1
0
mirror of https://git.pleroma.social/sjw/pleroma.git synced 2024-12-25 10:17:44 +01:00
pleroma/test/support
rinpatch 6ca709816f Fix object spoofing vulnerability in attachments
Validate the content-type of the response when fetching an object,
according to https://www.w3.org/TR/activitypub/#x3-2-retrieving-objects.

content-type headers had to be added to many mocks in order to support
this, some of this was done with a regex. While I did go over the
resulting files to check I didn't modify anything unrelated, there is a
 possibility I missed something.

Closes pleroma#1948
2020-11-12 15:25:33 +03:00
..
builders Upgrade Comeonin to v5 2020-05-12 17:14:59 -05:00
captcha tests consistency 2020-10-13 16:35:09 +03:00
api_spec_helpers.ex Add OpenAPI spec for PleromaAPI.PleromaAPIController 2020-05-20 15:15:13 +04:00
channel_case.ex Compatibility with phoenix_pubsub 2.0.0 2020-10-07 13:28:39 -05:00
cluster.ex Re-enable the federated tests, increase timeout 2020-07-09 13:49:30 -04:00
conn_case.ex Merge remote-tracking branch 'remotes/origin/develop' into ostatus-controller-no-auth-check-on-non-federating-instances 2020-10-28 19:03:40 +03:00
data_case.ex [#2074] OAuth scope checking in Streaming API. 2020-09-19 19:16:55 +03:00
factory.ex Change user.discoverable field to user.is_discoverable 2020-10-13 09:45:08 -05:00
helpers.ex Update clear_config macro 2020-08-05 17:46:14 +03:00
http_request_mock.ex Fix object spoofing vulnerability in attachments 2020-11-12 15:25:33 +03:00
mrf_module_mock.ex Update Copyrights 2020-03-03 16:44:49 -06:00
oban_helpers.ex Add backups deletion 2020-10-07 18:34:29 +04:00
websocket_client.ex Older copyright updates 2020-03-03 16:46:45 -06:00