forked from AkkomaGang/akkoma
Compare commits
36 commits
0b2ec0ccee
...
59af68c600
| Author | SHA1 | Date | |
|---|---|---|---|
 FloatingGhost
|
59af68c600 | ||
|
FloatingGhost
|
ec5db753b9 | ||
|
FloatingGhost
|
9b362a6739 | ||
|
floatingghost
|
643e7dd7c1 | ||
|
d868348fac | ||
|
FloatingGhost
|
cc2614e10b | ||
|
FloatingGhost
|
31d7cc9a9c | ||
|
FloatingGhost
|
8670d89316 | ||
 Sandra Snan
|
2556f44219 | ||
|
FloatingGhost
|
b4399574ca | ||
|
9bbe8b4e84 | ||
|
|
7753fbe633 | ||
|
|
7ae0b2f5bd | ||
|
|
69c11643f7 | ||
|
|
d1af8abe85 | ||
|
|
7017dc92a8 | ||
|
|
06f03f8b22 | ||
|
|
df03e7c8da | ||
|
|
6abee6eb40 | ||
|
|
c2bd73518a | ||
|
|
7f23a3de21 | ||
|
|
0941896a2e | ||
|
|
3e224d24d8 | ||
|
|
16332afb95 | ||
|
|
0ec5cbe701 | ||
|
|
2b2a6d0b3b | ||
|
|
df885b5475 | ||
|
FloatingGhost
|
9c7409808f | ||
|
1f54bea564 | ||
|
FloatingGhost
|
6902ede5b7 | ||
|
FloatingGhost
|
8fd74548ff | ||
|
FloatingGhost
|
8d4d573cc8 | ||
|
bfebb92bea
|
||
|
|
749e9f2229
|
||
|
|
4f57c87be4
|
||
|
|
ae03513934
|
|
|
@ -36,8 +36,8 @@ variables:
|
|||
|
||||
pipeline:
|
||||
# Canonical amd64
|
||||
ubuntu22:
|
||||
image: hexpm/elixir:1.15.4-erlang-25.3.2.5-ubuntu-jammy-20230126
|
||||
debian-bookworm:
|
||||
image: hexpm/elixir:1.15.4-erlang-25.3.2.5-debian-bookworm-20230612
|
||||
<<: *on-release
|
||||
environment:
|
||||
MIX_ENV: prod
|
||||
|
|
@ -50,45 +50,19 @@ pipeline:
|
|||
- *tag-build
|
||||
- mix deps.get --only prod
|
||||
- mix release --path release
|
||||
- zip akkoma-ubuntu-jammy.zip -r release
|
||||
|
||||
release-ubuntu22:
|
||||
image: akkoma/releaser
|
||||
<<: *on-release
|
||||
secrets: *scw-secrets
|
||||
commands:
|
||||
- export SOURCE=akkoma-ubuntu-jammy.zip
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-ubuntu-jammy.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-amd64-ubuntu-jammy.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
|
||||
debian-bookworm:
|
||||
image: hexpm/elixir:1.13.4-erlang-25.3.2.5-debian-bookworm-20230612
|
||||
<<: *on-release
|
||||
environment:
|
||||
MIX_ENV: prod
|
||||
DEBIAN_FRONTEND: noninteractive
|
||||
commands:
|
||||
- apt-get update && apt-get install -y cmake libmagic-dev rclone zip imagemagick libmagic-dev git build-essential gcc make g++ wget
|
||||
- *clean
|
||||
- echo "import Config" > config/prod.secret.exs
|
||||
- *setup-hex
|
||||
- *tag-build
|
||||
- *mix-clean
|
||||
- mix deps.get --only prod
|
||||
- mix release --path release
|
||||
- zip akkoma-amd64.zip -r release
|
||||
|
||||
release-debian:
|
||||
release-debian-bookworm:
|
||||
image: akkoma/releaser
|
||||
<<: *on-release
|
||||
secrets: *scw-secrets
|
||||
commands:
|
||||
- export SOURCE=akkoma-amd64.zip
|
||||
# AMD64
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-amd64.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-debian-stable.zip
|
||||
# Ubuntu jammy (currently compatible)
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-amd64-ubuntu-jammy.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
|
||||
# Canonical amd64-musl
|
||||
|
|
|
|||
|
|
@ -36,8 +36,8 @@ variables:
|
|||
|
||||
pipeline:
|
||||
# Canonical arm64
|
||||
ubuntu22:
|
||||
image: hexpm/elixir:1.15.4-erlang-25.3.2.5-ubuntu-jammy-20230126
|
||||
debian-bookworm:
|
||||
image: hexpm/elixir:1.15.4-erlang-25.3.2.5-debian-bookworm-20230612
|
||||
<<: *on-release
|
||||
environment:
|
||||
MIX_ENV: prod
|
||||
|
|
@ -50,44 +50,18 @@ pipeline:
|
|||
- *tag-build
|
||||
- mix deps.get --only prod
|
||||
- mix release --path release
|
