mirror of
https://we.phorge.it/source/phorge.git
synced 2024-11-22 23:02:42 +01:00
No description
2f66138464
Summary: Currently, you can set a blog URI to "evil.com" and then the live controller will issue a redirect. Instead, require a CSRF check. If it fails, pop a "this blog has moved" dialog. Test Plan: - Clicked "View Live" for in-app and on-domain blogs and posts. - Hit URI directly. {F33302} Reviewers: vrana Reviewed By: vrana CC: cbg, aran Differential Revision: https://secure.phabricator.com/D5021 |
||
---|---|---|
bin | ||
conf | ||
externals | ||
resources | ||
scripts | ||
src | ||
support | ||
webroot | ||
.arcconfig | ||
.divinerconfig | ||
.editorconfig | ||
.gitignore | ||
LICENSE | ||
NOTICE | ||
README |
Phabricator is a open source collection of web applications which make it easier to write, review, and share source code. Phabricator was developed at Facebook. This is an early release. It's pretty high-quality and usable, but under active development so things may change quickly. You can learn more about the project and find links to documentation and resources at: http://phabricator.org/ LICENSE Phabricator is released under the Apache 2.0 license except as otherwise noted.