LogalDeveloper/OwncastSentry
0
Fork 0
Code Issues 4 Actions Releases 4 Activity

User info is not stripped when subscribing to streams. #5

New Issue
Closed
opened 2025-04-05 09:39:07 -04:00 by LogalDeveloper · 0 comments
LogalDeveloper commented 2025-04-05 09:39:07 -04:00
Owner
Copy Link

If user info is included in a URL supplied by a user, it isn't stripped out. This can allow subscription to the same stream multiple times. This has occurred in the wild and likely happens when a user copies the Fediverse tag of an instance rather than just the domain.

image.png

If user info is included in a URL supplied by a user, it isn't stripped out. This can allow subscription to the same stream multiple times. This has occurred in the wild and likely happens when a user copies the Fediverse tag of an instance rather than just the domain. ![image.png](/attachments/89232e21-ed42-4545-b1eb-cb2fbee3911f)
image.png
19 KiB
LogalDeveloper added the Bug label 2025-04-05 09:39:07 -04:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
Bug
Something is not working as expected.
 Enhancement
New feature.
 Help Wanted
Need some help.
 Won't Fix
This will not be fixed.
 Won't Implement
This will not be implemented.
No Label Bug
Milestone
No items
No Milestone
Assignees
Clear assignees
LogalDeveloper
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: LogalDeveloper/OwncastSentry#5
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?