akkoma/test
Floatingghost 05f8179d08
Some checks are pending
ci/woodpecker/pr/build-amd64 Pipeline is pending
ci/woodpecker/pr/build-arm64 Pipeline is pending
ci/woodpecker/pr/docs Pipeline is pending
ci/woodpecker/pr/lint Pipeline is pending
ci/woodpecker/pr/test Pipeline is pending
ci/woodpecker/push/lint Pipeline was successful
ci/woodpecker/push/test Pipeline was successful
ci/woodpecker/push/build-amd64 Pipeline was successful
ci/woodpecker/push/build-arm64 Pipeline was successful
ci/woodpecker/push/docs Pipeline was successful
check if data is visible before embedding it in OG tags
previously we would uncritically take data and format it into
tags for static-fe and the like - however, instances can be
configured to disallow unauthenticated access to these resources.

this means that OG tags as a vector for information leakage.

_technically_ this should only occur if you have both
restrict_unauthenticated *AND* you run static-fe, which makes no
sense since static-fe is for unauthenticated people in particular,
but hey ho.
2024-04-12 05:16:47 +01:00
..
config remove default emoji file 2022-08-11 19:05:41 +01:00
credo/check/consistency giant massive dep upgrade and dialyxir-found error emporium (#371) 2022-12-14 12:38:48 +00:00
fixtures Only allow exact id matches 2024-03-25 14:05:05 -01:00
instance_static URL encode remote emoji pack names (#362) 2023-01-15 18:14:04 +00:00
mix Always insert Dedupe upload filter 2024-03-18 22:33:10 -01:00
pleroma check if data is visible before embedding it in OG tags 2024-04-12 05:16:47 +01:00
support Only allow exact id matches 2024-03-25 14:05:05 -01:00
test_helper.exs Always insert Dedupe upload filter 2024-03-18 22:33:10 -01:00