Commit graph

6 commits

Author SHA1 Message Date
Oneric ba558c0c24 Limit instance emoji to image types
Else malicious emoji packs or our EmojiStealer MRF can
put payloads into the same domain as the instance itself.
Sanitising the content type should prevent proper clients
from acting on any potential payload.

Note, this does not affect the default emoji shipped with Akkoma
as they are handled by another plug. However, those are fully trusted
and thus not in needed of sanitisation.
2024-03-18 22:33:10 -01:00
FloatingGhost 643b8c5f15 ensure we send the right files for preferred fe 2023-03-12 23:59:10 +00:00
Haelwenn (lanodan) Monnier c4439c630f
Bump Copyright to 2021
grep -rl '# Copyright © .* Pleroma' * | xargs sed -i 's;Copyright © .* Pleroma .*;Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>;'
2021-01-13 07:49:50 +01:00
Alexander Strizhakov b081080dd9
fixes after rebase 2020-10-13 16:44:02 +03:00
Alexander Strizhakov 8dfaa54ffc
InstanceStatic module name 2020-10-13 16:43:55 +03:00
Alexander Strizhakov 2501793f81
moving plugs into web dir 2020-10-13 16:38:19 +03:00
Renamed from lib/pleroma/plugs/instance_static.ex (Browse further)