Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-06-28 10:15:41 +02:00
![]() - Added image type checking, and prevent downloading non images. We didn't checked this before, which could in turn could allow someone to download an arbitrary file. - This also prevents SVG images from being used, while they work on the web-vault and desktop client, they didn't on the mobile versions. - Because of this image type checking we can return a valid file type instead of only 'x-icon' (which is still used as a fallback). - Prevent rel values with `icon-mask`, these are not valid favicons. |
||
---|---|---|
.. | ||
core | ||
admin.rs | ||
icons.rs | ||
identity.rs | ||
mod.rs | ||
notifications.rs | ||
web.rs |