||||
- zip akkoma-ubuntu-jammy.zip -r release
|
||||
- zip akkoma-arm64.zip -r release
|
||||
|
||||
release-ubuntu22:
|
||||
release-debian-bookworm:
|
||||
image: akkoma/releaser:arm64
|
||||
<<: *on-release
|
||||
secrets: *scw-secrets
|
||||
commands:
|
||||
- export SOURCE=akkoma-ubuntu-jammy.zip
|
||||
- export SOURCE=akkoma-arm64.zip
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-arm64-ubuntu-jammy.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
|
||||
debian-bookworm:
|
||||
image: hexpm/elixir:1.15.4-erlang-25.3.2.5-debian-bookworm-20230612
|
||||
<<: *on-stable
|
||||
environment:
|
||||
MIX_ENV: prod
|
||||
DEBIAN_FRONTEND: noninteractive
|
||||
commands:
|
||||
- apt-get update && apt-get install -y cmake libmagic-dev rclone zip imagemagick libmagic-dev git build-essential gcc make g++ wget
|
||||
- *clean
|
||||
- echo "import Config" > config/prod.secret.exs
|
||||
- *setup-hex
|
||||
- *tag-build
|
||||
- *mix-clean
|
||||
- mix deps.get --only prod
|
||||
- mix release --path release
|
||||
- zip akkoma-arm64.zip -r release
|
||||
|
||||
release-debian:
|
||||
image: akkoma/releaser:arm64
|
||||
<<: *on-stable
|
||||
secrets: *scw-secrets
|
||||
commands:
|
||||
- export SOURCE=akkoma-arm64.zip
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-arm64.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
- export DEST=scaleway:akkoma-updates/$${CI_COMMIT_TAG:-"$CI_COMMIT_BRANCH"}/akkoma-debian-stable.zip
|
||||
- /bin/sh /entrypoint.sh
|
||||
|
||||
# Canonical arm64-musl
|
||||
musl:
|
||||
|
|
|
|||
|
|
@ -4,7 +4,7 @@ All notable changes to this project will be documented in this file.
|
|||
|
||||
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||
|
||||
## Unreleased
|
||||
## 2023.08
|
||||
|
||||
## Added
|
||||
|
||||
|
|
@ -26,6 +26,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- Debian OTP builds are now from a base of bookworm, which is OpenSSLv3 compatible.
|
||||
If you use debian OTP builds you will have to update your local system to
|
||||
bookworm (currently: stable).
|
||||
- Ubuntu and debian builds are compatible again! (for now...)
|
||||
- Blocks/Mutes now return from max ID to min ID, in line with mastodon.
|
||||
- The AnonymizeFilename filter is now enabled by default.
|
||||
|
||||
|
|
@ -38,6 +39,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
## Security
|
||||
|
||||
- Add `no_new_privs` hardening to OpenRC and systemd service files
|
||||
- XML parsers cannot load any entities (thanks @Mae@is.badat.dev!)
|
||||
- Reduced permissions of config files and directories, distros requiring greater permissions like group-read need to pre-create the directories
|
||||
|
||||
## Removed
|
||||
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ config :pleroma, :frontends,
|
|||
}
|
||||
```
|
||||
|
||||
This would serve the frontend from the the folder at `$instance_static/frontends/pleroma/stable`. You have to copy the frontend into this folder yourself. You can choose the name and ref any way you like, but they will be used by mix tasks to automate installation in the future, the name referring to the project and the ref referring to a commit.
|
||||
This would serve the frontend from the folder at `$instance_static/frontends/pleroma/stable`. You have to copy the frontend into this folder yourself. You can choose the name and ref any way you like, but they will be used by mix tasks to automate installation in the future, the name referring to the project and the ref referring to a commit.
