akkoma

mirror of https://akkoma.dev/AkkomaGang/akkoma.git synced 2024-09-17 09:29:20 +00:00

History

Oneric ba558c0c24 Limit instance emoji to image types Else malicious emoji packs or our EmojiStealer MRF can put payloads into the same domain as the instance itself. Sanitising the content type should prevent proper clients from acting on any potential payload. Note, this does not affect the default emoji shipped with Akkoma as they are handled by another plug. However, those are fully trusted and thus not in needed of sanitisation.		2024-03-18 22:33:10 -01:00
..
parsers
rate_limiter
admin_secret_authentication_plug.ex
authentication_plug.ex
basic_auth_decoder_plug.ex
cache.ex
csp_nonce_plug.ex
digest_plug.ex
ensure_authenticated_plug.ex
ensure_http_signature_plug.ex
ensure_public_or_authenticated_plug.ex
ensure_staff_privileged_plug.ex
ensure_user_token_assigns_plug.ex
expect_authenticated_check_plug.ex
expect_public_or_authenticated_check_plug.ex
federating_plug.ex
frontend_static.ex	ensure only pickable frontends can be returned	2023-04-14 17:42:40 +01:00
http_security_plug.ex	Support elixir1.15	2023-08-03 17:44:09 +01:00
http_signature_plug.ex	Migrate to phoenix 1.7 (#626 )	2023-08-15 10:22:18 +00:00
idempotency_plug.ex
instance_static.ex	Limit instance emoji to image types	2024-03-18 22:33:10 -01:00
mapped_signature_to_identity_plug.ex
o_auth_plug.ex
o_auth_scopes_plug.ex	Add URI matchers	2023-08-06 15:51:21 +01:00
plug_helper.ex
rate_limiter.ex	Support elixir1.15	2023-08-03 17:44:09 +01:00
remote_ip.ex
set_format_plug.ex
set_locale_plug.ex
set_user_session_id_plug.ex
static_fe_plug.ex
static_no_content_type.ex	Add set_content_type to Plug.StaticNoCT	2024-03-04 17:50:20 +01:00
trailing_format_plug.ex
uploaded_media.ex	Limit instance emoji to image types	2024-03-18 22:33:10 -01:00
user_enabled_plug.ex
user_fetcher_plug.ex
user_is_admin_plug.ex
user_is_staff_plug.ex
user_tracking_plug.ex
utils.ex	Limit instance emoji to image types	2024-03-18 22:33:10 -01:00