1
0
Fork 0
forked from fedi/mastodon
mastodon/app/views
Claire 876840e9ef
Fix brakeman warning (#15870)
As far as I understand, the brakeman warning was a false-positive as
`content_tag` properly escapes untrusted HTML. Furthermore, the interpolated
string values are built from the “username” part of accounts, which is
restricted to a small subset of ASCII that precludes any XML entity or HTML
code.

This proposed change should be functionally equivalent to the current code,
however it is slightly more robust, it's more idiomatic, and Brakeman will
stop complaining about it.
2021-03-19 23:48:59 +01:00
..
about Fix server rules not being displayed if extended server discription isn't set (#15778) 2021-02-22 18:26:24 +01:00
accounts Display “Show newer” and “Show older” instead of “Show more” in public pages (#15052) 2020-11-04 21:15:45 +01:00
admin Fix brakeman warning (#15870) 2021-03-19 23:48:59 +01:00
admin_mailer Fixed not being able to display review pending hashtags in the admin UI. (#11875) 2019-09-17 16:59:16 +02:00
application Fix lock icon not being shown when locking account in profile settings (#14190) 2020-07-01 13:51:50 +02:00
auth Add ability to require invite request text (#15326) 2020-12-14 10:03:09 +01:00
authorize_interactions Fix misleading error when attempting to re-send a pending follow request (#13133) 2020-02-24 21:19:19 +01:00
directories Fix some account avatars on public pages having incorrect size (#13692) 2020-05-13 21:20:34 +02:00
errors Add specific rate limits for posting and following (#13172) 2020-03-08 15:17:39 +01:00
filters Fix not being able to change world filter expiration back to “Never” (#15858) 2021-03-12 05:25:50 +01:00
follower_accounts Improve blocked view of profiles (#10491) 2019-04-07 04:59:13 +02:00
following_accounts Improve blocked view of profiles (#10491) 2019-04-07 04:59:13 +02:00
home Fix Google Translate breaking web interface (#15610) 2021-01-21 14:29:54 +01:00
invites Remove invite comments from UI (#12068) 2019-10-03 22:37:13 +02:00
kaminari Pagination improvements (#1445) 2017-04-11 01:11:41 +02:00
layouts Fix custom CSS when CDN_HOST is set (#15927) 2021-03-19 20:23:08 +01:00
media Fix expand video on public page (#15469) 2020-12-30 23:18:11 +01:00
notification_mailer Change RTL detection to rely on unicode-bidi paragraph by paragraph (#14573) 2020-12-15 12:56:43 +01:00
oauth Refactor settings controllers (#14767) 2020-09-11 20:56:35 +02:00
public_timelines Fix Google Translate breaking web interface (#15610) 2021-01-21 14:29:54 +01:00
relationships Add interrelationship icon (#15149) 2020-11-12 17:43:12 +01:00
remote_follow Admission-based registrations mode (#10250) 2019-03-14 05:28:30 +01:00
remote_interaction Remove Atom feeds and old URLs in the form of GET /:username/updates/:id (#11247) 2019-07-07 16:16:51 +02:00
settings Fix reference to non-existing translation in the exports page. (#15894) 2021-03-15 02:17:29 +01:00
shared Add honeypot fields and minimum fill-out time for sign-up form (#15276) 2020-12-10 06:27:26 +01:00
shares Add subresource integrity for JS and CSS assets (#15096) 2020-11-06 11:56:31 +01:00
statuses Fix expand video on public page (#15469) 2020-12-30 23:18:11 +01:00
tags Fix Google Translate breaking web interface (#15610) 2021-01-21 14:29:54 +01:00
user_mailer Add WebAuthn as an alternative 2FA method (#14466) 2020-08-24 16:46:27 +02:00
well_known/host_meta Remove dependency on goldfinger gem (#14919) 2020-10-08 00:34:57 +02:00