|
||||
|
||||
Refer to [the frontend CLI task](../../administration/CLI_tasks/frontend) for how to install the frontend's files
|
||||
|
||||
|
|
|
|||
|
|
@ -15,18 +15,14 @@ While in theory OTP releases are possbile to install on any compatible machine,
|
|||
|
||||
### Detecting flavour
|
||||
|
||||
This is a little more complex than it used to be (thanks ubuntu)
|
||||
|
||||
Use the following mapping to figure out your flavour:
|
||||
|
||||
| distribution | architecture | flavour | available branches |
|
||||
| --------------- | ------------------ | ------------------- | ------------------- |
|
||||
| debian bullseye | amd64 | amd64 | develop, stable |
|
||||
| debian bullseye | arm64 | arm64 | stable |
|
||||
| ubuntu focal | amd64 | amd64 | develop, stable |
|
||||
| ubuntu focal | arm64 | arm64 | stable |
|
||||
| ubuntu jammy | amd64 | amd64-ubuntu-jammy | develop, stable |
|
||||
| ubuntu jammy | arm64 | arm64-ubuntu-jammy | develop, stable |
|
||||
| debian bookworm | amd64 | amd64 | develop, stable |
|
||||
| debian bookworm | arm64 | arm64 | stable |
|
||||
| ubuntu jammy | amd64 | amd64 | develop, stable |
|
||||
| ubuntu jammy | arm64 | arm64 | develop, stable |
|
||||
| alpine | amd64 | amd64-musl | stable |
|
||||
| alpine | arm64 | arm64-musl | stable |
|
||||
|
||||
|
|
|
|||
|
|
@ -247,16 +247,22 @@ defmodule Mix.Tasks.Pleroma.Instance do
|
|||
config_dir = Path.dirname(config_path)
|
||||
psql_dir = Path.dirname(psql_path)
|
||||
|
||||
# Note: Distros requiring group read (0o750) on those directories should
|
||||
# pre-create the directories.
|
||||
to_create =
|
||||
[config_dir, psql_dir, static_dir, uploads_dir]
|
||||
|> Enum.reject(&File.exists?/1)
|
||||
|
||||
for dir <- to_create do
|
||||
File.mkdir_p!(dir)
|
||||
File.chmod!(dir, 0o700)
|
||||
end
|
||||
|
||||
shell_info("Writing config to #{config_path}.")
|
||||
|
||||
# Sadly no fchmod(2) equivalent in Elixir…
|
||||
File.touch!(config_path)
|
||||
File.chmod!(config_path, 0o640)
|
||||
File.write(config_path, result_config)
|
||||
shell_info("Writing the postgres script to #{psql_path}.")
|
||||
File.write(psql_path, result_psql)
|
||||
|
|
@ -275,8 +281,7 @@ defmodule Mix.Tasks.Pleroma.Instance do
|
|||
else
|
||||
shell_error(
|
||||
"The task would have overwritten the following files:\n" <>
|
||||
(Enum.map(will_overwrite, &"- #{&1}\n") |> Enum.join("")) <>
|
||||
"Rerun with `--force` to overwrite them."
|
||||
Enum.map_join(will_overwrite, &"- #{&1}\n") <> "Rerun with `--force` to overwrite them."
|
||||
)
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -53,6 +53,7 @@ defmodule Pleroma.Application do
|
|||
Config.DeprecationWarnings.warn()
|
||||
Pleroma.Web.Plugs.HTTPSecurityPlug.warn_if_disabled()
|
||||
Pleroma.ApplicationRequirements.verify!()
|
||||
load_all_pleroma_modules()
|
||||
load_custom_modules()
|
||||
Pleroma.Docs.JSON.compile()
|
||||
limiters_setup()
|
||||
|
|
@ -144,6 +145,23 @@ defmodule Pleroma.Application do
|
|||
end
|
||||
end
|
||||
|
||||
def load_all_pleroma_modules do
|
||||
:code.all_available()
|
||||
|> Enum.filter(fn {mod, _, _} ->
|
||||
mod
|
||||
|> to_string()
|
||||
|> String.starts_with?("Elixir.Pleroma.")
