mirror of
https://github.com/TryGhost/Ghost.git
synced 2025-03-11 02:12:21 -05:00
no issue - prevent oembed fetching from accessing IP addresses or localhost domains - prevent oembed endpoint from passing through fetched responses as-is - reject any fetched data that does not validate against the oembed spec - strip any unknown properties from the oembed response before returning Credits: Nick Mykhailyshyn |
||
---|---|---|
.. | ||
client@1a77f94232 | ||
frontend | ||
server | ||
shared/nql-map-key-values | ||
test | ||
index.js |