sergiotarxz/Pleroma
sergiotarxz/Pleroma
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Pleroma/lib/pleroma/web/oauth
History
Ivan Tashkinov 2c68cf7e9e OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix. 
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
..
app.ex
update copyright years to 2019
2018-12-31 15:41:47 +00:00
authorization.ex
Flake Ids for Users and Activities
2019-01-23 11:26:27 +01:00
fallback_controller.ex
Correctly handle invalid credentials on auth login.
2019-01-28 11:41:47 +01:00
oauth_controller.ex
OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
2019-02-07 22:14:06 +03:00
oauth_view.ex
update copyright years to 2019
2018-12-31 15:41:47 +00:00
token.ex
Flake Ids for Users and Activities
2019-01-23 11:26:27 +01:00