TheCloud/anubis
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2025-09-28 23:21:02 -04:00
Code Issues Packages Projects Releases Wiki Activity
anubis/lib
History
Xe Iaso a0a6b3f147
fix(lib): block XSS attacks via nonstandard URLs 
This could allow an attacker to craft an Anubis pass-challenge URL that
forces a redirect to nonstandard URLs, such as the `javascript:` scheme
which executes arbitrary JavaScript code in a browser context when the
user clicks the "Try again" button.

Release-status: cut
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-07-24 13:54:33 +00:00
..
challenge
localization
feat(localization): Add in Bokmål and Nynorsk translations (#855)
2025-07-21 22:37:49 -04:00
policy
feat(expressions): add missingHeader function to bot environment (#870)
2025-07-20 19:09:29 -04:00
store
testdata
anubis_test.go
fix(lib): block XSS attacks via nonstandard URLs
2025-07-24 13:54:33 +00:00
anubis.go
fix(lib): block XSS attacks via nonstandard URLs
2025-07-24 13:54:33 +00:00
config_test.go
config.go
http_test.go
http.go