TheCloud/anubis
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2025-09-21 02:43:26 -04:00
Code Issues Packages Projects Releases Wiki Activity
anubis/.github/actions/spelling
History
Xe Iaso d40e9056bc
fix(lib): block XSS attacks via nonstandard URLs (#904) 
* fix(lib): block XSS attacks via nonstandard URLs

This could allow an attacker to craft an Anubis pass-challenge URL that
forces a redirect to nonstandard URLs, such as the `javascript:` scheme
which executes arbitrary JavaScript code in a browser context when the
user clicks the "Try again" button.

Release-status: cut
Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-07-24 14:05:00 +00:00
..
advice.md
allow.txt
fix(lib): block XSS attacks via nonstandard URLs (#904)
2025-07-24 14:05:00 +00:00
candidate.patterns
excludes.txt
test: add smoke test for git clone (#828)
2025-07-14 14:01:03 +00:00
expect.txt
docs: add blogpost for announcing v1.21.1 (#886)
2025-07-22 16:42:58 -04:00
line_forbidden.patterns
patterns.txt
fix(lib): block XSS attacks via nonstandard URLs (#904)
2025-07-24 14:05:00 +00:00
README.md
reject.txt

README.md

check-spelling/check-spelling configuration

File Purpose Format Info
dictionary.txt Replacement dictionary (creating this file will override the default dictionary) one word per line dictionary
allow.txt Add words to the dictionary one word per line (only letters and 's allowed) allow
reject.txt Remove words from the dictionary (after allow) grep pattern matching whole dictionary words reject
excludes.txt Files to ignore entirely perl regular expression excludes
only.txt Only check matching files (applied after excludes) perl regular expression only
patterns.txt Patterns to ignore from checked lines perl regular expression (order matters, first match wins) patterns
candidate.patterns Patterns that might be worth adding to patterns.txt perl regular expression with optional comment block introductions (all matches will be suggested) candidates
line_forbidden.patterns Patterns to flag in checked lines perl regular expression (order matters, first match wins) patterns
expect.txt Expected words that aren't in the dictionary one word per line (sorted, alphabetically) expect
advice.md Supplement for GitHub comment when unrecognized words are found GitHub Markdown advice

Note: you can replace any of these files with a directory by the same name (minus the suffix) and then include multiple files inside that directory (with that suffix) to merge multiple files together.