df0f19bec7
* Mitigate open redirect vulnerability in login page Current implementation won't allow full url redirection within local origin, and will allow open redirection with href like "//google.com". Comparing redirect url's origin with current origin will ensure the two share the same protocol, hostname, and port. * Update .clabot Add catmandx to list of contributors for creating pull request
5 lines
347 B
Plaintext
5 lines
347 B
Plaintext
{
|
|
"contributors": ["azukaar", "jwr1", "Jogai", "InterN0te", "catmandx"],
|
|
"message": "We require contributors to sign our [Contributor License Agreement](https://github.com/azukaar/Cosmos-Server/blob/master/cla.md). In order for us to review and merge your code, add yourself to the .clabot file as contributor, as a way of signing the CLA."
|
|
}
|