TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-18 16:01:40 +03:00
Code Issues Projects Releases Wiki Activity
6e0b009034
Ghost/ghost/core/test/unit/server/services
History
Michael Barrett b36c2356fc
Added custom redirects ReDoS validation (#20515) 
refs
[ENG-709](https://linear.app/tryghost/issue/ENG-709/%F0%9F%90%9B-bad-redirects-causing-container-tear-down)

Added validation to prevent RegEx's susceptible to ReDoS from being used
with custom redirects. Also moved error details out of `context` and
into `errorDetails` to be consistent with error logging elsewhere as
well as fix issue in admin-x where blank screen would be shown when an
error occurred during redirects upload (due to logic not accounting for
`context` being an object)
2024-07-02 16:00:19 +01:00
..
adapter-manager Added JSDoc to adapter options resolver 2022-09-06 17:51:57 +08:00
api-version-compatibility Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
auth Added eslint rule for file naming convention 2023-05-09 12:34:34 -04:00
collections Removed unused collections repositories 2023-07-14 14:20:37 +08:00
custom-redirects Added custom redirects ReDoS validation (#20515) 2024-07-02 16:00:19 +01:00
frontend-data-service Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
link-redirection Added caching to the LinkRedirectRepository (#20036) 2024-04-25 19:17:25 -07:00
link-tracking Added endpoint for fixing newsletter links 2022-10-20 17:50:02 +05:30
mail Added email address alignment protections (#19094) 2023-11-23 10:25:30 +01:00
mail-events Add endpoint to record mail events (#16990) 2023-06-23 12:22:01 +01:00
members 🐛 Fixed unsubscribe button requiring manual action + wrong confirmation 2023-11-08 15:05:47 +01:00
mentions Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
milestones Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
newsletters Fixed clearing invalid sender_email when changing newsletter sender_reply_to (#19555) 2024-01-23 16:10:11 +01:00
notifications Added eslint rule for file naming convention 2023-05-09 12:34:34 -04:00
oembed Support twitter embeds using x as host (#18550) 2023-10-09 15:55:26 -05:00
permissions Removed support for id specific permissions 2024-03-21 00:21:40 +07:00
public-config Updated Sentry env to use PRO_ENV when available (#19441) 2024-01-05 12:10:39 +00:00
route-settings Enforced more Mocha lint rules (#19720) 2024-04-16 09:37:06 +02:00
settings Improved sending email addresses for self-hosters (#19617) 2024-01-30 11:21:08 +01:00
settings-helpers Added eslint rule for file naming convention 2023-05-09 12:34:34 -04:00
slack-notifications Added ability to pass minThreshold for Milestone Slack notifications 2024-03-14 12:06:43 -04:00
staff Moved Milestone emails to GA 2023-03-23 17:35:23 +00:00
stripe Fixed configUtils and adapter cache issues in E2E tests (#16167) 2023-01-30 14:06:20 +01:00
themes Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
tiers Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
url Enforced more Mocha lint rules (#19720) 2024-04-16 09:37:06 +02:00
users Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
webhooks 🔒 Added timestamp to webhook signature hash (#20500) 2024-07-01 15:59:04 +01:00
limits.test.js Updated to use assert/strict everywhere (#17047) 2023-06-21 09:56:59 +01:00
slack.test.js 🐛 Fixed Slack integration using member content in excerpt (#20328) 2024-06-05 17:46:21 +01:00
xmlrpc.test.js Prevent xmlprc tests from outputting errors for failure cases 2023-02-28 11:14:11 +00:00