pleroma/test/web
Haelwenn (lanodan) Monnier 1257331291
MastodonAPI.StatusView: Do not use site_name
site_name allow to spoof the origin of the domain and so hacks like:

<!-- served on https://hacktivis.me/tmp/joinmastodon.org.html -->
<meta property="og:image" content="https://hacktivis.me/datalove/img/meme/pleroma/mastodon%2C%20forbidden%20amuse%20yourself.jpeg" />
<meta property="og:title" content="Mastodon: Forbidden Amuse Yourself" />
<meta property="og:site_name" content="joinmastodon.org" />
<meta http-equiv="refresh" content="0; url=http://joinmastodon.org/">
2020-02-15 00:36:09 +01:00
..
activity_pub Merge branch 'cancel-follow-request' into 'develop' 2020-02-07 16:10:43 +00:00
admin_api removing confusing error 2020-02-06 12:50:36 +03:00
auth
common_api Fix the confusingly named and inverted logic of "no_attachment_links" 2020-02-11 15:39:19 -06:00
feed fix test 2020-01-27 21:20:33 +03:00
instances
mastodon_api MastodonAPI.StatusView: Do not use site_name 2020-02-15 00:36:09 +01:00
media_proxy
metadata
mongooseim
oauth updated error messages for authentication process 2020-01-17 15:01:37 +03:00
ostatus
pleroma_api/controllers EmojiReactions: Remove old API endpoints 2020-02-07 15:01:45 +01:00
plugs
push
rich_media Revert "Merge branch 'feat/floki-fasthtml' into 'develop'" 2020-02-11 16:55:18 +00:00
static_fe
streamer Merge branch 'fix-streaming-reblog' of git.pleroma.social:pleroma/pleroma into fix-streaming-reblog 2020-01-29 11:52:24 +01:00
twitter_api Restore TwitterAPI tests 2020-02-12 00:51:05 +04:00
views
web_finger
chat_channel_test.exs
fallback_test.exs
federator_test.exs
masto_fe_controller_test.exs
node_info_test.exs
rel_me_test.exs
uploader_controller_test.exs