forgejo

mirror of https://codeberg.org/forgejo/forgejo.git synced 2024-12-28 02:14:06 -05:00

History

KN4CK3R 7ad63bc41e Disallow dangerous URL schemes (#25960 ) (#25964 ) Regression: https://github.com/go-gitea/gitea/pull/24805 Closes: #25945 - Disallow `javascript`, `vbscript` and `data` (data uri images still work) url schemes even if all other schemes are allowed - Fixed older `cbthunderlink` tests --------- Co-authored-by: delvh <dev.lh@web.de> (cherry picked from commit `ab54310731`)		2023-07-24 07:58:56 +02:00
..
asciicast	Support asciicast files as new markup (#22448 )	2023-01-18 08:46:58 +08:00
common
console	Add context when rendering labels or emojis (#23281 )	2023-03-05 22:59:05 +01:00
csv	Add context when rendering labels or emojis (#23281 )	2023-03-05 22:59:05 +01:00
external
markdown	Replace `interface{}` with `any` (#25686 ) (#25687 )	2023-07-04 23:41:32 -04:00
mdstripper
orgmode	Add context when rendering labels or emojis (#23281 )	2023-03-05 22:59:05 +01:00
camo.go
camo_test.go
html.go	Add RTL rendering support to Markdown (#24816 )	2023-05-20 23:02:52 +02:00
html_internal_test.go	Replace `interface{}` with `any` (#25686 ) (#25687 )	2023-07-04 23:41:32 -04:00
html_test.go	Refactor path & config system (#25330 ) (#25416 )	2023-06-22 16:27:18 +00:00
renderer.go	Add RTL rendering support to Markdown (#24816 )	2023-05-20 23:02:52 +02:00
renderer_test.go	Move `IsReadmeFile*` from `modules/markup/` to `modules/util` (#22877 )	2023-02-13 15:01:09 -05:00
sanitizer.go	Disallow dangerous URL schemes (#25960 ) (#25964 )	2023-07-24 07:58:56 +02:00
sanitizer_test.go	Disallow dangerous URL schemes (#25960 ) (#25964 )	2023-07-24 07:58:56 +02:00