mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2025-10-15 19:42:04 +00:00
6226145b0a
Originally reported by jomo (https://jomo.tv). A malicious actor could
register with an email address containing a comment, for example
"attacker@evil (comment@broken)". This commit fixes this issue by only
operating on normalized email addresses.
Signed-off-by: famfo <famfo@famfo.xyz>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| binding.go | ||
| binding_test.go | ||
| email.go | ||
| email_test.go | ||
| glob_pattern_test.go | ||
| helpers.go | ||
| helpers_test.go | ||
| refname_test.go | ||
| regex_pattern_test.go | ||
| validatable.go | ||
| validatable_test.go | ||
| validurl_test.go | ||
| validurllist_test.go | ||