|
||||
end)
|
||||
|> Enum.map(fn {mod, _, _} ->
|
||||
mod
|
||||
|> to_string()
|
||||
|> String.to_existing_atom()
|
||||
|> Code.ensure_loaded!()
|
||||
end)
|
||||
# Use this when 1.15 is standard
|
||||
#|> Code.ensure_all_loaded!()
|
||||
end
|
||||
|
||||
defp cachex_children do
|
||||
[
|
||||
build_cachex("used_captcha", ttl_interval: seconds_valid_interval()),
|
||||
|
|
@ -269,7 +287,6 @@ defmodule Pleroma.Application do
|
|||
|> Config.get([])
|
||||
|> Pleroma.HTTP.AdapterHelper.add_pool_size(pool_size)
|
||||
|> Pleroma.HTTP.AdapterHelper.maybe_add_proxy_pool(proxy)
|
||||
|> Pleroma.HTTP.AdapterHelper.maybe_add_cacerts(:public_key.cacerts_get())
|
||||
|> Keyword.put(:name, MyFinch)
|
||||
|
||||
[{Finch, config}]
|
||||
|
|
|
|||
|
|
@ -22,6 +22,20 @@ defmodule Pleroma.Config.ReleaseRuntimeProvider do
|
|||
|
||||
with_runtime_config =
|
||||
if File.exists?(config_path) do
|
||||
# <https://git.pleroma.social/pleroma/pleroma/-/issues/3135>
|
||||
%File.Stat{mode: mode} = File.lstat!(config_path)
|
||||
|
||||
if Bitwise.band(mode, 0o007) > 0 do
|
||||
raise "Configuration at #{config_path} has world-permissions, execute the following: chmod o= #{config_path}"
|
||||
end
|
||||
|
||||
if Bitwise.band(mode, 0o020) > 0 do
|
||||
raise "Configuration at #{config_path} has group-wise write permissions, execute the following: chmod g-w #{config_path}"
|
||||
end
|
||||
|
||||
# Note: Elixir doesn't provides a getuid(2)
|
||||
# so cannot forbid group-read only when config is owned by us
|
||||
|
||||
runtime_config = Config.Reader.read!(config_path)
|
||||
|
||||
with_defaults
|
||||
|
|
|
|||
|
|
@ -62,6 +62,13 @@ defmodule Pleroma.HTTP do
|
|||
uri = URI.parse(url)
|
||||
adapter_opts = AdapterHelper.options(uri, options || [])
|
||||
|
||||
adapter_opts =
|
||||
if uri.scheme == :https do
|
||||
AdapterHelper.maybe_add_cacerts(adapter_opts, :public_key.cacerts_get())
|
||||
else
|
||||
adapter_opts
|
||||
end
|
||||
|
||||
options = put_in(options[:adapter], adapter_opts)
|
||||
params = options[:params] || []
|
||||
request = build_request(method, headers, options, url, body, params)
|
||||
|
|
|
|||
|
|
@ -477,13 +477,13 @@ defmodule Pleroma.Web.Router do
|
|||
pipe_through(:api)
|
||||
|
||||
get(
|
||||
"/api/v1/akkoma/preferred_frontend/available",
|
||||
"/preferred_frontend/available",
|
||||
FrontendSettingsController,
|
||||
:available_frontends
|
||||
)
|
||||
|
||||
put(
|
||||
"/api/v1/akkoma/preferred_frontend",
|
||||
"/preferred_frontend",
|
||||
FrontendSettingsController,
|
||||
:update_preferred_frontend
|
||||
)
|
||||
|
|
|
|||
|
|
@ -29,7 +29,10 @@ defmodule Pleroma.Web.XML do
|
|||
{doc, _rest} =
|
||||
text
|
||||
|> :binary.bin_to_list()
|
||||
|> :xmerl_scan.string(quiet: true)
|
||||
|> :xmerl_scan.string(
|
||||
quiet: true,
|
||||
allow_entities: false
|
||||
)
|
||||
|
||||
{:ok, doc}
|
||||
rescue
|
||||
|
|
|
|||
2
mix.exs
2
mix.exs
|
|
@ -4,7 +4,7 @@ defmodule Pleroma.Mixfile do
|
|||
def project do
|
||||
[
|
||||
app: :pleroma,
|
||||
version: version("3.9.3"),
|
||||
version: version("3.10.2"),
|
||||
elixir: "~> 1.14",
|
||||
elixirc_paths: elixirc_paths(Mix.env()),
|
||||
compilers: [:phoenix] ++ Mix.compilers(),
|
||||
|
|
|
|||
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
File diff suppressed because it is too large
Load diff
|
|
@ -3,23 +3,18 @@
|
|||
|
||||
detect_flavour() {
|
||||
arch="amd64"
|
||||
# Special cases
|
||||
if grep -qe "VERSION_CODENAME=jammy" /etc/os-release; then
|
||||
echo "$arch-ubuntu-jammy"
|
||||
if getconf GNU_LIBC_VERSION >/dev/null; then
|
||||
libc_postfix=""
|
||||
elif [ "$(ldd 2>&1 | head -c 9)" = "musl libc" ]; then
|
||||
libc_postfix="-musl"
|
||||
elif [ "$(find /lib/libc.musl* | wc -l)" ]; then
|
||||
libc_postfix="-musl"
