volse-hubzilla.git - Volse Hubzilla -- soft fork of main Hubzilla core for Volse

	Commit message (Collapse)	Author	Age	Files	Lines
*	CVE-2022-27256: Open redirect via rpath query param.	Harald Eilertsen	2022-03-20	1	-1/+1
\| \| \| \| \| \| \| \|	Don't follow urls to external sites when submitting forms from the settings modules. This mitigates an Open Redirect vulnerability where an attacker could trick a user to go to an attacker controlled destination. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
*	CVE-2022-27258: XSS via rpath query param.	Harald Eilertsen	2022-03-20	1	-4/+4
\| \| \| \| \| \| \| \| \| \|	Escape URLs provided by the rpath query param in settings modules. This prevents a possible Cross-Site scripting vulnerability, where an attacker could inject web scripts and html into the settings form via the rpath query parameter, and have a user execute the script by tricking them to clicking a link. Fixes part of https://framagit.org/hubzilla/core/-/issues/1666
*	move from build_sync_packet() to Libsync::build_sync_packet()	Mario	2020-04-09	1	-1/+3
\|
*	move profile assign selector to profile settings and personal menu selector ↵	Mario Vavti	2018-10-06	1	-1/+29
\| \| \| \|	to channel_home settings and get rid of misc channel settings section.
*	whitespace	Mario Vavti	2018-10-04	1	-1/+0
\|
*	move *_divmore_height setting to the module extra_settings, and fix issue ↵	Mario Vavti	2018-10-04	1	-0/+25
\| \| \| \|	where feature settings were not synced if rpath was provided
*	settings for channel home	Mario Vavti	2018-09-28	1	-0/+43