1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 08:52:39 +01:00
No description
Find a file
epriestley 2f66138464 Fix an open redirect issue in Phame with "View Live"
Summary: Currently, you can set a blog URI to "evil.com" and then the live controller will issue a redirect. Instead, require a CSRF check. If it fails, pop a "this blog has moved" dialog.

Test Plan:
  - Clicked "View Live" for in-app and on-domain blogs and posts.
  - Hit URI directly.

{F33302}

Reviewers: vrana

Reviewed By: vrana

CC: cbg, aran

Differential Revision: https://secure.phabricator.com/D5021
2013-02-19 16:04:54 -08:00
bin Port Diviner Core to Phabricator 2013-01-07 14:04:23 -08:00
conf Preserving the Animation of Gif Images 2013-02-08 09:42:28 -08:00
externals Tokens v1 2013-02-15 07:47:14 -08:00
resources Accommodate long daemon command lines 2013-02-18 11:51:42 -08:00
scripts Implement basic transaction detail blocks 2013-02-17 06:37:02 -08:00
src Fix an open redirect issue in Phame with "View Live" 2013-02-19 16:04:54 -08:00
support Make it easier to use print_r() debugging 2013-02-11 11:06:59 -08:00
webroot Moved rendering to PholioInlineCommentView 2013-02-19 14:14:40 -08:00
.arcconfig Delete license headers from files 2012-11-05 11:16:51 -08:00
.divinerconfig Centralize rendering of application mail bodies 2012-07-16 19:01:43 -07:00
.editorconfig Specify config for text editors 2012-11-03 22:34:44 -07:00
.gitignore Impact Font Used If Available 2013-02-01 08:19:40 -08:00
LICENSE Delete license headers from files 2012-11-05 11:16:51 -08:00
NOTICE Increment year. 2013-01-03 05:45:08 -08:00
README Delete license headers from files 2012-11-05 11:16:51 -08:00

Phabricator is a open source collection of web applications which make it easier
to write, review, and share source code. Phabricator was developed at Facebook.

This is an early release. It's pretty high-quality and usable, but under
active development so things may change quickly.

You can learn more about the project and find links to documentation and
resources at: http://phabricator.org/

LICENSE

Phabricator is released under the Apache 2.0 license except as otherwise noted.