security: sanitize !YOU! in <a href="">.
Unlike the recent auto-embed exploits which have been patched, this requires active user action. However our userbase, like all userbases, contains quite a few retards and phoneposters who don't check links before clicking. Example exploit: <a href="https://example.com/log?username=!YOU!">Bardfinn Dox</a>pull/51/head
parent
616634158c
commit
fe5ffd1bcf
|
@ -61,7 +61,7 @@ def allowed_attributes(tag, name, value):
|
|||
return False
|
||||
|
||||
if tag == 'a':
|
||||
if name == 'href' and '\\' not in value and 'xn--' not in value:
|
||||
if name == 'href' and '\\' not in value and 'xn--' not in value and '!YOU!' not in value:
|
||||
return True
|
||||
if name == 'rel' and value == 'nofollow noopener': return True
|
||||
if name == 'target' and value == '_blank': return True
|
||||
|
|
Loading…
Reference in New Issue