jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
d00aa847aeb5cd2e0096e281753248e137d5fabf
danbooru/app/models
History
evazion c41e3f4590 saved searches: fix exploit allowing flaggers to be determined. 
Fix an exploit that let you determine the flagger of a post using
`flagger:<username>` saved searches. Saved searches were performed as
DanbooruBot, but since DanbooruBot is a moderator, it let unprivileged
users do `flagger:<username>` searches. Saved searches were done as a
moderator to avoid tag limits, but this is no longer necessary since the
last PostQueryBuilder refactor.

fred get out
2021-09-01 00:55:19 -05:00
..
api_key.rb
Fix #4736: Display network prefix length (if present) in API key IP whitelist.
2021-03-01 02:38:18 -06:00
application_record.rb
artists: redact version histories of banned artists.
2021-02-07 23:28:50 -06:00
artist_commentary_version.rb
searchable: refactor searchable_includes.
2020-12-16 23:57:07 -06:00
artist_commentary.rb
searchable: refactor searchable_includes.
2020-12-16 23:57:07 -06:00
artist_url.rb
artists: add more artist url icons.
2021-03-08 01:30:02 -06:00
artist_version.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
artist.rb
artists: fix error messages for invalid artist names.
2021-03-07 21:07:44 -06:00
ban.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
bulk_update_request.rb
BURs: reduce autorejection timeout from 60 days to 45 days.
2021-08-15 04:51:48 -05:00
comment_vote.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
comment.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
dmail.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
dtext_link.rb
dtext links: fix links from mod-only forum posts being exposed.
2021-03-10 03:08:49 -06:00
email_address.rb
Merge pull request #4674 from BrokenEagle/add-missing-associated-attributes
2021-02-04 00:37:32 -06:00
favorite_group.rb
favgroups: validate that name is present.
2021-03-07 21:15:33 -06:00
favorite.rb
searchable: don't automatically include id, created_at, updated_at.
2020-12-16 23:57:07 -06:00
forum_post_vote.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
forum_post.rb
Forum link search: also include BURs
2021-08-15 02:16:56 -05:00
forum_topic_visit.rb
Fix saved searces, news updates, ip bans being dumped to BigQuery.
2021-03-10 03:08:49 -06:00
forum_topic.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
ip_address.rb
ip addresses: move more logic to Danbooru::IpAddress.
2021-03-01 20:13:14 -06:00
ip_ban.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
ip_geolocation.rb
ip addresses: move more logic to Danbooru::IpAddress.
2021-03-01 20:13:14 -06:00
mod_action.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
moderation_report.rb
modreports: allow users to see modreports they've submitted.
2021-01-16 02:19:25 -06:00
news_update.rb
Fix saved searces, news updates, ip bans being dumped to BigQuery.
2021-03-10 03:08:49 -06:00
note_version.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
note.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
pixiv_ugoira_frame_data.rb
searchable: refactor searchable_includes.
2020-12-16 23:57:07 -06:00
pool_version.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
pool.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
post_appeal.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
post_approval.rb
Fix #4603: Total Upload Limit Being Reduced After A Failed Appeal
2021-06-28 06:04:14 -05:00
post_disapproval.rb
Fix #4853: Users should not be able to search by disapprover
2021-08-31 21:11:07 -05:00
post_event.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
post_flag.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
post_replacement.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
post_version.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
post_vote.rb
posts: allow toggling between upvotes and downvotes.
2021-01-29 02:22:23 -06:00
post.rb
saved searches: fix exploit allowing flaggers to be determined.
2021-09-01 00:55:19 -05:00
rate_limit.rb
rate limits: add /rate_limits endpoint.
2021-03-05 16:47:20 -06:00
saved_search.rb
saved searches: fix exploit allowing flaggers to be determined.
2021-09-01 00:55:19 -05:00
tag_alias.rb
Tag Aliases: automatically remove redundant implications
2021-03-19 15:38:47 +01:00
tag_implication.rb
Tag implications: fix typo in validate error
2021-03-28 14:21:18 +02:00
tag_relationship.rb
BURs: reduce autorejection timeout from 60 days to 45 days.
2021-08-15 04:51:48 -05:00
tag.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
upload.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
user_event.rb
Add in missing available includes
2021-01-22 02:58:30 +00:00
user_feedback.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
user_name_change_request.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
user_session.rb
ip addresses: move more logic to Danbooru::IpAddress.
2021-03-01 20:13:14 -06:00
user_upgrade.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
user.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
wiki_page_version.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00
wiki_page.rb
rubocop: fix various Rubocop warnings.
2021-06-17 04:17:53 -05:00