rinpatch 6ca709816f Fix object spoofing vulnerability in attachments ... Validate the content-type of the response when fetching an object, according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects. content-type headers had to be added to many mocks in order to support this, some of this was done with a regex. While I did go over the resulting files to check I didn't modify anything unrelated, there is a possibility I missed something. Closes pleroma#1948		2020-11-12 15:25:33 +03:00
..
activity
bbs
captcha
chat
config
conversation
docs
ecto_type
emails
emoji
gopher
gun
helpers
http
instances
mfa
migration_helper
object	Fix object spoofing vulnerability in attachments	2020-11-12 15:25:33 +03:00
reverse_proxy
telemetry
tesla/middleware
tests
upload
uploaders
user
web
workers
activity.ex
application.ex
application_requirements.ex
bookmark.ex
captcha.ex
chat.ex
clippy.ex
config.ex
config_db.ex
constants.ex
conversation.ex
counter_cache.ex
delivery.ex
earmark_renderer.ex
ecto_enums.ex
emoji-data.txt
emoji.ex
filter.ex
following_relationship.ex
formatter.ex
gun.ex
healthcheck.ex
html.ex
http.ex
instances.ex
job_queue_monitor.ex
jwt.ex
keys.ex
list.ex
maintenance.ex
maps.ex
marker.ex
mfa.ex
moderation_log.ex
notification.ex
object.ex
object_tombstone.ex
otp_version.ex
pagination.ex
password_reset_token.ex
registration.ex
release_tasks.ex
repo.ex
report_note.ex
reverse_proxy.ex
scheduled_activity.ex
signature.ex
stats.ex
thread_mute.ex
upload.ex
user.ex
user_invite_token.ex
user_relationship.ex
utils.ex
web.ex
xml_builder.ex