleason/pleroma-restrict-domain	2020-11-04 15:05:01 +01:00
api_spec
auth
common_api
endpoint
fed_sockets
feed	escaping summary and other fields in xml templates	2020-11-10 10:46:57 +03:00
mastodon_api	Render blurhashes in Mastodon API	2020-11-11 12:51:13 -06:00
media_proxy
metadata
o_auth
o_status
pleroma_api	Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into features/federation-status	2020-11-04 15:38:10 +01:00
plugs
preload/providers
push
rich_media
static_fe
twitter_api
views
web_finger
chat_channel_test.exs
common_api_test.exs	Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into feature/expire-mutes	2020-11-04 16:51:42 +01:00
fallback_test.exs	RedirectController: Don't replace title, but inject into the meta	2020-11-11 17:10:59 +01:00
federator_test.exs
media_proxy_test.exs
metadata_test.exs
mongoose_im_controller_test.exs
node_info_test.exs
rel_me_test.exs
streamer_test.exs	Merge branch 'develop' of git.pleroma.social:pleroma/pleroma into alexgleason/pleroma-restrict-domain	2020-11-04 15:05:01 +01:00
uploader_controller_test.exs
web_finger_test.exs