vh/rest-server
1
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-12-07 09:36:13 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity
Files
0a6e0dbdf9d8511fc25776cb7ae2ebc895d25a6a
rest-server/changelog
History
Juergen Hoetzel 33c41b55bb Security: Prevent loading of usernames containing a slash 
"/" is valid char in HTTP authorization headers, but is also used in
rest-server to map usernames to private repos.

This commit prevents loading maliciously composed usernames like
"/foo/config" by restricting the allowed characters to the unicode
character class, numbers, "-", "." and "@".

Closes #131
2020-12-28 11:30:00 +01:00
..
0.10.0_2020-09-13
Move changelog files for 0.10.0
2020-09-13 11:24:26 +02:00
unreleased
Security: Prevent loading of usernames containing a slash
2020-12-28 11:30:00 +01:00
CHANGELOG-GitHub.tmpl
Add changelog generated by calens
2018-03-24 17:40:49 +01:00
CHANGELOG.tmpl
Update changelog template for rest-server
2020-09-13 12:12:58 +02:00
TEMPLATE
Add changelog generated by calens
2018-03-24 17:40:49 +01:00