ba558c0c24
Else malicious emoji packs or our EmojiStealer MRF can put payloads into the same domain as the instance itself. Sanitising the content type should prevent proper clients from acting on any potential payload. Note, this does not affect the default emoji shipped with Akkoma as they are handled by another plug. However, those are fully trusted and thus not in needed of sanitisation. |
||
---|---|---|
.. | ||
mix | ||
phoenix/transports/web_socket | ||
pleroma |