]> cat aescling's git repositories - mastodon.git/commit
cat aescling's git repositories / mastodon.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b686e27) | patch
Fix rendering `<a>` without `href` when scheme unsupported (#13040)
authorEugen Rochko <eugen@zeonfederated.com>
Sat, 8 Feb 2020 20:22:38 +0000 (21:22 +0100)
committerGitHub <noreply@github.com>
Sat, 8 Feb 2020 20:22:38 +0000 (21:22 +0100)
commitb1349342d200937665ca6486c4b3ba1bae2f9d05
treee1c1c157f4e756b55fc86d3b9207b815ce2e4e34tree | snapshot
parentb686e275e7651532b2203083717d5ef88acb04b1commit | diff
Fix rendering `<a>` without `href` when scheme unsupported (#13040)

- Disallow links with relative paths
- Disallow iframes with non-http protocols and relative paths

Close #13037
app/lib/sanitize_config.rb diff | blob | history
spec/lib/sanitize_config_spec.rb diff | blob | history
source code fur Kibicat Mastodon