]> cat aescling's git repositories - mastodon.git/commit
Improve streaming server security (#10818)
authorThibG <thib@sitedethib.com>
Fri, 24 May 2019 13:21:42 +0000 (15:21 +0200)
committerEugen Rochko <eugen@zeonfederated.com>
Fri, 24 May 2019 13:21:42 +0000 (15:21 +0200)
commitd63c3c0cef9ab4e3713c6e4bea28a02f1c1e11a6
tree7ea1070147189090017206a4ff3764e40849589b
parent84dc21d55d8627182ce201baeddb6fbbdf8748c2
Improve streaming server security (#10818)

* Check OAuth token scopes in the streaming API

* Use Sec-WebSocket-Protocol instead of query string to pass WebSocket token

Inspired by https://github.com/kubevirt/kubevirt/issues/1242
app/javascript/mastodon/stream.js
streaming/index.js