1
0
Fork 0
forked from fedi/mastodon
mastodon/config
Claire 876840e9ef
Fix brakeman warning (#15870)
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.

This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
..
environments Prepare Mastodon for Rails 6 (#15911) 2021-03-17 10:09:55 +01:00
initializers Prepare Mastodon for zeitwerk autoloader (#15917) 2021-03-19 02:42:43 +01:00
locales Fix brakeman warning (#15870) 2021-03-19 23:48:59 +01:00
webpack Bump js-yaml from 3.14.1 to 4.0.0 (#15484) 2021-01-05 02:08:59 +09:00
application.rb Use more robust hook for loading timestamp_id function into database (#15919) 2021-03-19 02:43:13 +01:00
boot.rb Add clean error message when RAILS_ENV is unset (#15381) 2020-12-20 18:05:03 +01:00
brakeman.ignore Fix some ignored brakeman warnings (#15829) 2021-03-07 07:06:56 +01:00
database.yml config: add DB_SSLMODE for managed/remote PG (#10210) 2019-03-08 14:36:28 +01:00
deploy.rb Bump capistrano from 3.15.0 to 3.16.0 (#15818) 2021-03-05 06:38:52 +09:00
environment.rb Make PreviewCard records reuseable between statuses (#4642) 2017-09-01 16:20:16 +02:00
i18n-tasks.yml Change move handler to carry blocks over (#14144) 2020-07-01 13:51:15 +02:00
navigation.rb Add server rules (#15769) 2021-02-21 19:50:12 +01:00
pghero.yml Fix PgHero Content-Security-Policy when CDN_HOST is used (#13595) 2020-05-04 13:52:41 +02:00
puma.rb Add PERSISTENT_TIMEOUT option (#11756) 2019-09-04 20:44:08 +02:00
routes.rb Add POST /api/v1/emails/confirmations to REST API (#15816) 2021-03-01 18:39:47 +01:00
secrets.yml Upgrade to Rails 5.0.0.1 2016-08-17 17:58:00 +02:00
settings.yml Add ability to require invite request text (#15326) 2020-12-14 10:03:09 +01:00
sidekiq.yml Fix to isolate the sidekiq process that runs the scheduler job (#15314) 2020-12-15 03:04:03 +01:00
themes.yml More polished light theme (#7620) 2018-05-25 18:36:26 +02:00
webpacker.yml Bump webpacker from 3.5.5 to 4.0.2 (#10277) 2019-03-15 15:05:31 +01:00