bastodon

History

David Leadbeater 69378eac99 Don't allow URLs that contain non-normalized paths to be verified (#20999 ) * Don't allow URLs that contain non-normalized paths to be verified This stops things like https://example.com/otheruser/../realuser where "/otheruser" appears to be the verified URL, but the actual URL being verified is "/realuser" due to the "/../". Also fix a test to use 'https', so it is testing the right thing, now that since #20304 https is required. * missing do		2022-11-20 19:28:13 +01:00
..
config/initializers	Fix rate limiting for paths with formats (#20675 )	2022-11-14 20:26:31 +01:00
controllers	Fix style for hashes (#20518 )	2022-11-17 11:05:39 +01:00
fabricators
features
fixtures	Support for import/export of instance-level domain blocks/allows for 4.x w/ additional fixes (#20597 )	2022-11-17 11:05:09 +01:00
helpers	Test the native_locale_name of a non-standard locale (#20284 )	2022-11-11 00:06:18 +01:00
lib	Fix typos (#19849 )	2022-11-08 17:32:03 +01:00
mailers
models	Don't allow URLs that contain non-normalized paths to be verified (#20999 )	2022-11-20 19:28:13 +01:00
policies
presenters
requests
routing
serializers/activitypub
services	Fix style for hashes (#20518 )	2022-11-17 11:05:39 +01:00
support
validators
views/statuses	Fix style for hashes (#20518 )	2022-11-17 11:05:39 +01:00
workers	Fix followers count not being updated when migrating follows (#19998 )	2022-11-07 15:38:55 +01:00
rails_helper.rb
spec_helper.rb