Stowage/rest-server
2
0
Fork 0
mirror of https://github.com/restic/rest-server.git synced 2025-10-19 07:33:21 +00:00
Code Issues Projects Releases Packages Wiki Activity
rest-server/changelog
History
Juergen Hoetzel 33c41b55bb Security: Prevent loading of usernames containing a slash 
"/" is valid char in HTTP authorization headers, but is also used in
rest-server to map usernames to private repos.

This commit prevents loading maliciously composed usernames like
"/foo/config" by restricting the allowed characters to the unicode
character class, numbers, "-", "." and "@".

Closes #131
2020-12-28 11:30:00 +01:00
..
0.10.0_2020-09-13 Move changelog files for 0.10.0 2020-09-13 11:24:26 +02:00
unreleased Security: Prevent loading of usernames containing a slash 2020-12-28 11:30:00 +01:00
CHANGELOG-GitHub.tmpl Add changelog generated by calens 2018-03-24 17:40:49 +01:00
CHANGELOG.tmpl Update changelog template for rest-server 2020-09-13 12:12:58 +02:00
TEMPLATE Add changelog generated by calens 2018-03-24 17:40:49 +01:00