luna/akkoma
1
0
Fork 0
forked from AkkomaGang/akkoma
Code Issues Pull requests Projects Releases Packages Wiki Activity
akkoma/test/pleroma/web/activity_pub
History
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments 
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
..
mrf Fix warnings 2020-10-15 16:54:59 +04:00
object_validators Ingest blurhash for attachments if they were federated 2020-11-11 12:27:51 -06:00
transmogrifier Fix object spoofing vulnerability in attachments 2020-11-12 15:25:33 +03:00
views tests consistency 2020-10-13 16:35:09 +03:00
activity_pub_controller_test.exs Merge remote-tracking branch 'remotes/origin/develop' into ostatus-controller-no-auth-check-on-non-federating-instances 2020-10-17 13:12:39 +03:00
activity_pub_test.exs Fix object spoofing vulnerability in attachments 2020-11-12 15:25:33 +03:00
mrf_test.exs making credo happy and test fix 2020-11-11 10:48:03 +03:00
pipeline_test.exs tests consistency 2020-10-13 16:35:09 +03:00
publisher_test.exs tests consistency 2020-10-13 16:35:09 +03:00
relay_test.exs tests consistency 2020-10-13 16:35:09 +03:00
side_effects_test.exs tests consistency 2020-10-13 16:35:09 +03:00
transmogrifier_test.exs Merge branch '2242-nsfw-case' into 'develop' 2020-10-23 19:39:42 +00:00
utils_test.exs Merge branch 'develop' into refactor/locked_user_field 2020-10-13 09:54:29 -05:00
visibility_test.exs tests consistency 2020-10-13 16:35:09 +03:00