1
0
Fork 1

Sanitizing Usernames to Prevent URL Encoding Exploits #1

Merged
videotoaster merged 3 commits from Danii/morsel:main into main 2023-01-10 08:48:17 -05:00

If a post by a user of the name "../logout" is seen, the user is immediately logged out. Accessing the user page of a user by the name of "%20" is impossible. lol. This PR disallows the creation of usernames containing some dangerous characters, among them the octets (%).

If a post by a user of the name "../logout" is seen, the user is immediately logged out. Accessing the user page of a user by the name of "%20" is impossible. lol. This PR disallows the creation of usernames containing some dangerous characters, among them the octets (%).
Danii added 3 commits 2023-01-09 10:16:50 -05:00
Danii changed title from WIP: Sanitizing Usernames to Prevent URL Encoding Exploits to Sanitizing Usernames to Prevent URL Encoding Exploits 2023-01-09 10:16:57 -05:00
videotoaster merged commit a58d9c5f06 into main 2023-01-10 08:48:17 -05:00
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: videotoaster/morsel#1
There is no content yet.