pleroma/lib
Ivan Tashkinov 2c68cf7e9e OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix.
(`POST /api/v1/apps` could create "Mastodon-Local" app wth any redirect_uris,
and if that happened before /web/login is accessed for the first time
then Pleroma used this externally created record with arbitrary
redirect_uris and client_secret known by creator).
2019-02-07 22:14:06 +03:00
..
mix/tasks/pleroma mix: add user tag/untag task 2019-02-04 17:04:05 +00:00
pleroma OAuth2 security fixes: redirect URI validation, "Mastodon-Local" security breach fix. 2019-02-07 22:14:06 +03:00
jason_types.ex
transports.ex
xml_builder.ex