forked from AkkomaGang/akkoma
Floatingghost
05f8179d08
previously we would uncritically take data and format it into tags for static-fe and the like - however, instances can be configured to disallow unauthenticated access to these resources. this means that OG tags as a vector for information leakage. _technically_ this should only occur if you have both restrict_unauthenticated *AND* you run static-fe, which makes no sense since static-fe is for unauthenticated people in particular, but hey ho. |
||
---|---|---|
.. | ||
config | ||
credo/check/consistency | ||
fixtures | ||
instance_static | ||
mix | ||
pleroma | ||
support | ||
test_helper.exs |