about summary refs log tree commit diff
path: root/app/models/account
AgeCommit message (Collapse)Author
2022-11-20Don't allow URLs that contain non-normalized paths to be verified (#20999)David Leadbeater
* Don't allow URLs that contain non-normalized paths to be verified This stops things like https://example.com/otheruser/../realuser where "/otheruser" appears to be the verified URL, but the actual URL being verified is "/realuser" due to the "/../". Also fix a test to use 'https', so it is testing the right thing, now that since #20304 https is required. * missing do
2022-11-11Guard against error extracting `body` from URL (#20428)Emily Strickland
If `Nokogiri::HTML(value).at_xpath('//body')` fails to find the `body` element, it will return `nil`. We can guard against that with an early return. Avoids calling `children` on `Nilclass` in those cases.
2022-11-10Change verification to only work for https links (#20304)Eugen Rochko
Fix #20242
2022-11-10Change link verification to ignore IDN domains (#20295)Eugen Rochko
Fix #3833
2022-11-09Fix being able to spoof link verification (#20217)Eugen Rochko
- Change verification to happen in `default` queue - Change verification worker to only be queued if there's something to do - Add `link` tags from metadata fields to page header of profiles
generated by cgit-pink (git 2.37.1) at 2024-06-26 20:56:05 +0000