This repository has been archived on 2019-05-14. You can view files and clone it, but cannot push or open issues or pull requests.
mastodon/app
Eugen Rochko 2af4f3c4e2 Improve shared status verification (#2525)
* Instead of parsing shared status contents verbatim, make roundtrip
to purported original URL. Confirm that the "original" URL is from the
same domain as the author it claims to be from.

* Fix obvious typo, add comment

* Use URI look-up first

* Add test, update Goldfinger dependency to make less useless HTTP requests per Webfinger lookup
2017-04-27 17:06:47 +02:00
..
assets Last minute Dutch update and fix (after checking on live 1.3RC) (#2529) 2017-04-27 17:00:03 +02:00
controllers Catch error when server decryption fails on 2FA (#2512) 2017-04-27 15:18:21 +02:00
helpers Bump version, improve how version is stored for better commit history (#2526) 2017-04-27 15:22:19 +02:00
lib OEmbed support for PreviewCard (#2337) 2017-04-27 14:42:22 +02:00
mailers Instance helper to replace site title helper (#2038) 2017-04-18 00:16:32 +02:00
models OEmbed support for PreviewCard (#2337) 2017-04-27 14:42:22 +02:00
presenters Bump version, improve how version is stored for better commit history (#2526) 2017-04-27 15:22:19 +02:00
services Improve shared status verification (#2525) 2017-04-27 17:06:47 +02:00
validators Stricter whitelist rules (#2213) 2017-04-26 01:22:51 +02:00
views Bump version, improve how version is stored for better commit history (#2526) 2017-04-27 15:22:19 +02:00
workers Punycode URI normalization (#2370) 2017-04-25 02:47:31 +02:00