carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity
MarseyWorld/files
History
Snakes fe5ffd1bcf
security: sanitize !YOU! in <a href="">. 
Unlike the recent auto-embed exploits which have been patched, this
requires active user action. However our userbase, like all userbases,
contains quite a few retards and phoneposters who don't check links
before clicking.

Example exploit:

    <a href="https://example.com/log?username=!YOU!">Bardfinn Dox</a>
 		2022-12-05 19:05:02 -05:00
..
assets sneed 2022-12-05 14:22:33 +00:00
classes allow JL3 to edit rules (#39) 2022-12-05 05:22:08 +00:00
events Revert "blizzard submodule" 2022-11-30 16:10:20 -05:00
helpers security: sanitize !YOU! in <a href="">. 2022-12-05 19:05:02 -05:00
routes fix pin awards 2022-12-05 18:01:13 +02:00
templates fix margins 2022-12-05 17:23:41 +02:00
__init__.py
__main__.py ratelimits: turn off autocheck so we can init 2022-11-29 19:29:06 -06:00
cli.py