mirrors/forgejo
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-07-07 17:17:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
forgejo/modules
History
Earl Warren 1075ff74b5
Use restricted sanitizer for repository description (#28141) 
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit 631c87cc23)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-23 16:34:25 +00:00
..
actions chore(actions): support cron schedule task (#26655) 2023-08-24 03:06:51 +00:00
activitypub Upgrade to golangci-lint@v1.55.0 (#27756) 2023-10-24 02:54:59 +00:00
analyze
assetfs Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
auth Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
avatar
base
cache
charset
container
context Add guide page to actions when there's no workflows (#28145) 2023-11-21 08:27:33 +00:00
contexttest Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
csv
doctor Remove action runners on user deletion (#27902) 2023-11-05 13:48:32 +01:00
emoji
eventsource Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
generate
git Upgrade to golangci-lint@v1.55.0 (#27756) 2023-10-24 02:54:59 +00:00
gitgraph More db.DefaultContext refactor (#27265) 2023-09-29 12:12:54 +00:00
graceful Improve graceful manager code/comment (#28063) 2023-11-15 22:02:46 +08:00
hcaptcha
highlight
hostmatcher Support allowed hosts for webhook to work with proxy (#27655) 2023-10-18 09:44:36 +00:00
html
httpcache
httplib
indexer Fix issue not showing on default board and add test (#27720) 2023-10-25 11:51:49 +00:00
issue/template
json
label
lfs Upgrade to golangci-lint@v1.55.0 (#27756) 2023-10-24 02:54:59 +00:00
log Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
markup Use restricted sanitizer for repository description (#28141) 2023-11-23 16:34:25 +00:00
mcaptcha
metrics Reduce usage of db.DefaultContext (#27073) 2023-09-14 17:09:32 +00:00
migration
nosql
options
packages Close all hashed buffers (#27787) 2023-10-25 21:24:24 +02:00
paginator
pprof
private
process Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
proxy
proxyprotocol
public
queue Increase queue length (#27555) 2023-10-10 18:47:49 +08:00
recaptcha
references Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052) 2023-09-14 02:59:53 +00:00
regexplru
repository Refactor system setting (#27000) 2023-10-05 09:08:19 +08:00
secret
session Next round of db.DefaultContext refactor (#27089) 2023-09-16 14:39:12 +00:00
setting add skip ci functionality (#28075) 2023-11-18 13:37:08 +02:00
sitemap
ssh Remove SSH workaround (#27893) 2023-11-03 15:21:05 +00:00
storage Fix object storage path handling (#27024) 2023-09-13 01:18:52 +00:00
structs Fix package webhook (#27839) 2023-10-31 04:43:38 +00:00
svg
sync
system Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
templates Upgrade to golangci-lint@v1.55.0 (#27756) 2023-10-24 02:54:59 +00:00
test Move web/api context related testing function into a separate package (#26859) 2023-09-01 11:26:07 +00:00
testlogger
timeutil
translation
turnstile
typesniffer
updatechecker Replace more db.DefaultContext (#27628) 2023-10-15 17:46:06 +02:00
upload
uri
user
util Upgrade to golangci-lint@v1.55.0 (#27756) 2023-10-24 02:54:59 +00:00
validation Check blocklist for emails when adding them to account (#26812) 2023-08-30 10:46:49 -05:00
web Make CORS work for oauth2 handlers (#28184) 2023-11-23 21:19:26 +08:00
webhook