1
0
Fork 1
mirror of https://github.com/mastodon/mastodon.git synced 2024-12-14 14:29:28 +00:00
Commit graph

8 commits

Author SHA1 Message Date
Mike Dalessio 82161d8ae5
Change Account::Field parsing to use HTML5::DocumentFragment () 2024-09-08 18:56:18 +00:00
Nick Schonning 717683d1c3
Autofix Rubocop remaining Layout rules () 2023-02-20 06:58:28 +01:00
Nick Schonning 2177daeae9
Autofix Rubocop Style/RedundantBegin () 2023-02-19 07:09:40 +09:00
David Leadbeater 69378eac99
Don't allow URLs that contain non-normalized paths to be verified ()
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since  https is required.

* missing do
2022-11-20 19:28:13 +01:00
Emily Strickland 96f51e593f
Guard against error extracting body from URL ()
If `Nokogiri::HTML(value).at_xpath('//body')` fails to find the `body` element, it will return `nil`. We can guard against that with an early return. Avoids calling `children` on `Nilclass` in those cases.
2022-11-11 21:22:28 +01:00
Eugen Rochko c6c7c6223d
Change verification to only work for https links ()
Fix 
2022-11-10 21:09:03 +01:00
Eugen Rochko 9965a23b04
Change link verification to ignore IDN domains ()
Fix 
2022-11-10 06:27:45 +01:00
Eugen Rochko e98833748e
Fix being able to spoof link verification ()
- Change verification to happen in `default` queue
- Change verification worker to only be queued if there's something to do
- Add `link` tags from metadata fields to page header of profiles
2022-11-09 08:24:21 +01:00