|
||||
else
|
||||
if getconf GNU_LIBC_VERSION >/dev/null; then
|
||||
libc_postfix=""
|
||||
elif [ "$(ldd 2>&1 | head -c 9)" = "musl libc" ]; then
|
||||
libc_postfix="-musl"
|
||||
elif [ "$(find /lib/libc.musl* | wc -l)" ]; then
|
||||
libc_postfix="-musl"
|
||||
else
|
||||
echo "Unsupported libc" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "$arch$libc_postfix"
|
||||
echo "Unsupported libc" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo "$arch$libc_postfix"
|
||||
}
|
||||
|
||||
detect_branch() {
|
||||
|
|
|
|||
15
test/fixtures/xml_billion_laughs.xml
vendored
Normal file
15
test/fixtures/xml_billion_laughs.xml
vendored
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
<?xml version="1.0"?>
|
||||
<!DOCTYPE lolz [
|
||||
<!ENTITY lol "lol">
|
||||
<!ELEMENT lolz (#PCDATA)>
|
||||
<!ENTITY lol1 "&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;&lol;">
|
||||
<!ENTITY lol2 "&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;&lol1;">
|
||||
<!ENTITY lol3 "&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;&lol2;">
|
||||
<!ENTITY lol4 "&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;&lol3;">
|
||||
<!ENTITY lol5 "&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;&lol4;">
|
||||
<!ENTITY lol6 "&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;&lol5;">
|
||||
<!ENTITY lol7 "&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;&lol6;">
|
||||
<!ENTITY lol8 "&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;&lol7;">
|
||||
<!ENTITY lol9 "&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;&lol8;">
|
||||
]>
|
||||
<lolz>&lol9;</lolz>
|
||||
3
test/fixtures/xml_external_entities.xml
vendored
Normal file
3
test/fixtures/xml_external_entities.xml
vendored
Normal file
|
|
@ -0,0 +1,3 @@
|
|||
<?xml version="1.0" encoding="UTF-8"?>
|
||||
<!DOCTYPE foo [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]>
|
||||
<stockCheck><productId>&xxe;</productId></stockCheck>
|
||||
|
|
@ -13,6 +13,8 @@ defmodule Pleroma.Config.ReleaseRuntimeProviderTest do
|
|||
end
|
||||
|
||||
test "merged runtime config" do
|
||||
assert :ok == File.chmod!("test/fixtures/config/temp.secret.exs", 0o640)
|
||||
|
||||
merged =
|
||||
ReleaseRuntimeProvider.load([], config_path: "test/fixtures/config/temp.secret.exs")
|
||||
|
||||
|
|
@ -21,6 +23,8 @@ defmodule Pleroma.Config.ReleaseRuntimeProviderTest do
|
|||
end
|
||||
|
||||
test "merged exported config" do
|
||||
assert :ok == File.chmod!("test/fixtures/config/temp.exported_from_db.secret.exs", 0o640)
|
||||
|
||||
ExUnit.CaptureIO.capture_io(fn ->
|
||||
merged =
|
||||
ReleaseRuntimeProvider.load([],
|
||||
|
|
@ -33,6 +37,9 @@ defmodule Pleroma.Config.ReleaseRuntimeProviderTest do
|
|||
end
|
||||
|
||||
test "runtime config is merged with exported config" do
|
||||
assert :ok == File.chmod!("test/fixtures/config/temp.secret.exs", 0o640)
|
||||
assert :ok == File.chmod!("test/fixtures/config/temp.exported_from_db.secret.exs", 0o640)
|
||||
|
||||
merged =
|
||||
ReleaseRuntimeProvider.load([],
|
||||
config_path: "test/fixtures/config/temp.secret.exs",
|
||||
|
|
|
|||
15
test/pleroma/web/xml_test.exs
Normal file
15
test/pleroma/web/xml_test.exs
Normal file
|
|
@ -0,0 +1,15 @@
|
|||
defmodule Pleroma.Web.XMLTest do
|
||||
use Pleroma.DataCase, async: true
|
||||
|
||||
alias Pleroma.Web.XML
|
||||
|
||||
test "refuses to parse any entities from XML" do
|
||||
data = File.read!("test/fixtures/xml_billion_laughs.xml")
|
||||
assert(:error == XML.parse_document(data))
|
||||
end
|
||||
|
||||
test "refuses to load external entities from XML" do
|
||||
data = File.read!("test/fixtures/xml_external_entities.xml")
|
||||
assert(:error == XML.parse_document(data))
|
||||
end
|
||||
end
|
||||
Loading…
Reference in a new issue