c3d14e1fa5
- fix vulnerability in rewrite_relative_url() which prevented some URLs from being properly absolutized - fetch_file_contents: validate all URLs before requesting them - validate URLs: explicitly whitelist http and https scheme, forbid everything else - DiskCache/cached_url: only serve whitelisted content types (images, video) - simplify filename/URL handling code, remove and consolidate some less-used functions |
||
|---|---|---|
| .. | ||
| feeds.php | ||
| filters.php | ||
| labels.php | ||
| prefs.php | ||
| system.php | ||
| users.php | ||