forked from AkkomaGang/akkoma
Floatingghost
05f8179d08
previously we would uncritically take data and format it into tags for static-fe and the like - however, instances can be configured to disallow unauthenticated access to these resources. this means that OG tags as a vector for information leakage. _technically_ this should only occur if you have both restrict_unauthenticated *AND* you run static-fe, which makes no sense since static-fe is for unauthenticated people in particular, but hey ho. |
||
---|---|---|
.. | ||
mix | ||
phoenix/transports/web_socket | ||
pleroma |