Sanitizing Usernames to Prevent URL Encoding Exploits #1
Loading…
Reference in New Issue
There is no content yet.
Delete Branch "Danii/morsel:main"
Deleting a branch is permanent. Although the deleted branch may exist for a short time before cleaning up, in most cases it CANNOT be undone. Continue?
If a post by a user of the name "../logout" is seen, the user is immediately logged out. Accessing the user page of a user by the name of "%20" is impossible. lol. This PR disallows the creation of usernames containing some dangerous characters, among them the octets (%).
WIP: Sanitizing Usernames to Prevent URL Encoding Exploitsto Sanitizing Usernames to Prevent URL Encoding Exploits