Maxwell Salzberg
190fceaf5c
[SECURITY FIX] please update your pod ASAP
...
This is a fix for public messages, where a malicious pod could spoof a message from someone a user was connected to, as the verified signatures were not checked that the object was also from said sender. This hole only affected public messages, and the private part of code had the correct checks
THX to s-f-s(Stephan Schulz) for reporting and tracking down this issue, and props to Raven24(florian.staudacher@gmx.at ) for helping me test the patch
2012-07-02 10:00:12 -07:00
Steven Hancock
a8de3a5a3f
Rails.root and File.join cleanup
...
- `Rails.root` is a `Pathname`, so let's use `Rails.root.join`
- Clean up most of the remaining `File.join`s
2012-06-11 03:13:20 -07:00
Maxwell Salzberg
b124d3e5a1
Revert "update factory girl" new version does not support 1.8.7 :(
...
This reverts commit c52342b7cb
2012-05-16 17:43:56 -07:00
Maxwell Salzberg
c52342b7cb
update factory girl
2012-05-16 17:17:14 -07:00
Sarah Mei
f1d669a024
Delete all pending specs except stuff we actually want to fix in the short term. Add more useful comments to those.
2011-11-06 21:29:22 -08:00
Ilya Zhitomirskiy
d891e78652
refactored post receiving; only update cache on verfied received objects
2011-10-06 12:31:09 -07:00
danielgrippi
999efbd451
IZ DG MS; fix method call in public receiver
2011-09-15 19:37:56 -07:00
danielgrippi
ba8e50e34c
DG MS; renamed a file; fixed the build
2011-09-15 15:16:34 -07:00
danielgrippi
97f80272b2
DG MS; changed Job:: to Jobs::; require all mail jobs from Job base class
2011-09-15 12:42:53 -07:00
danielgrippi
91e649977c
MS DG update copyright
2011-09-14 11:23:12 -07:00
Maxwell Salzberg
5177e5b218
DG MS test receive_relayable
2011-09-12 14:05:32 -07:00
Maxwell Salzberg
6e60905d0d
DG MS major refactor of salmon and corresponding federation logic
2011-09-12 14:05:32 -07:00
Maxwell Salzberg
e0429ee823
MS DG pulling apart salmon and making our custom hacks more obvious
2011-09-12 14:05:31 -07:00
