Glitch-Shrike/spec/models
David Leadbeater 69378eac99
Don't allow URLs that contain non-normalized paths to be verified (#20999)
* Don't allow URLs that contain non-normalized paths to be verified

This stops things like https://example.com/otheruser/../realuser where
"/otheruser" appears to be the verified URL, but the actual URL being
verified is "/realuser" due to the "/../".

Also fix a test to use 'https', so it is testing the right thing, now
that since #20304 https is required.

* missing do
2022-11-20 19:28:13 +01:00
..
account Don't allow URLs that contain non-normalized paths to be verified (#20999) 2022-11-20 19:28:13 +01:00
admin Add customizable user roles (#18641) 2022-07-05 02:41:40 +02:00
concerns Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
trends Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
web Fix various typos (#17621) 2022-02-22 20:14:17 +01:00
account_alias_spec.rb
account_conversation_spec.rb
account_deletion_request_spec.rb
account_domain_block_spec.rb
account_filter_spec.rb Add batch suspend for accounts in admin UI (#17009) 2021-12-05 21:48:39 +01:00
account_migration_spec.rb
account_moderation_note_spec.rb
account_spec.rb Fix typos (#19849) 2022-11-08 17:32:03 +01:00
account_statuses_cleanup_policy_spec.rb Fix some flaky tests that randomly failed because of item ordering (#17509) 2022-02-10 22:00:10 +01:00
account_statuses_filter_spec.rb Fix performance of account timelines (#17709) 2022-03-08 09:14:39 +01:00
announcement_mute_spec.rb
announcement_reaction_spec.rb
announcement_spec.rb
appeal_spec.rb Add appeals (#17364) 2022-02-14 21:27:53 +01:00
backup_spec.rb
block_spec.rb
canonical_email_block_spec.rb
conversation_mute_spec.rb
conversation_spec.rb
custom_emoji_category_spec.rb
custom_emoji_filter_spec.rb Fix error when passing unknown filter param in REST API (#20626) 2022-11-14 08:06:06 +01:00
custom_emoji_spec.rb
custom_filter_keyword_spec.rb Revamp post filtering system (#18058) 2022-06-28 09:42:13 +02:00
custom_filter_spec.rb
device_spec.rb
domain_allow_spec.rb
domain_block_spec.rb
email_domain_block_spec.rb Change e-mail domain blocks to match subdomains of blocked domains (#18979) 2022-08-24 19:00:55 +02:00
encrypted_message_spec.rb
export_spec.rb Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
favourite_spec.rb
featured_tag_spec.rb
follow_recommendation_suppression_spec.rb
follow_request_spec.rb Add ability to filter followed accounts' posts by language (#19095) 2022-09-20 23:51:21 +02:00
follow_spec.rb
home_feed_spec.rb Fix single Redis connection being used across all threads (#18135) 2022-04-28 17:47:34 +02:00
identity_spec.rb
import_spec.rb
invite_spec.rb
ip_block_spec.rb
list_account_spec.rb
list_spec.rb
login_activity_spec.rb Add authentication history (#16408) 2021-06-21 17:07:30 +02:00
marker_spec.rb
media_attachment_spec.rb Change max. thumbnail dimensions to 640x360px (360p) (#19619) 2022-11-01 13:01:39 +01:00
mention_spec.rb
mute_spec.rb
notification_spec.rb
one_time_key_spec.rb
poll_spec.rb
poll_vote_spec.rb
preview_card_spec.rb
preview_card_trend_spec.rb Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
public_feed_spec.rb Refactor and improve tests (#17386) 2022-01-28 00:46:42 +01:00
relationship_filter_spec.rb
relay_spec.rb
remote_follow_spec.rb
report_filter_spec.rb
report_spec.rb Change how changes to media attachments are stored for edits (#17696) 2022-03-09 09:06:17 +01:00
rule_spec.rb
scheduled_status_spec.rb
session_activation_spec.rb Add Ruby 3.0 support (#16046) 2021-05-06 14:22:54 +02:00
setting_spec.rb
site_upload_spec.rb
status_edit_spec.rb Add support for editing for published statuses (#16697) 2022-01-19 22:37:27 +01:00
status_pin_spec.rb Add support for private pinned posts (#16954) 2022-01-17 00:49:55 +01:00
status_spec.rb Change public timelines to be filtered by current locale by default (#19291) 2022-10-05 03:48:06 +02:00
status_stat_spec.rb
status_trend_spec.rb Add support for language preferences for trending statuses and links (#18288) 2022-10-08 16:45:40 +02:00
system_key_spec.rb
tag_feed_spec.rb Fix typo in tag_feed_spec.rb (#16466) 2021-07-05 19:16:21 +02:00
tag_follow_spec.rb Add ability to follow hashtags (#18809) 2022-07-17 13:49:29 +02:00
tag_spec.rb Change how hashtags are normalized (#18795) 2022-07-13 15:03:28 +02:00
unavailable_domain_spec.rb
user_invite_request_spec.rb
user_role_spec.rb Add customizable user roles (#18641) 2022-07-05 02:41:40 +02:00
user_spec.rb Add customizable user roles (#18641) 2022-07-05 02:41:40 +02:00
webauthn_credentials_spec.rb
webhook_spec.rb Add administrative webhooks (#18510) 2022-06-09 21:57:36 +02:00