Sanitizing Usernames to Prevent URL Encoding Exploits #1

Merged
videotoaster merged 3 commits from Danii/morsel:main into main 2 months ago
Danii commented 3 months ago

If a post by a user of the name "../logout" is seen, the user is immediately logged out. Accessing the user page of a user by the name of "%20" is impossible. lol. This PR disallows the creation of usernames containing some dangerous characters, among them the octets (%).

If a post by a user of the name "../logout" is seen, the user is immediately logged out. Accessing the user page of a user by the name of "%20" is impossible. lol. This PR disallows the creation of usernames containing some dangerous characters, among them the octets (%).
Danii added 3 commits 3 months ago
Danii changed title from WIP: Sanitizing Usernames to Prevent URL Encoding Exploits to Sanitizing Usernames to Prevent URL Encoding Exploits 3 months ago
videotoaster merged commit a58d9c5f06 into main 2 months ago
The pull request has been merged as a58d9c5f06.
Sign in to join this conversation.
No reviewers
No Label
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date

No due date set.

Dependencies

No dependencies set.

Reference: videotoaster/morsel#1
Loading…
There is no content yet.