mirror of
https://we.phorge.it/source/phorge.git
synced 2024-09-20 01:08:50 +02:00
No description
66c648cc56
Summary: See T2102 and inline for discussion. This seems like the least-bad approach until we have something better. The utility of next_uri seems much greater than the minor exposure of routable URIs. Note that attackers can //not// detect if routable URIs are //valid// (e.g., "/D999" will always hit the login page whether it exists or not), just that they're routable. So you can only really tell if apps are installed or not. Test Plan: Hit `/alsdknlkasnbla` while logged out, got 404 instead of login. Reviewers: vrana, codeblock, btrahan Reviewed By: codeblock CC: aran Maniphest Tasks: T2102 Differential Revision: https://secure.phabricator.com/D4012 |
||
|---|---|---|
| bin | ||
| conf | ||
| externals | ||
| resources | ||
| scripts | ||
| src | ||
| support | ||
| webroot | ||
| .arcconfig | ||
| .divinerconfig | ||
| .editorconfig | ||
| .gitignore | ||
| .gitmodules | ||
| LICENSE | ||
| NOTICE | ||
| README | ||
Phabricator is a open source collection of web applications which make it easier to write, review, and share source code. Phabricator was developed at Facebook. This is an early release. It's pretty high-quality and usable, but under active development so things may change quickly. You can learn more about the project and find links to documentation and resources at: http://phabricator.org/ LICENSE Phabricator is released under the Apache 2.0 license except as otherwise noted.