d
/
akkoma
1
0
Fork 0
Code Releases Wiki Activity
akkoma/lib/pleroma/web/plugs
History
Oneric ba558c0c24 Limit instance emoji to image types 
Else malicious emoji packs or our EmojiStealer MRF can
put payloads into the same domain as the instance itself.
Sanitising the content type should prevent proper clients
from acting on any potential payload.

Note, this does not affect the default emoji shipped with Akkoma
as they are handled by another plug. However, those are fully trusted
and thus not in needed of sanitisation.
 		2024-03-18 22:33:10 -01:00
..
parsers giant massive dep upgrade and dialyxir-found error emporium (#371) 2022-12-14 12:38:48 +00:00
rate_limiter Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
admin_secret_authentication_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
authentication_plug.ex argon2 password hashing (#406) 2022-12-30 02:46:58 +00:00
basic_auth_decoder_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
cache.ex Skip cache when /objects or /activities is authenticated 2022-06-29 20:47:27 +01:00
csp_nonce_plug.ex Add prometheus metrics to router 2022-12-15 02:02:07 +00:00
digest_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
ensure_authenticated_plug.ex [#2510] Improved support for app-bound OAuth tokens. Auth-related refactoring. 2021-02-11 15:02:50 +03:00
ensure_http_signature_plug.ex Simplified HTTP signature processing 2022-12-19 20:41:48 +00:00
ensure_public_or_authenticated_plug.ex [#2510] Improved support for app-bound OAuth tokens. Auth-related refactoring. 2021-02-11 15:02:50 +03:00
ensure_staff_privileged_plug.ex EnsureStaffPrivilegedPlug: don't let non-moderators through 2021-12-27 17:18:26 -06:00
ensure_user_token_assigns_plug.ex [#2510] Improved support for app-bound OAuth tokens. Auth-related refactoring. 2021-02-11 15:02:50 +03:00
expect_authenticated_check_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
expect_public_or_authenticated_check_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
federating_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
frontend_static.ex ensure only pickable frontends can be returned 2023-04-14 17:42:40 +01:00
http_security_plug.ex Support elixir1.15 2023-08-03 17:44:09 +01:00
http_signature_plug.ex Migrate to phoenix 1.7 (#626) 2023-08-15 10:22:18 +00:00
idempotency_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
instance_static.ex Limit instance emoji to image types 2024-03-18 22:33:10 -01:00
mapped_signature_to_identity_plug.ex Check that the signature matches the creator 2022-10-14 11:48:32 +01:00
o_auth_plug.ex OAuthPlug: use user cache instead of joining 2022-09-11 19:55:55 +01:00
o_auth_scopes_plug.ex Add URI matchers 2023-08-06 15:51:21 +01:00
plug_helper.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
rate_limiter.ex Support elixir1.15 2023-08-03 17:44:09 +01:00
remote_ip.ex giant massive dep upgrade and dialyxir-found error emporium (#371) 2022-12-14 12:38:48 +00:00
set_format_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
set_locale_plug.ex Support multiple locales from userLanguage cookie 2022-06-29 20:47:10 +01:00
set_user_session_id_plug.ex Revert "Fix oauth2 (for real) (#179)" 2022-08-21 17:52:02 +01:00
static_fe_plug.ex Redirect to standard FE if logged in 2022-12-07 13:35:00 +00:00
static_no_content_type.ex Add set_content_type to Plug.StaticNoCT 2024-03-04 17:50:20 +01:00
trailing_format_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
uploaded_media.ex Limit instance emoji to image types 2024-03-18 22:33:10 -01:00
user_enabled_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
user_fetcher_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
user_is_admin_plug.ex Bump Copyright to 2021 2021-01-13 07:49:50 +01:00
user_is_staff_plug.ex Moderators: add UserIsStaffPlug 2021-07-12 21:57:52 -05:00
user_tracking_plug.ex Add active user count 2021-01-27 18:20:06 +04:00
utils.ex Limit instance emoji to image types 2024-03-18 22:33:10 -01:00